问题
I am brand new to Tor and I feel like multiple Tors should be considered. The multiple tors I mentioned here are not only multiple instances, but also using different proxy ports for each, like what has been done here http://www.howtoforge.com/ultimate-security-proxy-with-tor)
I am trying to get started with 4 Tors. However, the tutorial applies only to Arch Linux and I am using a headless EC2 ubuntu 64bits. It is really a pain going through the differences between Arch and Ubuntu. And here I am wondering is there anyone could offer some help to implement my idea simplicitly.
Four Tors running at the same time each with an individual port, privoxy or polipo or whatever are ok once it works. Like: 8118 <- Privoxy <- TOR <- 9050 8129 <- Privoxy <- TOR <- 9150 8230 <- Privoxy <- TOR <- 9250 8321 <- Privoxy <- TOR <- 9350
In this way, if I try to return the ip of 127.0.0.1:8118, 8129, 8230 and 8321, they should return four different ips, which indicates there are four different Tors running at the same time. Then, a few minutes later, check again, all four of them should have a new ips again.
I know my simple 'dream' could come true in many ways, however... I am not only new to Tor, but even also to bash and python... That is why I come here and see whether some of you could light me up.
These links might be useful:
http://blog.databigbang.com/distributed-scraping-with-multiple-tor-circuits/ https://www.torservers.net/wiki/setup/server#multiple_tor_processes Best,
btw, if I run
$ ps -A | grep 'tor'
i have several instances there, however with "?" under the tty column, what does that mean since I know tty means terminals?
回答1:
Create four torrc files, say /etc/tor/torrc.1
to .4
.
In each file, edit the lines:
SocksPort 9050
ControlPort 9051
DataDirectory /var/lib/tor
to use different resources for each torrc
file, e.g. for for torrc.1
:
SocksPort 9060
ControlPort 9061
DataDirectory /var/lib/tor1
for torrc.2
,
SocksPort 9062
ControlPort 9063
DataDirectory /var/lib/tor2
and so on.
A configuration file containing only the above lines will work: you can delete every other line from the default template if you feel like it.
DataDirectory
can also be relative to the current directory where tor
is launched, e.g.:
DataDirectory d1
Then start tor like this:
tor -f /etc/tor/torrc.1
tor -f /etc/tor/torrc.2
and so on for the other two files.
This will create four different Socks5 servers on the four ports. Each one will open a different circuit, which is what you want.
回答2:
Chaining Tor is recommended against. You may get worse anonymity, not better anonymity.
Doing so produces undefined and potentially unsafe behavior. In theory, however, you can get six hops instead of three, but it is not guaranteed that you'll get three different hops - you could end up with the same hops, maybe in reverse or mixed order. It is not clear if this is safe. It has never been discussed.
You can choose an entry/exit point, but you get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry / exit nodes can mess up your anonymity in ways we don't understand. Therefore Tor over Tor usage is highly discouraged.
You should only mess with Tor's routing algorithm, if you are more clever than the Tor developers.
The use of privoxy / polipo has been deprecated by The Tor Project long time ago. You are recommended to only use Tor Browser. Only Tor Browser gives you an unified web fingerprint and you won't stand out.
Since Tor version 0.2.3, different Socks,- Dns-, or TransPorts go through different circuits, therefore preventing identity correlation. The term for this is stream isolation. Do get this, you can add to torrc...
SocksPort 9050
SocksPort 9052
SocksPort 9053
SocksPort 9054
#...
...and they will all go thought different circuits.
When you are using Tor Browser, you can also use Tor Button's new identity feature. Click on Tor Button (the green onion) and choose new identity. This will reset all browser states and change Tor's circuit.
(And it's Tor, not TOR.)
Note, when using stream isolation, going through different circuits does not guarantee getting different Tor exit nodes. Sometimes Tor will only use a different entry guard or middle relay. This is normal.
回答3:
I tried the torrc.1 ,torrc.2 etc...but it didn't work.
However this one worked:
- Stop the tor process by :
/etc/init.d/tor stop
- Open
gedit /etc/tor/torrc
(If you are not root put sudo before it to access as root) - Search for
SocksPort 9050
- Now put whatever ports you want to be as stream ports (SocksPort 9060 ,SocksPort 9070,SocksPort 9080 ....etc.)
- Search for ControlPort 9051
- Now put whatever ports you want to be as stream ports (ControlPort 9061 ,ControlPort 9071,ControlPort 9081 ....etc.) NOTICE THAT CONTROL PORT IS ALWAYS SOCKSPORT+1
- Start the tor process again :
/etc/init.d/tor start
- Check the tor status
/etc/init.d/tor status
it should show something like that:
tor.service - Anonymizing overlay network for TCP
Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2016-05-13 22:18:21 GST; 1s ago
Process: 10259 ExecReload=/bin/kill -HUP ${MAINPID} (code=exited, status=0/SUCCESS)
Process: 10319 ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config (code=exited, status=0/SUCCESS)
Process: 10317 ExecStartPre=/usr/bin/install -Z -m 02750 -o debian-tor -g debian-tor -d /var/run/tor (code=exited, status=0/SUCCESS)
Main PID: 10322 (tor)
CGroup: /system.slice/tor.service
└─10322 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.860 [notice] Tor v0.2.6.10 (git-71459b2fe953a1c0) running on Linux with Li... 1.2.8.
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.860 [notice] Tor can't help you if you use it wrong! Learn how to be safe ...warning
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.860 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.860 [notice] Read configuration file "/etc/tor/torrc".
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Socks listener on 127.0.0.1:9050
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Socks listener on 127.0.0.1:9060
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Control listener on 127.0.0.1:9051
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Control listener on 127.0.0.1:9061
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Control listener on /var/run/tor/control
May 13 22:18:21 momen-Lenovo systemd[1]: Started Anonymizing overlay network for TCP.
Hint: Some lines were ellipsized, use -l to show in full.
回答4:
Make a tor configuration directory: $> mkdir -p ~/configuration_files/tor
$> config=~/configuration_files/tor
$> cd "${config}"
Copy the /etc/tor/torrc
to the configuration directory and make as many copies as you need: E.g. 10 printf "torrc_%0.2s\n" {1..10} | xargs -I {} /bin/cp /etc/tor/torrc "${config}{}"
Copy the /etc/torsocks.conf
to the configuration directory and make as many copies as you need: e.g. same as above 10printf "torsocks_%0.2s.conf\n" {1..10} | xargs -I {} /bin/cp /etc/torsocks.conf "${config}/{}"
Make new data directories and fix ownership/permissions: $> sudo mkdir /var/lib/tor{1..10}
Edit the configuration files to have non colliding corresponding port numbers:
for a in {1..10}; do
sed -i "s/^#SocksPort 9050.*/SocksPort $((9050+${i}))/;s|^#DataDirectory /var/lib/tor|DataDirectory /var/lib/tor${i}|" torrc_${i}
sed -i "s/server_port = 9050/server_port = $((9050+${i}))/" torsocks_${i}.conf
sudo chmod -R --reference /var/lib/tor /var/lib/tor${i}
sudo chown -R CHANGETHIS:CHANGETHIS /var/lib/tor${i}
done
Note: Changing the CHANGETHIS to the user/group of the user who plans to use it.
After that its easy to get going, you start up the individual instances of tor using the corresponding configuration file
E.g. /usr/bin/tor -f "${config}/torrc_3"
To use it all you need to do is export the variable TORSOCKS_CONF_FILE to point to the corresponding torsocks.conf
file:
E.g. $> export TORSOCKS_CONF_FILE="${config}/torsocks_3.conf"
Next you can torify / torsocks any application from that particular shell and it will use the torsocks_3.conf proxy.
Try: $> torify bash
$> curl www.ipmango.com/api/myip
To change to another proxy simply start up the corresponding tor using its torrc file and export the TORSOCKS_CONF_FILE variable to point to the new configuration.
Here is a simple alias that does the job, after you've set it up as above and you have roxterm installed. It will check netstat
to see if the proxy is up already and if not it will start it up in a separate shell window.
alias prox='_(){ proxy=${1:-1}; config_base="~/configuration_files/tor"; port=$((9050+${proxy})); netstat -an | { ! grep -q "127.0.0.1:${port}"; } && roxterm -e bash -c "/usr/bin/tor -f \"${config_base}/torrc_${proxy}\"; bash"; export TORSOCKS_CONF_FILE="${config_base}/torsocks_${proxy}.conf"; }; _'
To use it:
$> prox 4
$> torify bash
来源:https://stackoverflow.com/questions/14321214/how-to-run-multiple-tor-processes-at-once-with-different-exit-ips