Running the Tor client on MS Windows

Step One: Download and Install Tor

Note that these are the installation instructions for running a client on MS Windows (98, 98SE, NT4, 2000, XP, Server) If you want to run a server (please do), read the "Configuring a server" section at tor-doc.html.

This document was updated $Date$.

The latest beta release of Tor for MS Windows is 0.1.1.2-alpha. Download it by clicking the link. You may be able to find experimental versions here, if you're looking for new features and new bugs.

If you want to run Tor in the system tray and/or as a service have a look at this FAQ entry. If you dont mind running in a window (so you can see its logs and errors) our Tor installer should make everything pretty simple. Below is a screenshot of the setup page (your version will probably be newer than the version printed in this screenshot):

tor installer splash page

By default, Tor is not configured to run at startup. You can enable this by checking the "Run at startup" box as shown below. Be sure to leave the other boxes checked.

select components to install

Once the installer is finished, it will run Tor in a window so you can see its logs and errors. (When you wish to browse anonymously, you may minimize this window, but do not close it.)

tor window screenshot

Tor comes configured as a client by default. It uses a built-in default configuration file, and most people won't need to change any of the settings. Tor is now installed. Close the Tor client for now by closing the cmd window.

Step Two: Install Privoxy for Web Browsing

After installing Tor, you need to configure your applications to use it.

The first step is to set up web browsing. Start by installing Privoxy (click on 'recent releases', then scroll down to the MS Windows installer packages). Privoxy is a filtering web proxy that integrates well with Tor. Once it's installed, it should appear in your system tray as a "P" in a circle, as pictured below: Exit from Privoxy for now by right clicking on the "P" icon and finding the exit option.

privoxy icon in the system tray

You need to configure Privoxy to use Tor. Open Privoxy's main config file by selecting it from Start Menu|All Programs:

editing privoxy config

Add the line
forward-socks4a / localhost:9050 .
to Privoxy's config file. Don't forget to add the dot at the end. The easiest way is to select the above line and copy/paste it into the file. Be sure to save.

privoxy points to tor

Privoxy keeps a log file of everything passed through it. In order to stop this you will need to comment out two lines by inserting a # before the line. The two lines are:
logfile privoxy.log
and the line
jarfile jar.log
Be sure to save. You'll need to exit and restart Privoxy for the changes to take effect.

comment out logfile
comment out jarfile

Instructions for restarting Privoxy:

  1. Right click on the Privoxy systray icon and choose "Exit Privoxy".
  2. Left click on Start Menu then Programs then Privoxy. Select the green "P" Privoxy icon. Privoxy should appear in your system tray again.

Step Three: Configure your applications to use Tor

Then change your browser to HTTP proxy at localhost port 8118. (That's where Privoxy listens.) In Firefox it's Tools|Options|General|Connection Settings. In Mozilla, this is in Edit|Preferences|Advanced|Proxies. In Opera 7.5x it's Tools|Preferences|Network|Proxy servers. In IE, it's Tools|Internet Options|Connections|LAN Settings|Advanced. You should also set your SSL proxy (IE calls it "Secure") to the same thing, to hide your SSL traffic too. In IE, this looks something like:

LAN settings in IE Proxy settings in IE

Using privoxy is necessary because browsers leak your DNS requests when they use a SOCKS proxy directly, which is bad for your anonymity. Privoxy also removes certain dangerous headers from your web requests, and blocks obnoxious ad sites like Doubleclick.

To test if it's working, you need to know your normal IP address so you can verify that the address really changes when running Tor. Go to the Start menu, click Run and enter cmd. At the command prompt, enter ipconfig /a. If you are behind a NAT/Firewall/Router you can use one of the sites listed below to check which IP you are using. When that is done, clear your browser's cache, start Tor and Privoxy and visit any of the sites again. If everything works, your IP address should have changed.

ipid.shat.net and showmyip.com are sites that show your current IP so you can see what address and country you're coming from.

If you have a personal firewall that limits your computer's ability to connect to itself, be sure to allow connections from your local applications to local port 8118 and port 9050. If your firewall blocks outgoing connections, punch a hole so it can connect to at least TCP ports 80, 443, and 9001-9033. For more troubleshooting suggestions, see the FAQ.

To Torify another application that supports HTTP, just point it at Privoxy (that is, localhost port 8118). To use SOCKS directly (for example, for instant messaging, Jabber, IRC, etc), point your application directly at Tor (localhost port 9050). For applications that support neither SOCKS nor HTTP, take a look at SocksCap, FreeCap, or the Hummingbird SOCKS client. (FreeCap is free software; the others are proprietary.)
For more information how to Torify other applications in detail visit the Torify HOWTO.

If you have suggestions for improving this document, please send them to us. Thanks!

$Id$