Jump to content

Tor Vidalia Bundle Tips and Tricks


Sl@pSh0ck™

Recommended Posts

Sl@pSh0ck™

59896533.jpg

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.

Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

onionroutingfig7.png

This tut is made so we can browse a little faster when using Tor, this would also cover some tips and tricks in using Tor vidalia bundle. I am no expert, so please don't expect that this tut would cover everything.

PART 1 - How to browse a little faster using Tor

Tuning of firefox:

In your Firefox borwser address bar - type about:config, then make sure you have these following settings:

network.http.keep-alive.timeout:600 (300ms default is OK usually, but 600 is better.)
network.http.max-persistent-connections-per-proxy:16 (Default is 4)
network.http.pipelining:true (Default- false. Some old HTTP/1.0 servers can't handle it.)
network.http.pipelining.maxrequests:8 (No default)
network.http.proxy.keep-alive:true (Default- true, but double check)
network.http.proxy.pipelining:true (Default- false)

Tuning of polipo:

Open Polipo's config file (c - program files - vidalia - polipo - open config file w/ notepad) and paste this on top:

############################
allowUnalignedRangeRequests = true
disableLocalInterface = true
maxPipelineTrain = 32
proxyName = "Polipo"
proxyPort = 8118
serverMaxSlots = 32

allowedClients = "127.0.0.1"
cacheIsShared = false
censoredHeaders = from,accept-language,x-pad,link
censorReferer = maybe
chunkHighMark = 50000000
disableVia=true
diskCacheRoot=""
localDocumentRoot=""
maxConnectionAge = 300s
maxConnectionRequests = 30000
socksParentProxy=localhost:9050
tunnelAllowedPorts = 1-65535
############################

Tuning of Tor:

torseetingadvance.png

Open torcc file (right click vidalia icon on taskbar - settings - advanced - click browse under "Tor Configuration File" - open torcc w/ notepad and paste this:

# Try for at most NUM seconds when building circuits. If the circuit isn't
# open in that time, give up on it. (Default: 1 minute.)
CircuitBuildTimeout 5
# Send a padding cell every N seconds to keep firewalls from closing our
# connections while Tor is not in use.
KeepalivePeriod 60
# Force Tor to consider whether to build a new circuit every NUM seconds.
NewCircuitPeriod 15
# How many entry guards should we keep at a time?
NumEntryGuards 8

note: if you are using the final version of Tor Vidalia bundle, your CircuitBuildTimeout is already set to a minimum of 30 and minimum of 5 would not work for you. For alpha users, CircuitBuildTimeout of 5 would work.

CircuitBuildTimeout NUM

o Try for at most NUM seconds when building circuits. If the circuit isn't open in that time, give up on it. (Default: 1 minute.) Force circuits that are quick to establish and thus likely to push traffic more quickly. Values as low as 2 seconds have been tried with good results, although this can cause severe damage to the Tor network if your network connection is simply not fast enough to establish any circuits in this time. The effect is a smaller 'Topological Radius' of servers used for Tor, ie the network connections available from your connection. Unfortunately, the smaller you make this number, the smaller the number of paths your client will use, and the less your anonymity.

As of Tor v0.2.1.9-alpha, the CircuitBuildTimeout has been clipped to 30 seconds, which affects some of the tuning recommendations here. From the release notes:" Clip the CircuitBuildTimeout to a minimum of 30 seconds. Warn the user if lower values are given in the configuration. Bugfix on 0.1.1.17-rc. Patch by Sebastian."

NumEntryGuards NUM

o If we are going to be decreasing the CircuitBuildTimeout, you want to increase the likelihood you have a guard node fast enough to build these fast circuits for you. NUM=5 to 8 are good choices here.

KeepalivePeriod NUM

o To keep firewalls from expiring connections, send a padding keepalive cell every NUM seconds on open connections that are in use. If the connection has no open circuits, it will instead be closed after NUM seconds of idleness. (Default: 5 minutes)

NewCircuitPeriod NUM

o Every NUM seconds consider whether to build a new circuit. (Default: 30 seconds) Lets make Tor ready to establish a new circuit more readily.

PART 2 - Tips and Tricks:

We can setup Tor to use a specified exit nodes. This is useful if you want to use, lets says, exit nodes from a certain country only or only use exit nodes w/ high bandwidth( we can use the relay name, IP address or fingerprint of the relay we want to use)

If you only want to use a certain country as exit nodes (exitnodes - this will show as your IP from where you are connecting from). We can do this by using the 2 letter country code. For example you only want your IP to show as coming from United States (for other countries just google for the 2 letter country code):

IF YOU WANT TO USE A SPECIFIC COUNTRY AS EXIT NODES:

for those using final version, paste this on your torcc file:

ExitNodes {US}
StrictExitNodes 1

for those using the alpha version of Tor, paste this on your torcc file:

ExitNodes {US}
StrictNodes 1

note: if you want to use more than one country code, separate them by a comma w/ no spaces (e.g. {US,DE,UK} )

desync.png

IF YOU WANT TO USE A SPECIFIC RELAY NAME AS EXIT NODES:

(we will use desync (fast exitnode from US) as sample)

final:

ExitNodes desync
StrictExitNodes 1

alpha:

ExitNodes desync
StrictNodes 1

IF YOU WANT TO USE A SPECIFIC RELAY NAME AS ENTRY NODES:

final:

EntryNodes desync
StrictEntryNodes 1

alpha:

EntryNodes desync
StrictNodes 1

note: if you want to use more than one entry/exit nodes using relay name, separate them w/ a comma w/ no spaces (e.g. ExitNodes desync,blutmagie,fejk), there is no limit on the number of exit/entry nodes you can specify.

*** you can find and choose exit/entry nodes here

More readings here and here

NOTES:

- not all relays can be used as exit nodes

- don't expect Tor to give you 100% anonymity and security online (nothing does)

- make a backup of the original torcc file before changing/adding anything

- overriding the exit nodes can mess up your anonymity in ways I don't understand

- these settings are intended for testing and may disappear in future versions

*** If anybody wants to add his/her tips/tricks for tor vidalia bundle ... feel free to do so ;)

Link to comment
Share on other sites


  • Replies 13
  • Views 24.2k
  • Created
  • Last Reply

hey thanx nivrid .

i did knew of some but some were new ....

good tutorial ....

;)

Link to comment
Share on other sites


Sl@pSh0ck™

hey thanx nivrid .

i did knew of some but some were new ....

good tutorial ....

;)

Your welcome Bart Simpson :P

Link to comment
Share on other sites


Thank You .. explains it a little better.. :thumbsup:

I have a question.. in the new Alpha bundle, have you had trouble finding and obtaining Bridges? I have not been able to get Bridges for two versions now.. after I updated to 7..

Link to comment
Share on other sites


Sl@pSh0ck™

You will only need bridges if your ISP is blocking Tor nodes, if not then there is really no need for you to use bridges. I havent tried using bridges yet, let me give it a try.

Edit:

bridges working fine here tor 2.2.10 alpha ... might be the bridges your using aren't active anymore?

go here to get fresh bridges: https://bridges.torproject.org

Link to comment
Share on other sites


You will only need bridges if your ISP is blocking Tor nodes, if not then there is really no need for you to use bridges. I havent tried using bridges yet, let me give it a try.

Edit:

bridges working fine here tor 2.2.10 alpha ... might be the bridges your using aren't active anymore?

go here to get fresh bridges: https://bridges.torproject.org

Well my issue came that with a fresh installation with no Bridge list.. it would not connect.. The error was ' Unable to download bridges: HTTP request failed '.. But I will try with the list you have..

Link to comment
Share on other sites


Sl@pSh0ck™

Go to settings - network - make sure everything is unchecked - click OK, then restart vidalia. It should not look for bridges anymore.

35jjktu.png

Link to comment
Share on other sites


Yeah I got that.. I used them not because I had to but because I liked the idea of it.. I think.. not needed though..LOL

Odd thing.. I was wondering if you wouldn't mind seeing if you get better response with Vidalia with this Polipo config.. I have been testing in IE8, switching between yours and mine.. I don't know if its just a change n connection or cache or if its better ( I haven't compared settings yet either.. ) .. If you get a chance..Using your Tor config settings with it..

### $Id: polipo.conf 4189 2009-12-22 16:09:23Z phobos $

#

### Basic configuration

### *******************

# Uncomment one of these if you want to allow remote clients to

# connect:

# proxyAddress = "::0" # both IPv4 and IPv6

# proxyAddress = "0.0.0.0" # IPv4 only

proxyAddress = "127.0.0.1"

proxyPort = 8118

# If you do that, you'll want to restrict the set of hosts allowed to

# connect:

# allowedClients = "127.0.0.1, 134.157.168.57"

# allowedClients = "127.0.0.1, 134.157.168.0/24"

allowedClients = 127.0.0.1

allowedPorts = 1-65535

# Uncomment this if you want your Polipo to identify itself by

# something else than the host name:

proxyName = "Polipo 1.0.4.1"

# Uncomment this if there's only one user using this instance of Polipo:

cacheIsShared = false

# Uncomment this if you want to use a parent proxy:

# parentProxy = "squid.example.org:3128"

# Uncomment this if you want to use a parent SOCKS proxy:

socksParentProxy = "localhost:9050"

socksProxyType = socks5

### Memory

### ******

# Uncomment this if you want Polipo to use a ridiculously small amount

# of memory (a hundred C-64 worth or so):

# chunkHighMark = 819200

# objectHighMark = 128

# Uncomment this if you've got plenty of memory:

chunkHighMark = 50331648

objectHighMark = 16384

#chunkHighMark = 33554432

### On-disk data

### ************

# Uncomment this if you want to disable the on-disk cache:

diskCacheRoot = ""

# Uncomment this if you want to put the on-disk cache in a

# non-standard location:

# diskCacheRoot = "~/.polipo-cache/"

# Uncomment this if you want to disable the local web server:

localDocumentRoot = ""

# Uncomment this if you want to enable the pages under /polipo/index?

# and /polipo/servers?. This is a serious privacy leak if your proxy

# is shared.

# disableIndexing = false

# disableServersList = false

disableLocalInterface = true

disableConfiguration = true

### Domain Name System

### ******************

# Uncomment this if you want to contact IPv4 hosts only (and make DNS

# queries somewhat faster):

#

dnsQueryIPv6 = no

# Uncomment this if you want Polipo to prefer IPv4 to IPv6 for

# double-stack hosts:

#

dnsQueryIPv6 = reluctantly

# Uncomment this to disable Polipo's DNS resolver and use the system's

# default resolver instead. If you do that, Polipo will freeze during

# every DNS query:

# dnsUseGethostbyname = yes

### HTTP

### ****

# Uncomment this if you want to enable detection of proxy loops.

# This will cause your hostname (or whatever you put into proxyName

# above) to be included in every request:

disableVia = true

# Uncomment this if you want to slightly reduce the amount of

# information that you leak about yourself:

#censoredHeaders = from, accept-language

#censorReferer = maybe

censoredHeaders = from,accept-language,x-pad,link

censorReferer = maybe

# Uncomment this if you're paranoid. This will break a lot of sites,

# though:

# censoredHeaders = set-cookie, cookie, cookie2, from, accept-language

# censorReferer = true

# Uncomment this if you want to use Poor Man's Multiplexing; increase

# the sizes if you're on a fast line. They should each amount to a few

# seconds' worth of transfer; if pmmSize is small, you'll want

# pmmFirstSize to be larger.

# Note that PMM is somewhat unreliable.

# pmmFirstSize = 16384

# pmmSize = 8192

# Uncomment this if your user-agent does something reasonable with

# Warning headers (most don't):

# relaxTransparency = maybe

# Uncomment this if you never want to revalidate instances for which

# data is available (this is not a good idea):

# relaxTransparency = yes

# Uncomment this if you have no network:

# proxyOffline = yes

# Uncomment this if you want to avoid revalidating instances with a

# Vary header (this is not a good idea):

# mindlesslyCacheVary = true

# Suggestions from Incognito configuration

maxConnectionAge = 5m

maxConnectionRequests = 120

serverMaxSlots = 8

serverSlots = 2

tunnelAllowedPorts = 1-65535

Link to comment
Share on other sites


Sl@pSh0ck™

Ok I'll check this one out. 

Link to comment
Share on other sites


Cool.. It could be other configuration usage or something, browser cache, IE8 was set to run in Private, also checked with Protected Mode, with Filtering.. using AdBlock, IE7Pro to switch between the proxies so.. I dunno.. just yet..

Link to comment
Share on other sites


Sl@pSh0ck™

Tried your polipo config using my own torcc config and firefox .... I experienced slowness esp in starting a connection w/ a website ... It might be because my own connection is slow that time or what ... it's really hard to say ... more in depth testing is needed I guess. I haven't looked for the differences/similarities b/w your polipo config and the one I'm using though ... will give you a follow when I have time to go through w/ them.

Link to comment
Share on other sites


Sl@pSh0ck™

@heath

I think regardless of your polipo config ... what would matter is how you setup your tor config .. I tried using my polipo config w/ the default torcc and I am browsing slower, tried to change torcc and specified my preferred exit nodes (hight bandwidth exit nodes only) and that makes a big difference in browsing speed.

Try your own polipo config and add this to your torcc file:

# Try for at most NUM seconds when building circuits. If the circuit isn't
# open in that time, give up on it. (Default: 1 minute.)
CircuitBuildTimeout 5
# Send a padding cell every N seconds to keep firewalls from closing our
# connections while Tor is not in use.
KeepalivePeriod 60
# Force Tor to consider whether to build a new circuit every NUM seconds.
NewCircuitPeriod 15
# How many entry guards should we keep at a time?
NumEntryGuards 8

for final tor version:
ExitNodes desync
StrictExitNodes 1

for alpha tor version:
ExitNodes desync
StrictNodes 1

Link to comment
Share on other sites


Sl@pSh0ck™

Ok, try adding more high bandwidth exit nodes for stability of your connections, also if you want you can specify high bandwidth entry nodes as well. Good luck ;)

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...