VPN TOR Settings

[paul464646]

Just updated my RT-N66U with Merlin's version 378.52. My question under VPN settings TOR menu, what is TOR? as I have googled and haven't found any positive info with regards to TOR with RT-N66U.

Any assistance would gratefully received.

 

[octopus]

https://www.torproject.org/

 

[paul464646]

Many thanks quick response and after reading the above link, I have a couple of questions:-

1) Enabling the TOR setting within my outer, dose that main all internet traffic from my side will go through TOR network?

2) With TOR enabled on my router, does that mean other people on the web (WAN) with TOR enabled might be bounced of my connection?

3) Last one............... Any tests / checks I can run with TOR enabled to confirm it's operating?

Many thanks again.

 

[Nimloth]

1) I think that's the point
3) https://check.torproject.org/

 

[octopus]

You can use "only specified MACs" or "LAN (br0)" click around in TOR interface and you will se.

 

[cyborgpunte]

not all ports and protocols

1) Enabling the TOR setting within my outer, dose that main all internet traffic from my side will go through TOR network?

 

[hardtotell]

Here's how I use Tor and Privoxy together on the router to stay anonymous. OR, you could simply install the Tor Browser Bundle on your computer and be done with it.

Tor is a SOCKS5 proxy, listening on port 9050. When configured properly, your web requests will appear to originate from some random Tor exit node, located somewhere else in the world.

Privoxy is an HTTP/HTTPS proxy, listening on port 8118, AND it may be configured to forward to Tor port 9050. After running the Entware setup, you will be able to install Privoxy on the router.

Privoxy is configured with:
forward-socks5t / 127.0.0.1:9050 .
AND
listen-address 192.168.1.1:8118

Privoxy config says, "With forward-socks5 the DNS resolution will happen on the remote server."

Firefox/IE on your computer cannot use the Tor directly because the Tor is not an HTTP/HTTPS proxy. Tor is a SOCKS5 proxy.

Firefox/IE on your computer may be configured to use an HTTP/HTTPS proxy, such as Privoxy running on your router. It also does very good Ad blocking.

Your router may also be configured to block all Internet traffic originating from your computer. You can still access the Internet via the HTTP/HTTPS proxy. This protects your computer from accidentally leaking DNS lookups and from other programs that would reveal your physical location.
iptables -I FORWARD -s {ip-address-of-your-computer} -p all -j DROP

 

[cuekay]

Here's how I use Tor and Privoxy together on the router to stay anonymous. OR, you could simply install the Tor Browser Bundle on your computer and be done with it.

Tor is a SOCKS5 proxy, listening on port 9050. When configured properly, your web requests will appear to originate from some random Tor exit node, located somewhere else in the world.

Privoxy is an HTTP/HTTPS proxy, listening on port 8118, AND it may be configured to forward to Tor port 9050. After running the Entware setup, you will be able to install Privoxy on the router.

Privoxy is configured with:
forward-socks5t / 127.0.0.1:9050 .
AND
listen-address 192.168.1.1:8118

Privoxy config says, "With forward-socks5 the DNS resolution will happen on the remote server."

Firefox/IE on your computer cannot use the Tor directly because the Tor is not an HTTP/HTTPS proxy. Tor is a SOCKS5 proxy.

Firefox/IE on your computer may be configured to use an HTTP/HTTPS proxy, such as Privoxy running on your router. It also does very good Ad blocking.

Your router may also be configured to block all Internet traffic originating from your computer. You can still access the Internet via the HTTP/HTTPS proxy. This protects your computer from accidentally leaking DNS lookups and from other programs that would reveal your physical location.
iptables -I FORWARD -s {ip-address-of-your-computer} -p all -j DROP

Thanks for that information. I'm a bit puzzled though about how it works since I enabled it on the router and even without installing privoxy, I was able to instantly browse the web without any configuration of any of my workstations, browsers, or anything else for that matter and I found that I was bouncing from server to server. But while I'm able to do this on the browsers, whenever I use IRC(irssi as the client), my actual IP shows up and I was wondering what kind of configuration is needed since I was hoping to find that information from the browser configuration or something else that might hint at what port to use as a proxy. Thanks again!

 

[Globespy]

I'm also a little confused here.
The new Tor tab is within the VPN settings, so presumably to be used in conjunction with an openVPN setup on the router.
Additionally, almost every other post I've read would indicate that it's far safer to run VPN over TOR. With the VPN running, you can open a regular browser that will show your VPN service modified IP address, and then open TOR browser which uses a completely different approach. So you can monitor both your VPN and TOR connections simultaneously. Why would you suggest not to use VPN over TOR?
More importantly, and maybe a question for Merlin. A seemingly safer option is to connect your VPN thru TOR, so your VPN doesn't have your real IP address (AirVPN are good at this), so is this new Tor tab to enable TOR over VPN?
Thanks

 

[sfx2000]

Tor is usually pretty safe - always be careful not to run tor over a VPN - as this concentrates traffic (think of other users doing the same thing) - many suspect this is how the FBI was able to break into and take over a pedophile ring sometime back.

I'm at a point where I consider TOR not safe...

If one runs a quick check on the google, and more importantly, if one is running TOR, one pops up on a lot of radars - kiddie porn, drug deals, terrorism, fraud and hackers/crackers - the dark web is getting huge attention from folks that have the resources (state sponsored) to break it...

 

[barbara]

I'm at a point where I consider TOR not safe...

http://www.govtech.com/federal/Feds-Hack-Site-on-Dark-Web-in-Child-Pornography-Sting-Operation.html

"A U.S. magistrate judge in Virginia authorized a search warrant allowing federal agents to monitor the computers of anyone logging onto the site through use of a hacking tool - special malware - that allowed agents to seize the IP addresses from users' computers."

"In a sworn statement, an agent told a federal judge in Washington that the Tor system had complicated the investigation so that agents needed two weeks, until March 4, 2015, to uncover users' identities."

The FBI spends millions for zero-day exploits. My understanding is the FBI deployed malware from the Playpen website onto each visitor's computer. The malware was designed to reveal your real IP address to the FBI, when using the TOR Browser Bundle. I don't know if running a TOR transparent proxy on the your router is any difference.

 

[amplatfus]

Hi, is there any way to route openvpn client of merlin traffic via TOR?
Thank you!

 

[RMerlin]

Hi, is there any way to route openvpn client of merlin traffic via TOR?
Thank you!

No. Tor is intended for web traffic only, not for VPN traffic.

 

[sfx2000]

No. Tor is intended for web traffic only, not for VPN traffic.

TOR is totally broken these days - as is VPN...

Client side vulnerability...

 

[sbsnb]

TOR is totally broken these days - as is VPN...

Client side vulnerability...

The only thing more broken is no security.