How to: Transparently Routing Traffic Through Tor

How to: Transparently Routing Traffic Through Tor

Here is an alternative to using Tor Browser and Proxychains

What does it do:
Tor transparent routing, routes traffic through Tor using Iptables ruleset.
This will route all traffic on a standalone machine through the Tor network.
All application will make its TCP connections through Tor on port tcp/9040.
All DNS requests are resolve through Tor to avoid anonymity compromised by DNS leaks.

Pros:
Can work in conjunction with Tor Browser and Proxychains
No third party (NSA backdoored) software
No visual proof of having an anonymizer on your system
Zero configuration

Cons:
You would have to manually reload tor service to get new IP
Have to set a cron job to reload tor service at your preferred interval

Dependencies:
tor

Usage:
toriptables2.py -h

To test:
http://ip.cc
http://ifconfig.me
https://check.torproject.org
http://dnsleaktest.com

The script can be found here:
https://github.com/ruped24/toriptables2

By: n0neXn0ne

18 Responses

can you please explain to us how the script uses iptables to route all our traffic through TOR?

anyway, nice tutorial.

-Phoenix750

It was taken for Tor's site. I simplified it to the minimal needed to work on all private networks.
Click below, see the section:
Local Redirection Through Tor:

To see how the rules were set:
sudo iptables --list -nvx
sudo iptables --list -t nat

Run this script to see the rules below:
Here is a screenshot of the tor iptables rules loaded:

thanks!

-Phoenix750

How anonymous is this? Is it like Tails?

As for anonymity, it works pretty well. The problem is that ToR has been compromised by NSA and other governments.

Yeah but it's not a problem for me. My third world government don't know about anything. Besides, I first start my no log offshore vpn(encrypt all data) then connect to tor network. Does it not protect me from exit node detection by ISP?

NSA watches everyone's traffic.

you should read my article if you think you are safe just because you don't live in the U.S.

-Phoenix750

Thank you phoenix, it really is a nice article.

The point I'm trying to make is instead of using only the vpn, using tor over the vpn isn't more secure? I mean that has to add some security level compared to using only our vpn. Besides, they can't trace back to me without compromising my mixed bitcoin paid offshore vpn. I'm not saying it's impossible but using different methods together can make the things(public network from far with yagi +no log vpn + proxychains +tor) harder for them.

And I don't do that much nasty things to get NSA to the work.

Sounds like you should be pretty secure

there is always a way to trace you back. always.

yes it is more secure, but your connection will most likely become highly unstable.

-Phoenix750

Yes, it's a bit unstable. But if we think about security level it totally is worth. I've just tried it. Proxychains sometimes may cause problem but nikto etc. worked fine. It wasn't as slow as I thought. I run my kali on usb. As I said, I'm not a cyber criminal but if things come to something very illegal, what else do I need to destroy after the USB?Even though, I don't have anything on my internal harddrive Do I need to destroy it as well? Why Eliot destroyed the RAM after he thought that Tyler'd toyed with him?

the RAM still contains info when the computer is shut down. it is not overwritten.

there is a Linux program called Pandora's Box that "bombs" your RAM when you shut down your computer, but i will cover that in a series on ParrotSec OS, which i am going to put up soon.

-Phoenix750

Looking forward to it! Thank you.

Hey phoenix, looks like you're using Parrot os. There is a tool "anon surfer" on it. Is it the same thing with this?

Kudos! Great article! :D

Share Your Thoughts

  • Hot
  • Active