Using Tor and VPN to Stay Anonymous Online
A proxy hides your true identity and location by directing traffic to and fro your computer via one or more other computers. A proxy is like a web filter which applies proxy settings to data transferred by your browser.
There are public and private proxies you can use, with the private ones often costing a small fee but offering more stable service and dependability.
4.1.1 Why is a Proxy alone is not good enough for a hacker?
Proxies today primarily use SOCKS and HTTP which offers no encryption and SOCKS/HTTPS which encrypts data using SSL-quality encryption. This level of safety is not ideal for a hacker.
We will not focus on proxies in this e-book because it is just not safe enough for a hacker. One reason for this is that many proxies work by sending the user’s original IP address to the destination site, which should be a concern for someone whose security and privacy are of primary importance.
Besides, proxies must be configured separately for each application that accesses the internet such as email app and third-party apps. Always remember that proxies only protect the browser traffic unless you configure every other application with web access (if they support proxy servers).
4.2 Anonymity and Privacy with VPN
VPN is an acronym for Virtual Private Network. This is a type of connection that creates a secure connection to a computer in another location, allowing your computer to appear as if it is in that place. It works by creating an encrypted virtual tunnel to a VPN server and makes all your browsing appear as if to come from it. When you set up a VPN, all your internet traffic will go through this encrypted tunnel, keeping all the information safe from eavesdroppers, other hackers, and pretty much everyone else.
One similarity between a proxy and a VPN is that you get to enjoy all the benefits of the remote server including speed, geographic location appearance, and encrypted data security.
Unlike a proxy server, a VPN service replaces all your ISP routing, routing ALL your traffic through the VPN server. This includes all application and system traffic. Also, while you have to configure proxy servers each time you want to use or disconnect a proxy service, with VPN, you can easily connect or disconnect with the click of a button.
4.2.1 Setting up VPN on Kali Linux
Step 1: Enable VPN on Kali Linux
Start Kali Linux by starting VMware then choose the appropriate file to load.
By default, the VPN section on Kali Linux is grayed out. To enable it, start the terminal right inside Kali and enter the following command:
root@kali:~# apt-get install network-manager-openvpn
In some cases, this may fail, and you may need to restart the network manager and try again to make it work. Restart the network manager using this command:
root@kali:~# service networking restart
Step 2: Download and extract openvpn certs
Still, on your Kali terminal, download the openvpn.zip file from http://www.vpnbook.com/ and save the archive in a location you can access with ease.
Once the download is complete, extract the contents of the file to the right directory. We are interested in the .ovpn file. Use the following command:
unzip -q [archive_filename.zip] -d /etc/openvpn
Step 3: Configure Network Manager to use the VPN
Go to the Network Manager then click on Edit connections.
Adding a new OpenVPN connection
Click on the VPN tab then click Add (+) and on the drop-down menu select type OpenVPN. Click Create. Choose import from file and navigate to the location of the extracted archive. You should find a file with .ovpn extension. Click on it to import.
Find the username and password from http://www.vpnbook.com/
On the new window, click on OpenVPN then fill up the following VPN details:
Click Advanced then check the box to use LZO data compression.
Click OK, then Save and Close to apply the changes.
Your VPN is now configured
4.3 Tor
Tor, derived as an acronym for its original software project name The Onion Router, is a free networking system that enables anonymous communication over the internet. It directs Internet traffic through a free, and global volunteer network made up of more than 6,000 relays to hide a user’s location from anyone carrying out traffic analysis to those conducting network surveillance.
Using Tor makes it almost impossible for anyone to trace or intercept your Internet activity including websites visited and contents, online posts, chat messages, emails, and files shared. The system uses software that was designed specifically to protect the safety and privacy of the users and to promote freedom of communication by keeping users’ Internet activities safe from third-parties.
4.3.1 Setting up Tor Browser on Kali Linux
The first thing you will do in setting up your Kali hacking environment is to download and install the Tor service. Start your emulator (VMware) then load Kali OS. When its state is restored, start the terminal and enter this command: apt-get install tor
Wait for the operation to complete then download and install the Tor bundle from this link: https://www.torproject.org/projects/torbrowser.html.en. Be sure to download the right software for your computer architecture (32-bit or 64-bit). Also, be sure to change your current working directory to the downloads folder. You can use these commands:
cd /Downloads/
You can then use this command to extract the contents of the archive: tar -xJf tor-browser-*
Once extraction is completed, change to the new directory, which should be named tor-browser and begin the installation process. The commands to use are:
cd tor-browser*
./start-tor-browser.desktop
You shouldn’t run into problems running these commands logged in as a superuser. Some guides insist that you create a new user with limited privileges then run the installation using the sudo command. You can try this if the installation does not work for you or if you encounter errors.
Congratulations! You have installed the Tor service and browser.
4.4 Combining VPN and Tor
Modern-day security-conscious hackers who take no chances with online anonymity can set up and use both Tor and VPN on their computers. While this setup will dramatically slow down the connection largely because of Tor’s many relays that data has to pass through before reaching the final destination, it is the safest possible way to send data over the internet securely.
There are two ways to go about using both VPN and Tor to anonymize your data online:
4.4.1 Tor through VPN
In this connection, first, you connect to your VPN server, then connect to the Tor network before accessing the internet. This is how your internet connection is routed when you use the Tor browser (which is less safe) or Whonix (safer) while connected to a VPN server. Your apparent IP on the internet will be the IP provided at the Tor exit node.
Your computer > VPN > Tor > internet
4.4.2 VPN through Tor
With this type of connection, first, you connect to the Tor network and then route your traffic through a VPN server to the internet. This setup requires that you configure your VPN client to work with Tor, which means you will have to find one that supports this type of connection. The best examples are AirVPN and BolehVPN. The greatest benefit of this setup is that you can get to choose a server location while still using the Tor network to stay anonymous.
Your computer > encrypt with VPN > Tor > VPN > internet
4.5 Final Thoughts on Anonymity
To use the Tor service, you must use the Tor browser. Essentially, the browser is designed to point to the Tor nodes that are a special proxy relay servers that the network uses to anonymize data. If you browse using the Firefox or any other browser, you wouldn’t be using the Tor service even if it is installed on your system
Comments
Post a Comment