[[TOC(depth=4)]] '''Written:''' 2018-06-20 (Jaruga) = Tor-Friendly Programs = There are a lot of programs that currently support safe Tor configurations, and this trend continues to grow all the time. This page aims to create an index of the documented software torifying guides that can be found in the pages of this wiki, the official documentation and a few other trusted sources. [[br]] == Tor libraries == * [https://code.google.com/p/toras/ TorAS]: An ActionScript (Adobe AIR / Flash) implementation of the Tor control(v1) and SOCKS5 client protocols. * [https://github.com/guardianproject/jtorctl jtorctl]: A Java library for controlling a Tor instance via its control port. * [https://github.com/JesusMcCloud/netlayer NetLayer]: A Kotlin/Java8 library for tunneling traffic through Tor and hosting hidden services. Currently used by Bisq (a decentralized Bitcoin exchange). * [https://meejah.ca/projects/txtorcon txtorcon]: A Python+Twisted library for tunneling traffic through Tor, hosting Onion services and controlling or launching a Tor instance == SOCKS libraries == * [https://github.com/fengyouchao/sockslib SocksLib]: SOCKS client and server library for Java. Supports username/password authentication, so stream isolation should be feasible. * [https://github.com/ravn/jsocks jsocks]: SOCKS client and server library for Java. Appears to support username/password authentication, so stream isolation should be feasible. Currently used by Bisq (a decentralized Bitcoin exchange). * [https://github.com/Anorov/PySocks PySocks]: SOCKS client library for Python. Supports username/password authentication, so stream isolation should be feasible. * [https://github.com/igniterealtime/Smack/tree/master/smack-core/src/main/java/org/jivesoftware/smack/proxy Smack Proxy]: SOCKS client library for Java. Supports username/password authentication, so stream isolation should be feasible. Currently used by Smack (an XMPP library) and Zom (an Android XMPP client). == SOCKS wrappers == === Torsocks === Torsocks is a torifying wrapper that is primarily used to redirect all the network traffic of individual SOCKS-friendly applications through the Tor network. It also ensures DNS queries are handled correctly and explicitly blocks all UDP traffic from the application in question. Torsocks is the successor of tsocks and is still actively maintained. It is simply packaged as torsocks and is available (and often automatically included with the tor package) in many *nix based distributions. Configuration instructions: [wiki:doc/torsocks] === Proxychains-ng === When proxychains become unmaintained, proxychains-ng (new generation) took its place. It is a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. Configuration instructions: [https://github.com/rofl0r/proxychains-ng] == Internet Relay Chat clients == For general IRC security and privacy related information, see [wiki:doc/TorifyHOWTO/IRC this page]. === HexChat === HexChat is an open-source, cross-platform internet relay chat client. It has several security-oriented features such as OTR, an easy-to-use graphical interface, a simplistic window layout and includes all the basic functions of most popular IRC clients. HexChat also has a plugin system with support for various languages that allows for dynamic modifications and extensions. Configuration instructions: [wiki:doc/TorifyHOWTO/HexChat] === WeeChat === Weechat (or 'Wee Enhanced Environment for Chat') is a terminal-based free and open-source Internet Relay Chat client. It focuses heavily on being fast, lightweight and highly extensible. Weechat is available for download and use on *NIX based systems (GNU/Linux, BSD and MacOS) and is found in the repositories of many major distributions. It supports a number of additional features such as IPv6, TLS/SSL, OTR and proxy configurations. Configuration instructions: [wiki:doc/TorifyHOWTO/WeeChat] === Irssi === Irssi is a free and open-source Internet Relay Chat client originally released in 1999. It is intended to be lightweight, and offers fine-grained control over security and extensions. Irssi is primarily for *NIX based operating systems (GNU/Linux, BSD, MacOS), though it is also available for use on Windows. Configuration instructions: [wiki:doc/TorifyHOWTO/irssi] == Instant messaging platforms == === Mumble === Mumble is an open source low-latency VoIP (Voice over IP) chat software primarily intended for use while gaming. It is distributed under the New BSD License. Users can use Mumble to connect to the public server or set up their own server to connect to with Murmur, allowing one to communicate with multiple parties at once by voice-over chat. Configuration instructions: [wiki:doc/TorifyHOWTO/Mumble] === Messaging applications === Several instant messaging programs and protocols are compatible with Tor. There is a comprehensive and updated list of popular encrypted messaging applications, XMPP software and more available [wiki:doc/TorifyHOWTO/InstantMessaging on this wiki page]. == Email clients == For general email torifying information, see [doc/TorifyHOWTO/EMail this page]. === Thunderbird === Thunderbird is a free and open-source mail, RSS, news and chat client originally by the Mozilla Project. It is available for download on Windows, MacOS and Linux, and is commonly found in the repositories of many major UNIX distributions. Configuration instructions: [wiki:doc/TorifyHOWTO/EMail/Thunderbird] == Tor controllers == === Nyx === Nyx is a command-line application for monitoring real time Tor status information. This includes bandwidth usage, logs, connections, configuration, and more. As a curses interface Nyx is particularly well suited for ssh connections, tty terminals, and command-line aficionados. Configuration instructions: [https://nyx.torproject.org] === carml === carml is a command-line program for monitoring and controlling aspects of a running Tor instance. Most sub-commands are friendly for command-line use via `grep` etc. Can set up v2 and v3 Onion services. [https://meejah.ca/projects/carml] === ProxAllium === [https://proxallium.dtw.tools ProxAllium] is a GUI frontend/wrapper for Tor. It displays useful information such as the status of the running Tor instance and the connection details for the proxy, can be minimized to the tray, a good way to run and use Tor without the browser! Can configure and run Tor with secure settings out of the box. === tor-arm === Command-line monitor for Tor relays. Discontinued; was succeeded by Nyx. == Package managers == === APT === APT (Advanced Package Tool) is a free software user interface that works with core libraries to handle the installation and removal of software on Linux/UNIX distributions. Configuration instructions: [wiki:doc/TorifyHOWTO/apt] === DNF === Dandified YUM (or 'DNF') is a package manager for rpm-based distributions that is utilises core libraries (or 'repositories') to facilitate the installation and removal of software. DNF is a modernised version of YUM. Configuration instructions: [wiki:doc/TorifyHOWTO/dnf] == Shell software == === SSH === Secure Shell (SSH) is an encrypted network protocol for utilizing network services securely over an unsecured network. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. Configuration instructions: [wiki:doc/TorifyHOWTO/ssh] === PuTTY === PuTTY is an open-source terminal emulator, serial console and network file transfer application that supports several network protocols including SCP, SSH, Telnet, rlogin, and raw socket connections. While it was originally written for Windows, it has been ported to many operating systems including macOS and GNU/Linux. Configuration instructions: [wiki:doc/TorifyHOWTO/Putty] == File transfer == === Filezilla === Filezilla is a widely used open-source, cross-platform file transfer client originally released in 2001. It features a graphical user interface and a considerable variety of configuration options. Filezilla offers client-side support for SCP, FTP, SFTP and FTPS connections, and is a popular choice for Windows users that utilise these protocols. Configuration instructions: [wiki:doc/TorifyHOWTO/Filezilla] === Wget for FTP/S === Wget is a flexible multiprotocol command-line file retrieval program. It can also can provide FTP/S functionality from the command line. Configuration instructions: [wiki:doc/TorifyHOWTO/FTP] == DNS resolvers == === Tor-resolve === Tor-resolve is a commandline utility that comes packaged alongside tor that is used for converting hostnames into IP addresses. It routes its queries via the Tor network. == Encryption tools == === Gnu Privacy Guard (GnuPG === GnuPG (or 'GPG' for short) is free and open-source software that allows users to generate and utilise asymmetric cryptographic key pairs (most commonly known as public and private keys) to secure communications over the internet. Configuration instructions: [wiki:doc/TorifyHOWTO/GnuPG] == Fetching programs == (can also be regarded as browsing, but it's a more advanced usage of these programs listed, esp. Curl) === Wget === Wget is a flexible multiprotocol command-line file retrieval program. Configuration instructions: [wiki:doc/TorifyHOWTO/Misc#WgetHTTP] === cURL === cURL is a flexible, multipurpose command line tool that can perform a large variety of tasks. Configuration instructions: [wiki:doc/TorifyHOWTO/Misc#cURL] == Multipurpose relays == === Socat === ​Socat is a command line based utility that establishes two bidirectional data streams and transfers between them. This data can take many forms such as files, pipes, devices (terminal or modems), or sockets (UNIX, IPv4, IPv6, TCP, SSL etc). It is for this reason that it and similar tools are often referred to as multipurpose relays. Configuration instructions: [wiki:doc/TorifyHOWTO/socat] == Tor-Friendly browsers == The '''ONLY''' recommended and supported browser to use with Tor is the official Tor Browser. It can be downloaded [https://www.torproject.org/download/download-easy.html.en here]. That is so if we talk about the very complex browsers of the regular users' world. I.e. neither is Chrome/Chromium, nor Opera, nor any of the Microsoft or Mac browsers supported for use with Tor, and neither is the stock Firefox supported, but only the Tor-team modified Firefox offered as TorBrowser (link given above). However, some people regard, and rightly so, Wget and Curl, mentioned above, as browsers in some ways. And there are a few text browsers that can be safely used with Tor. === Lynx === '''Written:''' 2018-11-17 (by mathew) Lynx is a text browser, Javascript-free, and it is very safe to use with Tor. Mostly deployed in Unix family of OSes. You can create an alias in your .bashrc or you can create a script like this one ''/usr/local/bin/t_lynx'': {{{ #!/bin/sh torsocks /usr/bin/lynx -noreferer $@ }}} The ''-noreferer'' is important not to leak your IP. Once you have such a script in place, you can run it like this: {{{ $ t_lynx }}} Of course, you can first try Lynx in a terminal like this: {{{ $ torsocks lynx -noreferer }}} to see how you like it, and if you do understand the usefulness of no-bloat, no-frills, and can cope with the lack of GUI and Javascript --indispensable for some browsing-- then the script will be your good friend. The GUI comfort is lacking, but you can still get lots of browsing and tasks done, just as with the GUI Firefox of the TorBrowser, but without the huge-attack surface the Firefox is guarrantied to give. Ah, and another missing feature there is to mention. Torsock'd Lynx currently can't connect to Onion sites. == Virtual Machines == === Whonix === Whonix is a desktop operating system designed for advanced security and privacy. Whonix mitigates the threat of common attack vectors while maintaining usability. Online anonymity is realized via fail-safe, automatic, and desktop-wide use of the Tor network. Official site: [https://Whonix.org]