Tor & disabling IPv6 in Linux

23 06 2012

Install & configure tor / privoxy & proxychains

– Add a new repo

vi /etc/apt/sources.list

deb http://deb.torproject.org/torproject.org lucid main

– Get the key

gpg –keyserver keys.gnupg.net –recv 886DDD89
gpg –export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add –

– Installapt-get update
apt-get install tor tor-geoipdb
apt-get install privoxy

– Check privoxy config to make sure listen address is 127.0.0.1:8118 & configure socks4a proxy

vi /etc/privoxy/config

listen-address 127.0.0.1:8118
forward-socks4a / 127.0.0.1:9050 .

– change keep-alive-timeout & socket-timeout to 600

keep-alive-timeout 600
socket-timeout 600

– Start privoxy

/etc/init.d/privoxy start

– Change your browser to point @ your proxy 127.0.0.1:8118
– Check that you connect over tor

https://check.torproject.org/

– Next up, install proxychains so you can use other tools over tor

apt-get install proxychains

– Verify the following line is in /etc/proxychains.conf

socks4 127.0.0.1 9050

– Remove tor & privoxy from startup (init when you need them)

update-rc.d -f tor remove
update-rc.d -f privoxy remove

– Start them up

service tor start
service privoxy start

– Check its working – “proxychains <command>”

root@bt:~# netstat -antp | grep LISTEN
tcp        0      0 127.0.0.1:8118          0.0.0.0:*               LISTEN      3569/privoxy
tcp        0      0 127.0.0.1:9050          0.0.0.0:*               LISTEN      3562/tor

root@bt:~# curl -s icanhazip.com
101.171.255.232

root@bt:~# proxychains curl -s icanhazip.com
|S-chain|-<>-127.0.0.1:9050-<><>-174.132.254.58:80-<><>-OK
31.172.30.1- Have fun, then shut em down when you are done

service privoxy stop
service tor stop

– There are many reasons you may not want IPv6 running on your machine (for example if you were using tor & didnt want IPv6 traffic to go directly to a target instead of via your IPv4 socks proxy)

root@bt:~# vi /etc/sysctl.conf

#disable ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

root@bt:~# sysctl -p

Advertisements