Use Metarouter to Implement Tor Anonymity Software

From MikroTik Wiki
Revision as of 04:09, 8 August 2010 by Webasdf (talk | contribs)
Jump to: navigation, search

This article describes the steps to set up Tor Anonymity software behind a Mikrotik Hotspot using a Metarouter instance. The Metarouter image presented here is for RB4xx MIPSBE boards that support OpenWRT Metarouter images.

What is Tor?

Put simply, Tor is anonymity software that protects a source computer from eavesdropping by a third party. Tor routes internet packets through a series of encrypted proxies. Each proxy in the chain knows a part of the request, but not the entire request. The destination server also does not know what the source is. Tor may also be referred to as Onion routing. Tor is an open source project run by volunteers from around the world.

From the Tor web site [1]

"Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy."

Why use Tor?

From the Tor web site [2]

"Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you're traveling abroad and you connect to your employer's computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted."

Tor Web Site

More information about The Tor Project is available at available at The Tor Homepage.

Network Description

The network design requires that users be behind a NAT connection. The metarouter runs the Tor service and all web traffic is routed through it. By design, to protect user privacy, only port 80 tcp, port 53 udp and port 9050 (tor socks proxy) are open to users.

TorMikrotikDiagram.jpg

Mikrotik Network Configuration

Mikrotik Metarouter Configuration

Set up Tor Relay or Bridge (optional)

Retrieved from "https://wiki.mikrotik.com/index.php?title=Use_Metarouter_to_Implement_Tor_Anonymity_Software&oldid=18606"