mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
38d114c119
svn:r4794
163 lines
6.2 KiB
HTML
163 lines
6.2 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
<title>Tor Documentation</title>
|
|
<meta name="Author" content="Roger Dingledine">
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta http-equiv="Content-Style-Type" content="text/css">
|
|
<link rel="stylesheet" type="text/css" href="tor-doc.css">
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<h1><a href="http://tor.eff.org/">Tor</a> documentation</h1>
|
|
|
|
<p>Tor provides a distributed network of servers ("onion routers"). Users
|
|
bounce their communications (web requests, IM, IRC, SSH, etc.) around
|
|
the routers. This makes it hard for recipients, observers, and even the
|
|
onion routers themselves to track the source of the stream.</p>
|
|
|
|
<a name="why"></a>
|
|
<h2>Why should I use Tor?</h2>
|
|
|
|
<p>Individuals need Tor for privacy:
|
|
<ul>
|
|
<li>Privacy in web browsing -- both from the remote website (so it can't
|
|
track and sell your behavior), and similarly from your local ISP.
|
|
<li>Safety in web browsing: if your local government doesn't approve
|
|
of its citizens visiting certain websites, they may monitor the sites
|
|
and put readers on a list of suspicious persons.
|
|
<li>Circumvention of local censorship: connect to resources (news
|
|
sites, instant messaging, etc.) that are restricted from your
|
|
ISP/school/company/government.
|
|
<li>Socially sensitive communication: chat rooms and web forums for
|
|
rape and abuse survivors, or people with illnesses.
|
|
</ul>
|
|
|
|
<p>Journalists and NGOs need Tor for safety:
|
|
<ul>
|
|
<li>Allowing dissidents and whistleblowers to communicate more safely.
|
|
<li>Censorship-resistant publication, such as making available your
|
|
home-made movie anonymously via a Tor <a
|
|
href="http://tor.eff.org/doc/tor-hidden-service.html">hidden
|
|
service</a>; and reading, e.g. of news sites not permitted in some
|
|
countries.
|
|
<li>Allowing your workers to check back with your home website while
|
|
they're in a foreign country, without notifying everybody nearby that
|
|
they're working with your organization.
|
|
</ul>
|
|
|
|
<p>Companies need Tor for business security:
|
|
<ul>
|
|
<li>Competitive analysis: browse the competition's website safely.
|
|
<li>Protecting collaborations of sensitive business units or partners.
|
|
<li>Protecting procurement suppliers or patterns.
|
|
<li>Putting the "P" back in "VPN": traditional VPNs reveal the exact
|
|
amount and frequency of communication. Which locations have employees
|
|
working late? Which locations have employees consulting job-hunting
|
|
websites? Which research groups are communicating with your company's
|
|
patent lawyers?
|
|
</ul>
|
|
|
|
<p>Governments need Tor for traffic-analysis-resistant communication:
|
|
<ul>
|
|
<li>Open source intelligence gathering (hiding individual analysts is
|
|
not enough -- the organization itself may be sensitive).
|
|
<li>Defense in depth on open <em>and classified</em> networks -- networks
|
|
with a million users (even if they're all cleared) can't be made safe just
|
|
by hardening them to external threat.
|
|
<li>Dynamic and semi-trusted international coalitions: the network can
|
|
be shared without revealing the existence or amount of communication
|
|
between all parties.
|
|
<li>Networks partially under known hostile control: to block
|
|
communications, the enemy must take down the whole network.
|
|
<li>Politically sensitive negotiations.
|
|
<li>Road warriors.
|
|
<li>Protecting procurement patterns.
|
|
<li>Anonymous tips.
|
|
</ul>
|
|
|
|
<p>Law enforcement needs Tor for safety:
|
|
<ul>
|
|
<li>Allowing anonymous tips or crime reporting
|
|
<li>Allowing agents to observe websites without notifying them that
|
|
they're being observed (or, more broadly, without having it be an
|
|
official visit from law enforcement).
|
|
<li>Surveillance and honeypots (sting operations)
|
|
</ul>
|
|
|
|
<p>Does the idea of sharing the Tor network with
|
|
all of these groups bother you? It shouldn't -- <a
|
|
href="http://freehaven.net/doc/fc03/econymics.pdf">you need them for
|
|
your security</a>.</p>
|
|
|
|
<a name="installing"></a>
|
|
<a name="client"></a>
|
|
<h2>Installing and configuring Tor</h2>
|
|
|
|
<p>See the <a href="tor-doc-win32.html">Windows</a>,
|
|
<a href="tor-doc-osx.html">OS X</a>, and <a
|
|
href="tor-doc-unix.html">Linux/BSD/Unix</a> documentation guides.
|
|
|
|
<a name="client-or-server"></a>
|
|
<a name="server"></a>
|
|
<h2>Configuring a server</h2>
|
|
|
|
<p>
|
|
We've moved this section over to the new
|
|
<a href="http://tor.eff.org/doc/tor-doc-server.html">Tor Server
|
|
Configuration Guide</a>. Hope you like it.
|
|
</p>
|
|
|
|
<a name="hidden-service"></a>
|
|
<h2>Configuring a hidden service</h2>
|
|
|
|
<p>
|
|
We've moved this section over to the new <a
|
|
href="http://tor.eff.org/doc/tor-hidden-service.html">Tor Hidden Service
|
|
Howto</a>. Hope you like it.
|
|
</p>
|
|
|
|
<a name="own-network"></a>
|
|
<h2>Setting up your own network</h2>
|
|
|
|
<p>
|
|
If you want to experiment locally with your own network, or you're cut
|
|
off from the Internet and want to be able to mess with Tor still, then
|
|
you may want to set up your own separate Tor network.
|
|
|
|
<p>
|
|
To set up your own Tor network, you need to run your own directory
|
|
servers, and you need to configure each client and server so it knows
|
|
about your directory servers rather than the default ones.
|
|
|
|
<ul>
|
|
<li>1: Grab the latest release. Use at least 0.0.9.5.
|
|
<li>2: For each directory server you want,
|
|
<ul>
|
|
<li>2a: Set it up as a server (see <a href="#server">"setting up a
|
|
server"</a> above), with a least ORPort, DirPort, DataDirectory, and Nickname
|
|
defined. Set "AuthoritativeDirectory 1".
|
|
<li>2b: Set "RecommendedVersions" to a comma-separated list of acceptable
|
|
versions of the code for clients and servers to be running.
|
|
<li>2c: Run it: <tt>tor --list-fingerprint</tt> if your torrc is in
|
|
the default place, or <tt>tor -f torrc --list-fingerprint</tt> to
|
|
specify one. This will generate your keys and output a fingerprint
|
|
line.
|
|
</ul>
|
|
<li>3: Now you need to teach clients and servers to use the new
|
|
dirservers. For each fingerprint, add a line like<br>
|
|
<tt>DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF</tt><br>
|
|
to the torrc of each client and server who will be using your network.
|
|
<li>4: Create a file called approved-routers in the DataDirectory
|
|
of each directory server. Collect the 'fingerprint' lines from
|
|
each server (including directory servers), and include them (one per
|
|
line) in each approved-routers file. You can hup the tor process for
|
|
each directory server to reload the approved-routers file (so you don't
|
|
have to restart the process).
|
|
</ul>
|
|
|
|
</body>
|
|
</html>
|
|
|