tor-webwml.git

@@ -0,0 +1,235 @@

+## translation metadata

+# Revision: $Revision$

+

+#include "head.wmi" TITLE="Tor Mac OS X Install Instructions"

+

+<div class="center">

+

+<div class="main-column">

+

+<h1>Running the <a href="<page index>">Tor</a> client on Mac OS X</h1>

+<br />

+

+<p>

+<b>Note that these are the installation instructions for running a Tor client on

+  Mac OS X. If you want to relay traffic for others to help the network

+  grow (please do), read the <a

+  href="<page tor-doc-server>">Configuring a server</a> guide.</b>

+</p>

+

+<hr />

+<a id="installing"></a>

+<h2><a class="anchor" href="#installing">Step One: Download and Install Tor</a></h2>

+<br />

+

+<p>

+The latest stable and experimental releases of Tor for Macintosh

+OS X bundle <a href="<page index>">Tor</a> and <a

+href="http://www.privoxy.org">Privoxy</a> (a filtering web proxy)

+into one package, with Privoxy pre-configured to proxy through Tor.

+<a href="<page download>">Download one from the download

+page</a>.

+</p>

+

+<p>Our Tor installer should make everything pretty simple. Below is a

+screenshot of the setup page:

+</p>

+

+<img alt="tor installer splash page"

+src="http://tor.eff.org/img/screenshot-osx-installer-splash.png"

+border="1">

+

+<p>

+By default, Tor is configured to run at startup.  If you do not want Tor to

+run on startup, you can disable this by selecting "Customize" in the

+Installer, and then un-checking the "Tor Startup Script" box. Be sure to

+leave the other boxes checked.

+</p>

+

+<p>Once the installer is finished and your computer restarts, Tor will

+start automatically.  Tor comes configured as a client by default. It

+uses a built-in default configuration file in <tt>/Library/Tor/torrc</tt>,

+but most people won't need to change any of the settings. Tor is now

+installed.</p>

+

+<p>Privoxy is installed as part of the Tor bundle package

+installer. Privoxy is a filtering web proxy that integrates well with

+Tor. Once it's installed, it will start automatically when your computer

+is restarted.

+</p>

+

+<p>You do not need to configure Privoxy to use Tor. A custom Privoxy

+configuration for Tor has been installed as part of the installer package.

+</p>

+

+<hr />

+<a id="using"></a>

+<h2><a class="anchor" href="#using">Step Two: Configure your applications to use Tor</a></h2>

+<br />

+

+<p>After installing Tor and Privoxy, you need to configure your

+applications to use them. The first step is to set up web browsing.</p>

+

+<p>If you're using Firefox (we recommend it), check out our <a

+href="<page tor-switchproxy>">Tor SwitchProxy howto</a> to set up

+a plugin that makes it easy to switch between using Tor and using a

+direct connection.</p>

+

+<p>Otherwise, you need to manually configure your browser to HTTP proxy

+at localhost port 8118.

+(That's where Privoxy listens.)

+In Mozilla, this is in Mozilla|Preferences|Advanced|Proxies.

+You should set both your Web Proxy (HTTP) and your Secure Web Proxy

+(HTTPS or SSL) to localhost port 8118, to hide your SSL traffic too.

+You should consider configuring your "FTP Proxy" too; see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this

+note</a> about Tor and ftp proxies.

+</p>

+

+<p>If you want to use Tor with Safari, you need to change your

+Network Settings. Select your Network Preferences from the Apple |

+Location menu:</p>

+

+<img alt="Network settings"

+src="http://tor.eff.org/img/screenshot-osx-choose-network.png"

+border="1">

+

+<p>Select the Network Interface on which you want to enable Tor. If you use

+more than one Interface you must change the proxy settings for each

+individually.</p>

+

+<img alt="Network preferences"

+src="http://tor.eff.org/img/screenshot-osx-choose-interface.png"

+border="1">

+<p>

+

+<p>Select and enter 127.0.0.1 and port 8118 for both

+Web Proxy (HTTP) and your Secure Web Proxy (HTTPS).

+You should also do this for "FTP Proxy" and "Gopher Proxy"; see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this

+note</a> about Tor and ftp proxies. Leave your Use Passive FTP Mode

+(PASV) setting as is.</p>

+

+<img alt="Proxy settings"

+src="http://tor.eff.org/img/screenshot-osx-proxy-settings.png"

+border="1">

+

+<p>Using privoxy is <strong>necessary</strong> because <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">browsers

+leak your

+DNS requests when they use a SOCKS proxy directly</a>, which is bad for

+your anonymity. Privoxy also removes certain dangerous headers from your

+web requests, and blocks obnoxious ad sites like Doubleclick.</p>

+

+<p>To Torify other applications that support HTTP proxies, just

+point them at Privoxy (that is, localhost port 8118). To use SOCKS

+directly (for instant messaging, Jabber, IRC, etc), you can point

+your application directly at Tor (localhost port 9050), but see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">this

+FAQ entry</a> for why this may be dangerous. For applications

+that support neither SOCKS nor HTTP, take a look at <a

+href="http://www.taiyo.co.jp/~gotoh/ssh/connect.html">connect</a> or

+<a href="http://www.dest-unreach.org/socat/">socat</a>.</p>

+

+<p>For information on how to Torify other applications, check out the

+<a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">Torify

+HOWTO</a>.

+</p>

+

+<hr />

+<a id="verify"></a>

+<h2><a class="anchor" href="#verify">Step Three: Make sure it's working</a></h2>

+<br />

+

+<p>

+Next, you should try using your browser with Tor and make

+sure that your IP address is being anonymized. Click on the <a

+href="http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1">Tor

+detector</a> and see whether it thinks you're using Tor or not.

+(If that site is down, see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate">this

+FAQ entry</a> for more suggestions on how to test your Tor.)

+</p>

+

+<p>If you have a personal firewall that limits your computer's

+ability to connect to itself, be sure to allow connections from

+your local applications to local port 8118 and port 9050. If

+your firewall blocks outgoing connections, punch a hole so

+it can connect to at least TCP ports 80 and 443, and then see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FirewalledClient">this

+FAQ entry</a>.

+</p>

+

+<p>If it's still not working, look at <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ItDoesntWork">this

+FAQ entry</a> for hints.</p>

+

+<hr />

+<a id="server"></a>

+<h2><a class="anchor" href="#server">Step Four: Configure it as a server</a></h2>

+<br />

+

+<p>The Tor network relies on volunteers to donate bandwidth. The more

+people who run servers, the faster the Tor network will be. If you have

+at least 20 kilobytes/s each way, please help out Tor by configuring your

+Tor to be a server too. We have many features that make Tor servers easy

+and convenient, including rate limiting for bandwidth, exit policies so

+you can limit your exposure to abuse complaints, and support for dynamic

+IP addresses.</p>

+

+<p>Having servers in many different places on the Internet is what

+makes Tor users secure. <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You

+may also get stronger anonymity yourself</a>,

+since remote sites can't know whether connections originated at your

+computer or were relayed from others.</p>

+

+<p>Read more at our <a href="<page tor-doc-server>">Configuring a server</a>

+guide.</p>

+

+<hr />

+<a id="uninstall"></a>

+<h2><a class="anchor" href="#uninstall">How To Uninstall Tor and Privoxy</a></h2>

+<br />

+

+<p>The Tor 0.1.0.x series does not come with an uninstaller; this feature

+  will be added in the 0.1.1.x series.  If you want to remove Tor on OSX,

+  here's how:</p>

+

+<p>Change your application proxy settings back to their original values.

+   If you just want to stop using Tor, you can end at this point.</p>

+

+<p>To stop Tor and Privoxy from running on startup</b>, remove the

+   /Library/StartupItems/Tor and /Library/StartupItems/Privoxy directories

+   respectively. If you just want to stop Tor from running, you can end at this

+   point.</p>

+

+<p>To erase all remaining Tor and Privoxy files from your computer, delete

+  the following:

+   <ul>

+   <li>/Library/Tor</li>

+   <li>/Library/Privoxy</li>

+   <li>/usr/bin/tor</li>

+   <li>/usr/bin/tor_resolve</li>

+   <li>/var/log/tor</li>

+   <li>/usr/share/man/man1/tor.1</li>

+   <li>/usr/share/man/man1/tor-resolve.1</li>

+   <li>/usr/share/man/man1/torify.1</li>

+   <li>/Library/Receipts/Privoxy.pkg/</li>

+   <li>/Library/Receipts/privoxyconf.pkg/</li>

+   <li>/Library/Receipts/Tor.pkg/</li>

+   <li>/Library/Receipts/torstartup.pkg/</li>

+  </ul>

+</p>

+

+<hr />

+

+<p>If you have suggestions for improving this document, please post

+them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the

+website category. Thanks!</p>

+

+  </div><!-- #main -->

+</div>

+

+#include <foot.wmi>

+

@@ -0,0 +1,314 @@

+## translation metadata

+# Revision: $Revision$

+

+#include "head.wmi" TITLE="Tor Server Configuration Instructions"

+

+<div class="center">

+

+<div class="main-column">

+

+<h1>Configuring a <a href="<page index>">Tor</a> server</h1>

+<br />

+

+<p>

+The Tor network relies on volunteers to donate bandwidth. The more

+people who run servers, the faster the Tor network will be. If you have

+at least 20 kilobytes/s each way, please help out Tor by configuring your

+Tor to be a server too. We have many features that make Tor servers easy

+and convenient, including rate limiting for bandwidth, exit policies so

+you can limit your exposure to abuse complaints, and support for dynamic

+IP addresses.</p>

+

+<p>Having servers in many different places on the Internet is what

+makes Tor users secure. <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You

+may also get stronger anonymity yourself</a>,

+since remote sites can't know whether connections originated at your

+computer or were relayed from others.</p>

+

+<p>Setting up a Tor server is easy and convenient:

+<ul>

+<li>Tor has built-in support for <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#LimitBandwidth">rate

+limiting</a>. Further, if you have a fast link

+but want to limit the number of bytes per day

+(or week or month) that you donate, check out the <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#Hibernation">hibernation

+feature</a>.

+</li>

+<li>Each Tor server has an <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#RunAServerBut">exit

+policy</a> that specifies what sort of outbound connections are allowed

+or refused from that server. If you are uncomfortable allowing people

+to exit from your server, you can set it up to only allow connections

+to other Tor servers.

+</li>

+<li>It's fine if the server goes offline sometimes. The directories

+notice this quickly and stop advertising the server. Just try to make

+sure it's not too often, since connections using the server when it

+disconnects will break.

+</li>

+<li>We can handle servers with dynamic IPs just fine, as long as the

+server itself knows its IP. Have a look at this

+<a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#DynamicIP">

+entry in the FAQ</a>.

+</li>

+<li>If your server is behind a NAT and it doesn't know its public

+IP (e.g. it has an IP of 192.168.x.y), you'll need to set up port

+forwarding. Forwarding TCP connections is system dependent but <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerForFirewalledCli

+ents">this FAQ entry</a> offers some examples on how to do this.

+</li>

+<li>Your server will passively estimate and advertise its recent

+bandwidth capacity, so high-bandwidth servers will attract more users than

+low-bandwidth ones. Therefore having low-bandwidth servers is useful too.

+</li>

+</ul>

+

+<p>You can run a Tor server on

+pretty much any operating system, but see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerOS">this

+FAQ entry</a> for advice about which ones work best and other problems

+you might encounter.</p>

+

+<hr />

+<a id="zero"></a>

+<h2><a class="anchor" href="#zero">Step Zero: Download and Install Tor</a></h2>

+<br />

+

+<p>Before you start, you need to make sure that Tor is up and running.

+</p>

+

+<p>For Windows users, this means at least <a

+href="<page tor-doc-win32>#installing">step one</a>

+of the Windows Tor installation howto. Mac OS X users need to do at least

+<a href="<page tor-doc-osx>#installing">step one</a>

+of OS X Tor installation howto.  Linux/BSD/Unix users should do at least

+<a href="<page tor-doc-unix>#installing">step one</a>

+of the Unix Tor installation howto.

+</p>

+

+<p>If it's convenient, you might also want to use it as a client for a

+while to make sure it's actually working.</p>

+

+<hr />

+<a id="one"></a>

+<h2><a class="anchor" href="#one">Step One: Set it up as a server</a></h2>

+<br />

+

+<p>

+1. Verify that your clock is set correctly. If possible, synchronize

+your clock with public time servers. 

+</p>

+

+<p>

+2. Make sure name resolution works (that is, your computer can resolve addresses correctly).

+</p>

+

+<p>

+3. Edit the bottom part of your torrc. (See <a

+href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#torrc">this

+FAQ entry</a> for help.)

+Make sure to define at least Nickname and ORPort. Create the DataDirectory

+if necessary, and make sure it's owned by the user that will be running

+tor. <em>If you want to run more than one server that's great, but

+please set <a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#MultipleServers">the

+MyFamily option</a> in all your servers' configuration files.</em>

+</p>

+

+<p>

+4. If you are using a firewall, open a hole in your firewall so

+incoming connections can reach the ports you configured (ORPort, plus

+DirPort if you enabled it). Make sure you allow all outgoing connections,

+so your server can reach the other Tor servers.

+</p>

+

+<p>

+5. Start your server: if you installed from source you can just

+run <tt>tor</tt>, whereas packages typically launch Tor from their

+initscripts or startup scripts. If it logs any warnings, address them. (By

+default Tor logs to stdout, but some packages log to <tt>/var/log/tor/</tt>

+instead. You can edit your torrc to configure log locations.)

+</p>

+

+<p>

+6. Subscribe to the <a

+href="http://archives.seul.org/or/announce/">or-announce</a>

+mailing list. It is very low volume, and it will keep you informed

+of new stable releases. You might also consider subscribing to <a

+href="http://archives.seul.org/or/talk/">or-talk</a> (higher volume),

+where new development releases are announced.

+</p>

+

+<p>

+7. Have a look at the manual.

+The <a href="<page tor-manual>">manual</a> for the

+latest stable version provides detailed instructions for how to install

+and use Tor, including configuration of client and server options.

+If you are running the CVS version the manual is available

+<a href="<page tor-manual-cvs>">here</a>.

+</p>

+

+<p>

+8. Read

+<a href="http://wiki.noreply.org/noreply/TheOnionRouter/OperationalSecurity">this document</a>

+to get ideas how you can increase the security of your server.

+<hr />

+<a id="two"></a>

+<h2><a class="anchor" href="#two">Step Two: Make sure it's working</a></h2>

+<br />

+

+<p>As soon as your server manages to connect to the network, it will

+try to determine whether the ports you configured are reachable from

+the outside. This may take up to 20 minutes. Look for a log entry like

+<tt>Self-testing indicates your ORPort is reachable from the outside. Excellent.</tt>

+If you don't see this message, it means that your server is not reachable

+from the outside — you should re-check your firewalls, check that it's

+testing the IP and port you think it should be testing, etc.

+</p>

+

+<p>When it decides that it's reachable, it will upload a "server

+descriptor" to the directories. This will let clients know

+what address, ports, keys, etc your server is using. You can <a

+href="http://belegost.seul.org/">load the directory manually</a> and

+look through it to find the nickname you configured, to make sure it's

+there. You may need to wait a few seconds to give enough time for it to

+make a fresh directory.</p>

+

+<hr />

+<a id="three"></a>

+<h2><a class="anchor" href="#three">Step Three: Register your nickname</a></h2>

+<br />

+

+<p>

+Once you are convinced it's working (after a day or two maybe), you should

+register your server.

+This reserves your nickname so nobody else can take it, and lets us

+contact you if you need to upgrade or something goes wrong.

+</p>

+

+<p>

+Send mail to <a

+href="mailto:tor-ops@freehaven.net">tor-ops@freehaven.net</a> with a

+subject of '[New Server] <your server's nickname>' and

+include the following information in the message:

+</p>

+<ul>

+<li>Your server's nickname</li>

+<li>The fingerprint for your server's key (the contents of the

+"fingerprint" file in your DataDirectory — on Windows, look in

+\<i>username</i>\Application&nbsp;Data\tor\ or \Application&nbsp;Data\tor\;

+on OS X, look in /Library/Tor/var/lib/tor/; and on Linux/BSD/Unix,

+look in /var/lib/tor or ~/.tor)

+</li>

+<li>Who you are, so we know whom to contact if a problem arises</li>

+<li>What kind of connectivity the new server will have</li>

+</ul>

+

+<hr />

+<a id="four"></a>

+<h2><a class="anchor" href="#four">Step Four: Once it's working</a></h2>

+<br />

+

+<p>

+We recommend the following steps as well:

+</p>

+

+<p>

+6. Decide what exit policy you want. By default your server allows

+access to many popular services, but we restrict some (such as port 25)

+due to abuse potential. You might want an exit policy that is

+less restrictive or more restrictive; edit your torrc appropriately.

+Read the FAQ entry on <a

+href="<page faq-abuse>#TypicalAbuses">issues you might

+encounter if you use the default exit policy</a>.

+If you choose a particularly open exit policy, you should make

+sure your ISP is ok with that choice.

+</p>

+

+<p>

+7. Decide about rate limiting. Cable modem, DSL, and other users

+who have asymmetric bandwidth (e.g. more down than up) should

+rate limit to their slower bandwidth, to avoid congestion. See the <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#LimitBandwidth">rate

+limiting FAQ entry</a> for details.

+</p>

+

+<p>

+8. If you control the name servers for your domain, consider setting

+your hostname to 'anonymous' or 'proxy' or 'tor-proxy', so when other

+people see the address in their web logs, they will more quickly

+understand what's going on.

+</p>

+

+<p>

+9. If your computer isn't running a webserver, please consider

+changing your ORPort to 443 and your DirPort to 80. Many Tor

+users are stuck behind firewalls that only let them browse the

+web, and this change will let them reach your Tor server. Win32

+servers can simply change their ORPort and DirPort directly

+in their torrc and restart Tor. OS X or Unix servers can't bind

+directly to these ports (since they don't run as root), so they will

+need to set up some sort of <a

+href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#ServerForFirewalledClients">

+port forwarding</a> so connections can reach their Tor server. If you are

+using ports 80 and 443 already but still want to help out, other useful

+ports are 22, 110, and 143.

+</p>

+

+<p>

+10. If your Tor server provides other services on the same IP address

+— such as a public webserver — make sure that connections to the

+webserver are allowed from the local host too. You need to allow these

+connections because Tor clients will detect that your Tor server is the <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">safest

+way to reach that webserver</a>, and always build a circuit that ends

+at your server. If you don't want to allow the connections, you must

+explicitly reject them in your exit policy.

+</p>

+

+<p>

+11. (Unix only). Make a separate user to run the server. If you

+installed the OS X package or the deb or the rpm, this is already

+done. Otherwise, you can do it by hand. (The Tor server doesn't need to

+be run as root, so it's good practice to not run it as root. Running

+as a 'tor' user avoids issues with identd and other services that

+detect user name. If you're the paranoid sort, feel free to <a

+href="http://wiki.noreply.org/wiki/TheOnionRouter/TorInChroot">put Tor

+into a chroot jail</a>.)

+</p>

+

+<p>

+12. (Unix only.) Your operating system probably limits the number

+of open file descriptors per process to 1024 (or even less). If you

+plan to be running a fast exit node, this is probably not enough. On

+Linux, you should add a line like "toruser hard nofile 8192" to your

+/etc/security/limits.conf file (where toruser is the user that runs the

+Tor process), and then restart Tor if it's installed as a package (or log

+out and log back in if you run it yourself). If that doesn't work, see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FileDescriptors">this

+FAQ entry</a> for other suggested ways to run "ulimit -n 8192" before

+you launch Tor.

+</p>

+

+<p>

+13. If you installed Tor via some package or installer, it probably starts

+Tor for you automatically on boot. But if you installed from source,

+you may find the initscripts in contrib/tor.sh or contrib/torctl useful.

+</p>

+

+When you change your Tor configuration, be sure to restart Tor, and

+remember to verify that your server still works correctly after the

+change.

+

+<hr />

+

+<p>If you have suggestions for improving this document, please post

+them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the

+website category. Thanks!</p>

+

+  </div><!-- #main -->

+</div>

+

+#include <foot.wmi>

+

@@ -0,0 +1,191 @@

+## translation metadata

+# Revision: $Revision$

+

+#include "head.wmi" TITLE="Tor Linux/BSD/Unix Install Instructions"

+

+<div class="center">

+

+<div class="main-column">

+

+<h1>Running the <a href="<page index>">Tor</a> client on Linux/BSD/Unix</h1>

+<br />

+

+<p>

+<b>Note that these are the installation instructions for running a Tor

+client. If you want to relay traffic for others to help the network grow

+(please do), read the <a

+href="<page tor-doc-server>">Configuring a server</a> guide.</b>

+</p>

+

+<hr />

+<a id="installing"></a>

+<h2><a class="anchor" href="#installing">Step One: Download and Install Tor</a></h2>

+<br />

+

+<p>

+The latest release of Tor can be found on the <a

+href="<page download>">download</a> page. We have packages for Debian,

+Red Hat, Gentoo, *BSD, etc there too.

+</p>

+

+<p>If you're building from source, first install <a

+href="http://www.monkey.org/~provos/libevent/">libevent</a>, and

+make sure you have openssl and zlib (including the -devel packages if

+applicable). Then Run <tt>tar xzf tor-0.1.0.15.tar.gz;

+cd tor-0.1.0.15</tt>. Then <tt>./configure &amp;&amp; make</tt>. Now you

+can run tor as <tt>src/or/tor</tt>, or you can run <tt>make install</tt>

+(as root if necessary) to install it into /usr/local/, and then you can

+start it just by running <tt>tor</tt>.

+</p>

+

+<p>Tor comes configured as a client by default. It uses a built-in

+default configuration file, and most people won't need to change any of

+the settings. Tor is now installed.

+</p>

+

+<hr />

+<a id="privoxy"></a>

+<h2><a class="anchor" href="#privoxy">Step Two: Install Privoxy for Web Browsing</a></h2>

+<br />

+

+<p>After installing Tor, you need to configure your applications to use it.

+</p>

+

+<p>

+The first step is to set up web browsing. Start by installing <a

+href="http://www.privoxy.org/">Privoxy</a>: click on 'recent releases'

+and pick your favorite package or install from source. Privoxy is a

+filtering web proxy that integrates well with Tor.

+</p>

+

+<p>You need to configure Privoxy to use Tor.

+Open Privoxy's "config" file (look in /etc/privoxy/ or /usr/local/etc/)

+and add the line <br>

+<tt>forward-socks4a / localhost:9050 .</tt><br>

+to the top of the config file. Don't forget to add the dot at the end.

+</p>

+

+<p>Privoxy keeps a log file of everything passed through it.  In

+order to stop this you will need to comment out two lines by inserting a

+# before the line. The two lines are:<br>

+<tt>logfile logfile</tt><br>

+and the line <br>

+<tt>jarfile jarfile</tt><br>

+</p>

+

+<p>You'll need to restart Privoxy for the changes to take effect.</p>

+

+<hr />

+<a id="using"></a>

+<h2><a class="anchor" href="#using">Step Three: Configure your applications to use Tor</a></h2>

+<br />

+

+<p>After installing Tor and Privoxy, you need to configure your

+applications to use them. The first step is to set up web browsing.</p>

+

+<p>If you're using Firefox (we recommend it), check out our <a

+href="<page tor-switchproxy>">Tor SwitchProxy howto</a> to set up

+a plugin that makes it easy to switch between using Tor and using a

+direct connection.</p>

+

+<p>Otherwise, you need to manually configure your browser to HTTP proxy

+at localhost port 8118.

+(That's where Privoxy listens.)

+In Mozilla, this is in Edit|Preferences|Advanced|Proxies.

+In Opera 7.5x it's Tools|Preferences|Network|Proxy servers.

+You should click the "use the same proxy server for all protocols"

+button; but see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this

+note</a> about Tor and ftp proxies.

+

+<p>Using privoxy is <strong>necessary</strong> because <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">browsers

+leak your DNS requests when they use a SOCKS proxy directly</a>, which

+is bad for your anonymity. Privoxy also removes certain dangerous

+headers from your web requests, and blocks obnoxious ad sites like

+Doubleclick.</p>

+

+<p>To Torify other applications that support HTTP proxies, just

+point them at Privoxy (that is, localhost port 8118). To use SOCKS

+directly (for instant messaging, Jabber, IRC, etc), you can point

+your application directly at Tor (localhost port 9050), but see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">this

+FAQ entry</a> for why this may be dangerous. For applications

+that support neither SOCKS nor HTTP, take a look at <a

+href="http://tsocks.sourceforge.net/">tsocks</a> or <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO#socat">socat</a>.

+</p>

+

+<p>For information on how to Torify other applications, check out the

+<a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">Torify

+HOWTO</a>.

+</p>

+

+<hr />

+<a id="verify"></a>

+<h2><a class="anchor" href="#verify">Step Four: Make sure it's working</a></h2>

+<br />

+

+<p>

+Next, you should try using your browser with Tor and make

+sure that your IP address is being anonymized. Click on the <a

+href="http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1">Tor

+detector</a> and see whether it thinks you're using Tor or not.

+(If that site is down, see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate">this

+FAQ entry</a> for more suggestions on how to test your Tor.)

+</p>

+

+<p>If you have a personal firewall that limits your computer's

+ability to connect to itself (this includes something like SELinux on

+Fedora Core 4), be sure to allow connections from

+your local applications to Privoxy (local port 8118) and Tor (local port

+9050). If

+your firewall blocks outgoing connections, punch a hole so

+it can connect to at least TCP ports 80 and 443, and then see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FirewalledClient">this

+FAQ entry</a>.  If your SELinux config is not allowing tor or privoxy to

+run correctly, create a file named booleans.local in the directory

+/etc/selinux/targeted.  Edit this file in your favorite text editor and

+insert "allow_ypbind=1".  Restart your machine for this change to take

+effect.

+</p>

+

+<p>If it's still not working, look at <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ItDoesntWork">this

+FAQ entry</a> for hints.</p>

+

+<hr />

+<a id="server"></a>

+<h2><a class="anchor" href="#server">Step Five: Configure it as a server</a></h2>

+<br />

+

+<p>The Tor network relies on volunteers to donate bandwidth. The more

+people who run servers, the faster the Tor network will be. If you have

+at least 20 kilobytes/s each way, please help out Tor by configuring your

+Tor to be a server too. We have many features that make Tor servers easy

+and convenient, including rate limiting for bandwidth, exit policies so

+you can limit your exposure to abuse complaints, and support for dynamic

+IP addresses.</p>

+

+<p>Having servers in many different places on the Internet is what

+makes Tor users secure. <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You

+may also get stronger anonymity yourself</a>,

+since remote sites can't know whether connections originated at your

+computer or were relayed from others.</p>

+

+<p>Read more at our <a href="<page tor-doc-server>">Configuring a server</a>

+guide.</p>

+

+<hr />

+

+<p>If you have suggestions for improving this document, please post

+them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the

+website category. Thanks!</p>

+

+  </div><!-- #main -->

+</div>

+

+#include <foot.wmi>

+

@@ -0,0 +1,191 @@

+## translation metadata

+# Revision: $Revision$

+

+#include "head.wmi" TITLE="Tor MS Windows Install Instructions"

+

+<div class="center">

+

+<div class="main-column">

+

+<h1>Running the <a href="<page index>">Tor</a> client on MS Windows</h1>

+<br />

+

+<p>

+<b>Note that these are the installation instructions for running a Tor

+client on MS Windows (98, 98SE, NT4, 2000, XP, Server).

+If you want to relay traffic for others to help the network grow (please

+do), read the <a href="<page tor-doc-server>">Configuring a server</a>

+guide.</b>

+</p>

+

+<hr />

+<a id="installing"></a>

+<h2><a class="anchor" href="#installing">Step One: Download and Install Tor</a></h2>

+<br />

+

+<p>

+The install for MS Windows bundles <a href="<page index>">Tor</a>,

+<a href="http://www.freehaven.net/~edmanm/torcp/">TorCP</a>

+(a Tor controller that lets you monitor and control Tor), and <a

+href="http://www.privoxy.org">Privoxy</a> (a filtering web proxy) into

+one package, with the three applications pre-configured to work together.

+<a href="<page download>">Download either the stable or

+the experimental version from the download page</a>.

+</p>

+

+<p>

+<b>If you want to configure yourself to be a Tor server via TorCP,

+you will need the experimental version of the bundle.</b>

+</p>

+

+<p>If the bundles don't work for you, you can download Tor by itself

+from the <a href="<page download>">download page</a>, and then <a

+href="<page tor-doc-unix>#privoxy">install

+and configure Privoxy on your own</a>.

+</p>

+

+<img alt="tor installer splash page"

+src="http://tor.eff.org/img/screenshot-win32-installer-splash.png" />

+

+<p>If you have previously installed Tor, TorCP, or Privoxy

+you can deselect whichever components you do not need to install

+in the dialog shown below.

+</p>

+

+<img alt="select components to install"

+src="http://tor.eff.org/img/screenshot-win32-installer-components.png" />

+

+<p>After you have completed the installer, the components

+you selected will automatically be started for you.

+</p>

+

+<!--

+<p>Tor comes configured as a client by default. It uses a built-in

+default configuration file, and most people won't need to change any of

+the settings. Tor is now installed.

+</p>

+-->

+

+<hr />

+<a id="using"></a>

+<h2><a class="anchor" href="#using">Step Two: Configure your applications to use Tor</a></h2>

+<br />

+

+<p>After installing Tor and Privoxy, you need to configure your

+applications to use them. The first step is to set up web browsing.</p>

+

+<p>If you're using Firefox (we recommend it), check out our <a

+href="<page tor-switchproxy>">Tor SwitchProxy howto</a> to set up

+a plugin that makes it easy to switch between using Tor and using a

+direct connection.</p>

+

+<p>Otherwise, you need to manually configure your browser to HTTP proxy

+at localhost port 8118.

+(That's where Privoxy listens.)

+In Mozilla, this is in Edit|Preferences|Advanced|Proxies.

+In Opera 7.5x it's Tools|Preferences|Network|Proxy servers.

+In IE, it's Tools|Internet Options|Connections|LAN Settings|Advanced.

+You should click the "use the same proxy server for all protocols"

+button; but see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this

+note</a> about Tor and ftp proxies.

+In IE, this looks something like:</p>

+

+<img alt="Proxy settings in IE"

+src="http://tor.eff.org/img/screenshot-win32-ie-proxies.jpg" />

+

+<p>Using Privoxy is <strong>necessary</strong> because <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">browsers

+leak your DNS requests when they use a SOCKS proxy directly</a>, which

+is bad for your anonymity. Privoxy also removes certain dangerous

+headers from your web requests, and blocks obnoxious ad sites like

+Doubleclick.</p>

+

+<p>To Torify other applications that support HTTP proxies, just

+point them at Privoxy (that is, localhost port 8118). To use SOCKS

+directly (for instant messaging, Jabber, IRC, etc), you can point

+your application directly at Tor (localhost port 9050), but see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">this

+FAQ entry</a> for why this may be dangerous. For applications

+that support neither SOCKS nor HTTP, take a look at <a

+href="http://www.socks.permeo.com/Download/SocksCapDownload/index.asp">SocksCap</a> or

+<a href="http://www.freecap.ru/eng/">FreeCap</a>.

+(FreeCap is free software; SocksCap is proprietary.)</p>

+

+<p>For information on how to Torify other applications, check out the

+<a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">Torify

+HOWTO</a>.

+</p>

+

+<hr />

+<a id="verify"></a>

+<h2><a class="anchor" href="#verify">Step Three: Make sure it's working</a></h2>

+<br />

+

+<p>

+Check to see that Privoxy and TorCP are running and that TorCP has

+successfully started Tor. Privoxy's icon is a green or blue circle with a "P"

+in it, and TorCP uses a fat grey onion with a green checkmark in your

+system notification area, as shown below:

+</p>

+

+<img alt="TorCP Tray Icon"

+src="http://tor.eff.org/img/screenshot-win32-torcp.png">

+

+<p>

+Next, you should try using your browser with Tor and make

+sure that your IP address is being anonymized. Click on the <a

+href="http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1">Tor

+detector</a> and see whether it thinks you're using Tor or not.

+(If that site is down, see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate">this

+FAQ entry</a> for more suggestions on how to test your Tor.)

+</p>

+

+<p>If you have a personal firewall that limits your computer's

+ability to connect to itself, be sure to allow connections from

+your local applications to local port 8118 and port 9050. If

+your firewall blocks outgoing connections, punch a hole so

+it can connect to at least TCP ports 80 and 443, and then see <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FirewalledClient">this

+FAQ entry</a>.

+</p>

+

+<p>If it's still not working, look at <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ItDoesntWork">this

+FAQ entry</a> for hints.</p>

+

+<hr />

+<a id="server"></a>

+<h2><a class="anchor" href="#server">Step Four: Configure it as a server</a></h2>

+<br />

+

+<p>The Tor network relies on volunteers to donate bandwidth. The more

+people who run servers, the faster the Tor network will be. If you have

+at least 20 kilobytes/s each way, please help out Tor by configuring your

+Tor to be a server too. We have many features that make Tor servers easy

+and convenient, including rate limiting for bandwidth, exit policies so

+you can limit your exposure to abuse complaints, and support for dynamic

+IP addresses.</p>

+

+<p>Having servers in many different places on the Internet is what

+makes Tor users secure. <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You

+may also get stronger anonymity yourself</a>,

+since remote sites can't know whether connections originated at your

+computer or were relayed from others.</p>

+

+<p>Read more at our <a href="<page tor-doc-server>">Configuring a server</a>

+guide.</p>

+

+<hr />

+

+<p>If you have suggestions for improving this document, please post

+them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the

+website category. Thanks!</p>

+

+  </div><!-- #main -->

+</div>

+

+#include <foot.wmi>

+

@@ -0,0 +1,158 @@

+## translation metadata

+# Revision: $Revision$

+

+#include "head.wmi" TITLE="Tor SwitchProxy Install Instructions"

+

+<div class="center">

+

+<div class="main-column">

+

+<h1>Installing SwitchProxy for <a href="<page index>">Tor</a></h1>

+<hr />

+

+<p>

+SwitchProxy is a Firefox plugin that makes it easy for you to switch

+between using a proxy and connecting to websites directly.</p>

+

+<p>In this howto, you'll set up SwitchProxy to let you change

+between using Tor and a direct connection. We assume you already

+have Firefox installed and working.</p>

+

+<p>The screenshots here are oriented towards Windows users, but

+SwitchProxy works anywhere Firefox works. Hopefully everybody else can

+follow along just fine.</p>

+

+<hr />

+<a id="zero"></a>

+<h2><a class="anchor" href="#zero">Step Zero: Download and Install Tor and Privoxy</a></h2>

+<br />

+

+<p>Before you start, you need to make sure 1) Tor is up and running,

+2) Privoxy is up and running, and 3) Privoxy is configured to point

+to Tor.</p>

+

+<p>Windows users need to do <a

+href="<page tor-doc-win32>#installing">step one</a>

+of the Windows Tor installation howto, and Mac OS X users need to do <a

+href="<page tor-doc-osx>#installing">step one</a>

+of OS X Tor installation howto, since our Win32 and OS X packages include

+Privoxy and configure it already. Linux/BSD/Unix users should do <a

+href="<page tor-doc-unix>#installing">step one</a>

+and <a href="<page tor-doc-unix>#privoxy">step

+two</a> of the Unix Tor installation howto.

+</p>

+

+<hr />

+<a id="one"></a>

+<h2><a class="anchor" href="#one">Step One: Download and Install SwitchProxy</a></h2>

+<br />

+

+<p>SwitchProxy is a Firefox plugin, so you need to go through

+the process of installing a new plugin. First, go to the <a

+href="https://addons.mozilla.org/extensions/moreinfo.php?application=firefox&id=125">

+SwitchProxy</a> web page. If you're using Firefox 1.5, you might need to 

+download SwitchProxy <a href="http://www.roundtwo.com/product/switchproxy">from

+here</a> instead.

+Turn on JavaScript for now and click "Install Now":</p>

+

+<img alt="switchproxy web page"

+src="http://tor.eff.org/img/screenshot-switchproxy-webpage.jpg" />

+

+<p>It will pop up a window asking for permission to install the plugin.

+Click on the "Install Now" button:

+</p>

+

+<img alt="firefox plugin warning"

+src="http://tor.eff.org/img/screenshot-switchproxy-plugin-starting.jpg" />

+

+<p>Once the installer is finished, you should close all of your Firefox

+windows and restart Firefox.</p>

+

+<img alt="firefox plugin finished"

+src="http://tor.eff.org/img/screenshot-switchproxy-plugin-finished.jpg" />

+

+<hr />

+<a id="two"></a>

+<h2><a class="anchor" href="#two">Step Two: Configure SwitchProxy</a></h2>

+<br />

+

+<p>When you restart Firefox, you'll notice there's a new toolbar

+that lets you control your proxies. Now we're going to set up a proxy

+configuration for Tor. Click on "Add" in the new Proxy toolbar:</p>

+

+<img alt="new toolbar"

+src="http://tor.eff.org/img/screenshot-switchproxy-toolbar.jpg" />

+

+<p>It will ask you to select a proxy type. Choose

+"Standard." (There's also an "anonymous" proxy type that

+uses an ad hoc set of anonymous proxies out there. You

+don't want this, because those other "anonymous" proxies <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ComparisonProxyAggregators">give

+you much weaker security than Tor</a>.)

+</p>

+

+<img alt="standard proxy"

+src="http://tor.eff.org/img/screenshot-switchproxy-proxytype.jpg" />

+

+<p>Now it will show you the standard proxy config window for Firefox.

+Give this configuration a proxy label of "tor". Then fill in "localhost"

+and "8118" for all four entries, as shown here. (Even

+though Privoxy doesn't support FTP and Gopher, <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">you

+should set them up anyway</a>.) Then click "OK":</p>

+

+<img alt="proxy config"

+src="http://tor.eff.org/img/screenshot-switchproxy-proxyconfig.jpg" />

+

+<p>Now you've created the "tor" proxy label, but you're not using it yet.

+Click on the pull-down list and select tor, as shown here:</p>

+

+<img alt="switch to tor"

+src="http://tor.eff.org/img/screenshot-switchproxy-switch.jpg" />

+

+<p>Almost done. Click "Apply" to make your change take effect:</p>

+

+<img alt="apply"

+src="http://tor.eff.org/img/screenshot-switchproxy-apply.jpg" />

+

+<p>Done! Firefox will reload your current page. In

+this example screenshot, it reloaded the page and <a

+href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#GoogleLanguage">happened

+to get a German exit node</a>:</p>

+

+<img alt="german google"

+src="http://tor.eff.org/img/screenshot-switchproxy-german.jpg" />

+

+<hr />

+<a id="three"></a>

+<h2><a class="anchor" href="#three">Step Step Three: Check if it works</a></h2>

+<br />

+

+<p>Now Firefox is using Privoxy as an HTTP proxy, Privoxy is using Tor as

+a socks4a proxy, and Tor is making your connections to the Internet.</p>

+

+<p>In the above example, it was clear that it worked because the web

+page showed up in a different language. In other cases, though,

+you'll want to verify that your setup is working. Do

+<a href="<page tor-doc-win32>#verify">step three</a>

+of the Windows Tor installation howto, or

+<a href="<page tor-doc-osx>#verify">step three</a>

+of the OS X Tor installation howto.</p>

+

+<p>You should be aware of one anonymity gotcha: when you switch from

+using Tor to a direct connection (or vice versa), by default the page

+that's currently active will be reloaded through the new proxy setting.

+So make sure you're on a page that isn't sensitive, before switching.

+(You can also change this behavior in SwitchProxy's "Options |

+Preferences" menu.)</p>

+

+<hr />

+

+<p>If you have suggestions for improving this document, please <a

+href="/contact">send them to us</a>. Thanks!</p>

+

+  </div><!-- #main -->

+</div>

+

+#include <foot.wmi>

+