Set up a Tor relay node on Ubuntu

1. verify that your clock is set correctly

2. install tor

sudo apt-get install tor

3. make sure to define at least Nickname and the listening port, ORPort

sudo vi /etc/tor/torrc

--
.
.
SocksPort 9050 # what port to open for local application connections
SocksListenAddress 127.0.0.1 # accept connections only from localhost
.
Nickname ididnteditheconfig
.
RelayBandwidthRate 20 KBytes # Throttle traffic to 100KB/s (800Kbps)
RelayBandwidthBurst 40 KBytes # But allow bursts up to 200KB/s (1600Kbps)
.
ORPort 9001
.
.

5. restart tor to reload config

sudo /etc/init.d/tor restart

4. add this line to privoxy configuration file /etc/privoxy/config

forward-socks4a / localhost:9050 .

it means tor listens socks4a on port 9050
In the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS server, while in SOCKS 4 it happens locally.

5. according the default setting in /etc/privoxy/config

listen-address 127.0.0.1:8118

port 8118 should be used as http proxy

6. when your browser is set with privoxy proxy, you can check this website to verify

https://torcheck.xenobite.eu/


7. when you check log file, /var/log/tor/log
you may notice the warning message

MMM ddd hh:mm:ss.xxx [warn] Your application (using socks4 to port 80) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS.


TSocks on Slax

1. activate tsocks module

2. make a configuration file to specify socks server

vi /etc/tsocks.conf
--
server = ip
server_port =
server_type = 5 # socks version
local = ip/mask

server ip must
3. run non-socks aware applications from tsocks

tsocks [application [application's arguments]]


Set up Tor on Slax

1. download bundle module of tor and privoxy from http://www.slax.org/modules.php?action=detail&id=343

2. tor runs automatically while activating this module so you'll have to stop it in order to make changes take effect

activate tor-0-1-2-19-privoxy-3-0-8.lzm

Starting privoxy: OK
Starting the Tor daemon: /usr/bin/tor
May 09 15:03:34.170 [notice] Tor v0.1.2.19. This is experimental software. Do not rely on it for strong anonymity.
May 09 15:03:34.177 [notice] Initialized libevent version 1.4.1-beta using method epoll. Good.
May 09 15:03:34.258 [warn] Fixing permissions on directory /var/lib/tor
May 09 15:03:34.258 [notice] Opening Socks listener on 127.0.0.1:9050

torstop

Shutting down Tor & Privoxy

3. add this line to config file of tor if you computer is behind firewall which only allows outgoing ports, 80 and 443 ( http / https )

vi /etc/tor/torrc

FascistFirewall 1


the above option is same to the below lines

ReachableDirAddresses *:80
ReachableORAddresses *:443

3. Start tor again

torstart


Set up Socks 5 server on Ubuntu

1. install dante server

sudo apt-get install dante-server

skip the error message from the output of configure dante-server once installed. that's cause dante configuration was not complete.

2. start editing the config file

vi /etc/danted.conf

--
# log to what file
logoutput: stderr /var/log/danted.log

# listening interface and port
internal: ppp0 port = 80

# outgoing interface
external: ppp0

# method: username requires the client to provide a username and password which match the system password file.

# method: none requires no form of authentication.
method: username

# privileged ports like 80 and 443 must use root permission.
user.privileged: root

# the package seems not complied with libwrap support.
#user.libwrap: nobody

# allowed IPs
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
}

# allowed protocols with these source IPs
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
protocol: tcp udp
}

3. run dante-server

sudo /etc/init.d/danted start


SOCKS Forwarding With OpenSSH on Linux

Run ssh on linux

ssh -D port user@host

-D Specifies a local ``dynamic'' application-level port forwarding.
This works by allocating a socket to listen to port on the local side.
The SOCKS4/5 protocols are supported, and ssh will act as a SOCKS server.

Run putty on Windows

1. Connection -> SSH -> Tunnels
2. type port number into "Source port" then add to set up dynamic fowarding for a listening local port
3. leave Destination blank
4. select Dynamic and Auto
5. fill Hostname and Port of ssh eonnction then Open
6. if you wanna keep the session alive by sending null packets periodically, go to Connection then input seconds

Set Antinat SOCK4 and SOCKS5 compliant server on CentOS

1. yum install antinat
2. vi /etc/antinat.xml
3. Allow only socks5 client from any ip to any destination

<?xml version='1.0'?>
<antinatconfig>
<!-- Any interface -->
<interface value='0.0.0.0'/>

<!-- Port to listen on -->
<port value='1080'/>

<!-- Allow users to be authenticated against UNIX usernames -->
<allowlocalusers/>

<!-- Time in seconds to listen for outside incoming connections when
applications request a BIND operation before timeout -->
<maxbindwait value='60'/>

<!-- demonstration user account -->
<!-- <user user='testuser' password='testpass'/> -->

<!-- What logs should we keep? -->
<log>
<addrdaylog value='/var/log/antinat/day_addr.log'/>
<userdaylog value='/var/log/antinat/day_user.log'/>
<connlog value='/var/log/antinat/connection.log'/>
</log>

<!-- What security methods do we offer clients? -->
<authchoice source_addrtype='ipv4'>
<select mechanism='chap'/>
<select mechanism='cleartext'/>
</authchoice>

<!-- Which connections should we accept or reject? -->
<filter>
<filter source_addrtype='ipv4' dest_addrtype='ipv4'>
<filter user='root'>
<reject/>
</filter>
<filter version='4'>
<reject/>
</filter>
</filter>
<accept/>
</filter>

</antinatconfig>

4. mkdir /var/log/antinat # for logging directory