Eventually, there is a need to access the Internet with an extra layer of privacy. What would one do?
- For a quick search online about a touchy subject without letting “Google” add it to your history, just use the Tor Browser.
- For safely deploying malware and untrustworthy code, use Whonix to set up isolated networks.
- For those who are threatened by governments or fear retaliation and need an anonymous way to communicate, I would recommend using Tails OS.
- For accessing the Internet from a connection that may filter or log traffic, one can use a VPN or enforce full traffic through Tor (“Free VPN”).
Confirm the currently public IP with the following commands. The first is an HTTP (TCP) request and the second is a DNS (UDP) resolution request:
curl ip.me curl -s https://check.torproject.org/api/ip | jq -r '.IsTor' dig +short myip.opendns.com @resolver1.opendns.com
Note: The first command will reveal your real Public IP, the second will identify if your public IP is a Tor Exit node or not, and the third will return your Public IP via UDP DNS query.
INSTALLING TOR TUNNEL
TorTunnel is a Shell script that provides TCP and DNS to the clear Internet via the Tor Network [Link]. It won’t grant access to the DarkWeb with the .onions addresses, not ICMP or UDP.
This script tunnels all system traffic through Tor and was designed and tested on Ubuntu 24.04 LTS. No more SOCKS configuration per application or proxychains.
sudo apt update && sudo apt upgrade -y git clone https://github.com/davift/TorTunnel.git cd TorTunnel sudo ./tortunnel.sh
It requires execution with sudo:
Usage: tortunnel [--backup] [--install|--start] [--restore|--stop] [--refresh] [interface] Required: --backup backup the original system's configuration before installation --install, --start make changes to the system's configuration and start tunneling --restore, --stop restore the backup with original system's configuration --refresh request Tor to acquire a new connection Optional: interface defines what LAN interface to accept traffic on (requires --start)
The TorTunnel arguments:
- –backup
- The first step is to back up the original configuration for later restoration.
- –start
- Then, start tunneling traffic through Tor.
- –stop
- Finally, stop tunneling traffic through Tor.
- –refresh
- Restart the Tor service if necessary. All circuits will be refreshed (new).
- interface (e.g. eth0)
- Optionally, start tunneling traffic through Tor including inbound requests on a given interface.
- With this feature, all other hosts of a LAN could have the traffic transparently router through Tor.
- Also, consider installing a DHCP service to automatically configure the client’s network interfaces in the network segment.
Why should one use TorTunnel?
On many occasions, I am doing a pentesting and need to show up coming from many locations around the planet, making it very hard to track or block.
It can be installed in a system container (LXC) and allows the use of scripts and automation without any modification.
STARTING AND TESTING
sudo ./tortunnel.sh --backup sudo ./tortunnel.sh --start
If on a desktop environment, check again with the online tools BrowserLeaks [Link] and DNS Leak Test [Link].
From a terminal, repeat the HTTP and the DNS tests.
curl ip.me curl -s https://check.torproject.org/api/ip | jq -r '.IsTor' dig +short myip.opendns.com @resolver1.opendns.com
Note: The first command will return the apparent IP address, not the real one. The second will identify that you are using the Tor Network. And the third might not output anything because the Tor network does not route UDP traffic.
BONUS
CloudFlare offers a means to resolve DNS through the Tor network [Link]. It creates a SOCKS proxy service locally that makes the requests over HTTPS (TCP) via Tor. Check it out!
READ MORE
Learn how to Set Up a Tor Node [Link].
Read about Tor Snowflake Against the Internet Censorship [Link].
Deploy Whonix Gateway on Proxmox [Link].
Set up your own OpenVPN Server [Link].
Create a bridge with WireGuard VPN Client and Server [Link].