commit 7123e54eb9bdbae3fe92d2284105a2fd1e2c5a0f Author: George Kadianakis desnacked@gmail.com Date: Thu Apr 28 09:56:09 2011 -0400
Howto instructions for using Tor with obfsproxy. --- doc/tor-obfs-howto.txt | 101 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 101 insertions(+), 0 deletions(-)
diff --git a/doc/tor-obfs-howto.txt b/doc/tor-obfs-howto.txt new file mode 100644 index 0000000..36ad7a3 --- /dev/null +++ b/doc/tor-obfs-howto.txt @@ -0,0 +1,101 @@ +How to set up Tor with Obfsproxy +================================ + + Preliminaries: + +This isn't the final interface--we should make it much easier. + +This is experimental code--if it breaks, you get to keep both smouldering +pieces. + + + + Ingredients: + +Client side needs: + +* a copy of obfsproxy: + git clone git://git.torproject.org/obfsproxy.git + Building it should be easy, just do "./configure && make". + +* a copy of Tor that supports the Socks5Proxy option. + The git version should do the trick. + +Bridge side needs: + +* a copy of obfsproxy: + git clone git://git.torproject.org/obfsproxy.git + Building it should be easy, just do "./configure && make". + +* a copy of Tor with BridgeRelay capabilities. + Quite easy to find nowadays. + + Port setup: + +Our port setup will be like this: + + 1050 1051 + +-----------+ +------------+ + ----| Proxy |-------------| Server |---- + | +-----------+ +------------+ | + | | ++------------+ +--------------+ +| Tor Client | | Tor Bridge | ++------------+ +--------------+ + 5000 5001 + + + + Setting up obfsproxies: + +This command will setup an obfsproxy socks client listening to the +obfs2 protocol on localhost:1050: +./obfsproxy socks obfs2 127.0.0.1:1050 + +This command will setup an obfsproxy server listening to the +obfs2 protocol on localhost:5001: +./obfsproxy server obfs2 127.0.0.1:1051 127.0.0.1:5001 + + Setting up Tor: + +Let's create .torrc_client and .torrc_bridge. +Warning: I'm only posting the relevant torrc options. + +torrc_client: +--- +SocksPort 5000 +UseBridges 1 +Bridge <bridge host>:1051 # This points to the bridge's obfsproxy server. + # You can change <bridge host> to 127.0.0.1 + # for local testing setup. +Socks5Proxy 127.0.0.1:1050 # This points to our obfsproxy client. +--- + +torrc_bridge: +--- +ORPort 5001 # Port where bridge will be listening on. +BridgeRelay 1 +ExitPolicy reject *:* +--- + + Bootstrap sequence: + +Since we are still in PoC state you have to bootstrap the Tors and the +obfsproxies with the correct sequence: + +1. Fire up server obfsproxy. +2. Fire up tor with torrc_bridge. +3. Fire up client obfsproxy. +4. Fire up tor with torrc_client. + + The End + +Now open Firefox on the client side and set it up to use a Socks +server on 127.0.0.1:5000. +Stuff should work now. + +If you were smart enough to open wireshark and sniff the traffic +before doing all the above, you would notice that the TLS handshake +was not carried out plaintext, effectively obfuscating your Tor +experience. Yes. +