Bypass web filters through encryption
Automated disclaimer: This post was written more than 15 years ago and I may not have looked at it since.
Older posts may not align with who I am today and how I would think or write, and may have been written in reaction to a cultural context that no longer applies. Some of my high school or college posts are just embarrassing. However, I have left them public because I believe in keeping old web pages aliveāand it's interesting to see how I've changed.
Use the Tor network to hide your communications. Incidentally, this is particularily useful when certain file types have been blocked, such as torrent files. The following instructions are written for Windows XP and Ubuntu Linux users. Tips for other systems are welcome.
Edit: Be extremely careful when surfing over Tor. There are rogue Tor exit nodes that will attempt to steal your information (credit card number, password, etc.), so when using Tor you should enable and heed all of your browser's security warnings. When using Tor, only submit personal information from a secure page to a secure page. Remember that a page is not secure if your browser couldn't completely verify the security certificate. This is a very real threat. In summary, try to only use Tor for reading unless you're sure you know what you're doing.
- Problem
- Perhaps your college, like mine, has begun to block any file downloads with the MIME-type
application/x-bittorrent. Maybe you're worried that the firewall at your workplace is filtering out any potentially controversial subject matter, like politics. Maybe you just don't want people snooping on your internet usage. - Solution
-
Use the Tor network to add some anonymity and privacy to your communications, and install Vidalia (optionally) if you want to see the route your Tor traffic is taking.
-
Install Tor and Privoxy for the basic functionality, and Vidalia if you want to have a convenient and informative interface for Tor. Windows and Mac users will want the full bundle. Ubuntu users can install the
torandprivoxypackages, but will have to build Vidalia from source. Tips:- You should see a the letter "P" in a green or blue circle appear in your Windows XP system tray (where the date & time appear) -- that's Privoxy, which Firefox will talk with directly. Leave it alone.
- You should see a red onion appear in the system tray as well -- that's Vidalia. Right-click and hit "Preferences", where you should specify that Tor be started when Vidalia is started. Also in the right-click menu are options to start and stop Tor -- you may have to explicitly start Tor immediately after the installation, but it should start automatically every time you start your computer afterwards.
-
Integrate Tor into Firefox by installing the TorButton extension This will enable you to easily toggle whether Firefox is using Tor. Tips:
- After restarting Firefox, right-click on the new status bar item and choose "icon" instead of "text" using the preferences item.
From now on, you can download or view files and web pages that are normally filtered by clicking on the onion icon in the Firefox status bar. When you are ready to stop using the secure connection, turn Tor usage back off by clicking the onion again, so that it shows a red X.
-
- Explanation
- Tor creates a one-time path through the Internet and puts many layers of encryption over both the data request and the routing information. An intruder (such as a web filter) can determine at most a) who you are, or b) who you're talking to, but not both simultaneously. Of course, there are other ways someone can find out -- for example, javascript in a web page can reveal your IP address, or you can enter personal information and submit it through Tor. But for the purposes of hiding the data request and data response, Tor is an excellent choice. Please don't try to download large files through it though -- not only will you find it slow, but it reduces the amount of traffic the Tor network can handle overall, including your own traffic.
- Resources
brandi mcclure says:
Tim I offically am in love with you. Thanks so much for the help. i will now put your address in my LJ so one and all can gain from your wisdom.
Tim McCormack says:
No problem! I'm opposed to content filters, so I'm glad to hear that folks are making use of encryption technology to route around the problem.
Anonymous Wooster Student says:
Hey,
I tried tor and haven't been able to get it to work. Anytime I attempt to visit any website, I get an error that says, "The proxy server is refusing connections," and that "Firefox is configured to use a proxy server that is refusing connections."
Any idea as to why it doesn't work?
Thanks in advance, you're our only hope here @ Woo. :-)
Tim McCormack says:
Well, I'm guessing that your Windows firewall settings are preventing internal connections. Firefox needs to connect to localhost:8118 to talk to Privoxy, which then connects to localhost:9050 to talk to Tor. Try browsing to each of those addresses -- I get a blank page at the first and a "Tor is not an HTTP Proxy" message at the second. When the services aren't running, I instead get a 404 error or "page not found" message. What happens for you?
Also, after enabling Tor for Firefox (using the TorButton extension), go to http://p.p/, a special address for Privoxy. You should see a configuration page there.
Oh, and you're only partly anonymous; I can see your Wooster IP address, and given some time, I could deduce your approximate location as well. :-)
Anonymous Wooster Student says:
heh. Well, a few anonymous people in south campus appreciate your efforts.
:-)
Thanks again.
Anonymous Wooster Student says:
Hey,
I get two error messages, both are the same and look something like "Firefox can't establish a connection to the server at localhost:8118." (or 9050, in the case of the other)
http://p.p/ , too, shows an error. (Firefox can't find the server at www.p.p.)
I've tried disabling the Windows firewall and loading each of the pages, but still get the same error messages.
charvey says:
Hi Tim,
I live in Vietnam, which has Internet censoring similar to China. I installed Vidalia during a recent trip to the USA and it worked great. I just returned to Vietnam, and when I launched Tor I got the "The proxy server is refusing connections" error for all URLs. When I disable Tor in the Firefox status bar I can surf again.
I figure Vietnam's Internet censor doohickeys are keeping me from connecting to Tor proxy servers. Any ideas how to get around this?
Thanks, Chris
Tim McCormack says:
If you have a friend in the US who's willing to spare a little bandwidth, you can set up an SSH server on their machine and tunnel your traffic through that. The censorware won't be able to stop it. Other than that, I'm not sure.
A little Googling tells me that Tor is somewhat blocked in both China and Vietnam. You might try I2P, which I've heard could work.
Anonymous Wooster Student says:
Hey,
Got everything to work; turns out Tor / Privoxy weren't properly set up.
Thanks a lot!!!
Tim McCormack says:
Great! If you don't mind me asking, what did you do differently this time? Other folks may have the same problem and benefit from your experience.
charvey says:
No luck with Tor or I2P. No biggie, as I can get nearly everything I want in Vietnam -- access to western news media etc.
If anyone has ideas let me know. Thanks for the tips.
Tim McCormack says:
@charvey: You know, it sounds like Tor just isn't configured properly. What happens when you browse directly to the proxies, as noted here?
Lamia says:
Hey, Tor is being filtered here. Any others I could use?
Tim McCormack says:
Well, it really depends on your needs. If you are looking to avoid site blocking or to not be identified by the site you are visiting, you could use anonymouse or Hide My Ass. To bypass content and protocol filtering you'll need something more complicated, perhaps you could set up an ssh tunnel to a friend's computer that is not on the filtered network.
Gunjan Chowdhary says:
Hi Tim, I am from India. I study at MICA (Mudra Institute of Communications, Ahmedabad). Well, my college server is configured to block 1> all exe downloads 2> even some pages with links to exe downloads (like c-net.com and miniclip.com) 3> Audio / Video - Streaming and Downloading are both blocked.
Well, I did try to get my hands on Tor, Privoxy and Vidalia, but the problem is that even their installation files are available as exe downloads only !!!
Please help me out of this.
Tim McCormack says:
@Gunjan Chowdhary: Wow, that's pretty restrictive. I can send you the files, if you would like, or make them available in a format you can download without restriction.
Tim McCormack says:
Okay, try downloading from this link. It should be allowed through the filters, but you'll have to change the extension to exe.
Sarav says:
Thanks a lot sir.. but i was wondering is there a way to download large files, if there is plz do let us know
Tim McCormack says:
@Sarav: If you need to download a large file and your ISP (or IT department) is blocking large files, you could use Tor. Alternatively, you might see if you can get the file using torrents (unlikely if large file downloading is blocked, but you should try anyway.) Another approach is to acquire the file over IRC, if that's an option.
Downloading large amounts of data over Tor on a regular basis is not a good idea, though, since many of the Tor servers only allow a certain amount of data to go through per day (to save on bandwidth costs.)
Sarav says:
ok thanks maan i will try it out
anon says:
Anyone who has the bundle installed on windows and gets the error messages like "proxy server refusing connections" or "cannot establish a connection", check your taskbar and make sure you see icons of a green onion and a capital P in a blue circle.
Then check to see if IE is using the correct proxy settings or look and see if the TorButton Extension says "Tor Enabled" in green, or the icon of an onion without a red X on it.
Laurent says:
Hi,
I get the same message "Firefox is configured to use a proxy server that is refusing connections" when I use Firefox with Tor on. I checked the connections settings, which are set automatically by Tor, and they seem fine. I have Comodo as a firewall and Avast as anti virus. I am at my wits ends. Oh, and I live in France, if that makes any difference.
Tim McCormack says:
@Laurent: Is Privoxy installed and running? Sounds like you're using Windows, in which case you should use Vidalia to manage everything. (It's very convenient.)
alviks says:
Hello Tim,
I'm using Ubuntu 9.10 and Firefox. I struggle getting tor to work. The torlogs say that a connection was estblished indicating everything being hunky dory. But when I activate torbutton I get the same error message i.e. "proxy server refusing connections". In the D-Link firewall I have opened 8118 and 9050 for tor and privoxy. Any ideas on how to proceed with the trouble shooting?
Tim McCormack says:
alviks@24: First, I should note that you don't open ports in the firewall for this. 8118 and 9050 are local ports only for other programs on your computer to connect to. Beyond that I can't help very much, since I haven't really used Tor or Privoxy for a year or two. The only thing I can think of is that Privoxy might not be running.
Why Government’s Approach to Internet Content Filtering Sucks « Odd Factor says:
[...] another proxy server. If an ISP uses transparent HTTP proxy, users can use SOCKS proxy or use Tor as [...]