Keeping anonymity with TOR in a kali Linux environment.
On my first tutorial post, I will explain you what is tor network, how it works, why is a good choice if you want to enable anonymous communication and how to install it on a Linux machine.
Well, to start with, let´s talk about Tor. It is a free, open-source software (freely licensed to use) developed by "The Tor Project". The main usage is to make more difficult to trace the Internet activity of the user. I like to use it and protect my privacy.
It uses which is called "Onion routing", a technique for annonymous communication that encapsulates messages in layers of encryption to ensure forward secrecy between relays. This was developed to encrypt United States Navy communications.
In the usual routing we are connecting to the Intertet servers directly. If someone intercepts the packages we send, he can find where those packages come from and where they are going. If we use Onion Routing, the data we are sending uses a non-direct path, travelling through different nodes. Through asymmetric encryption they are encripted like an onion, by layers.
You can see a representative example of the packet´s path in the next picture from https://www.codeproject.com/
The installation of Tor in Windows is very easy. You have to download it from https://www.torproject.org/download/#windows, execute the .exe file and that´s all, now you can start your Tor Browser!
Now, if you want to install it in Kali Linux, you should follow these steps and see how it works.
- Open a terminal. Clone torghost from github with this command: git clone https://github.com/SusmithKrishnan/torghost.git
- Go to torghost directory: cd torghost
- Change permissons for build.sh: chmod +x build.sh
- Execute .sh: ./build.sh
Now it should be installed. If you want to check it, write in the terminal: sudo torghost (You need to be admin for all tor executions).
Now, as you can see, torghost is installed for its updated 3.1.1 version.
Using this tool is easy, you have to follow the next steps but first, I will show you which is my public IP address before executing it:
- sudo torghost -s. This command starts the service. Now, if you check again your IP address, you can see that it has changed.
- If you want to change the tor exit node, just type: sudo torghost -r. This will change of node as many times as you want.
To finish the tor service, you have to type: sudo torghost -x
Always remember, there is not a tool that can provide a 100% reliability when it comes to anonymity in Internet. But using Tor or a VPN (I will post later about differences between these two) can help a lot.
Lastly, I want to talk about the "onion sites". A “.onion” address points to a Tor hidden service, which is a server you can only access through Tor network and Tor browser. You must be careful when visiting those sites, as you can find ilegal content like guns, pornography or drugs. You can find common onion sites, have a look at this article for some examples: https://privacypros.io/tor/best-onion-sites/
Always be aware of those sites and surf the net carefully.
Thanks you all for reading this, I hope it can be useful for you.