How to change Tor exit node when using multiple SocksPort - tor

I'm using Tor with multiple SocksPort. Does anyone know how I can programmatically change the exit for each SockPort separately? The code below changes the exit nodes for all the SocksPort -- I want to be able to do it individually. Is there a way to assign a separate control port to each SocksPort or tell the control port to change the exit node for a specific SocksPort?
echo -e 'AUTHENTICATE "password"\r\nsignal NEWNYM\r\nQUIT' | nc 127.0.0.1 9051
I'm on Linux. Thanks.

Related

Why HTTP ports stay open when using them by Nodejs servers?

I have a problem when launching a Nodejs script that listens in one of the HTTP ports. Sometimes, even if I stop the script, the used HTTP port stays "in use", making it impossible to use it another time. Today, i've set up NGINX in my linux and all the HTTP ports were "in use". I was obliged to restart my computer to solve the problem.
I wanted to know why is this happening ? What can i do to prevent it ? and in case an HTTP port stays "in use", how can i close it to be able to use again ?
Thanks for your help.
This is applicable only on Linux and MacOS, you can list all your used ports like that:
sudo lsof -i -P -n | grep LISTEN
Read more here about how to check if a port is in use: https://www.cyberciti.biz/faq/unix-linux-check-if-port-is-in-use-command/
You can also list the node processes:
top | grep node
or
ps -ef | grep node
Then you can kill the node processes like that:
killall node
Make sure that when you want to stop the server you are pressing CTRL + C

Fetching variable value through ssh from destination to source server

This is my first question on StackOverFlow. I'm trying to write a shell script on a source server from where I need to connect to another server to get some value and store it in a variable. Then I need to disconnect from the destination server and use that variable in rest of the script. The below logic which I'm trying to use doesn't yields any result.
ssh <Destination server IP>
status=sudo systemctl status httpd | grep active
Now I'm expecting status variable should contain the status of the httpd service of the destination server which I can use in current source server script, but the value is blank.
Also it must disconnect from the destination server. Not sure how to proceed with this.
Can someone please assist in this ?
Thanks in advance.
You can execute from the client server:
ssh user#destination-server-ip 'bash -s' < your-command.sh > your-script.sh
when your-command is like:
status=sudo systemctl status httpd | grep active
echo status
and your your-script.sh must read status from standard input.
In example, maybe exists better solutions.

How can I find available but unoccupied ports on a Linux box?

Specifically RHEL 6.5
It's a Dev box and we have certain port ranges we are permitted for development use.
...unfortunately, getting a tech's attention to find out what ports are available is like pulling teeth. Would prefer a script or alias that does this so that we don't have to ask all the time. Clues? Is this an iptables command or is it a netstat command or some weird combo? nmap is not available on this machine.
Please don't say this is a Server Fault question. They say it's a programming question. :-|
Definitely a SF question but here we go. From the dev box itself (command line) you should be able to see what ports are in use with the netstat tool.
To see the list of listening ports both UDP and TCP, complete with the program names:
# preferably as root
netstat --listening --program --numeric-ports --protocol=ip -6 -4
From another machine, you can use nmap or a similar tool to see what ports are open/listening by scanning the IP address assigned to the dev box. Before trying this, maybe you should ask for permission. Also, you should consider that the box in question might have firewall rules in place that can thwart your scanning attempts.
To see what firewall rules are in place in the dev box try:
# as root
iptables -nvxL -t filter
# maybe there are NAT rules, redirects to other addresses, etc.
iptables -nvxL -t nat
To see what these iptables options do, try man iptables.
As an example, assuming 172.16.0.1 is the IP address assigned to the dev box, to run nmap in the simplest way possible:
# preferably as root
nmap -v 172.16.0.1
In a few minutes you should see a list of ports/services listening in that relevant box.
Try man nmap and read the documentation for more details.
If you really think this is a programming issue, you can use the netcat tool and program a simple script to do something roughly equivalent to what nmap does.
#!/bin/bash
#
# DISCLAIMER: NOT TESTED -- just an example
# NOTE: This will take many DAYS to complete
HOST=172.16.0.1
for port in `seq 1 65535`
do
echo "Trying ${port}..."
netcat -vvv ${HOST} $port -w 1 -z
done
For every open TCP port you should see a line similar to this:
Connection to 172.16.0.1 23 port [tcp/telnet] succeeded!

How to run multiple Tor processes at once with different exit IPs?

I am brand new to Tor and I feel like multiple Tors should be considered. The multiple tors I mentioned here are not only multiple instances, but also using different proxy ports for each, like what has been done here
http://www.howtoforge.com/ultimate-security-proxy-with-tor)
I am trying to get started with 4 Tors. However, the tutorial applies only to Arch Linux and I am using a headless EC2 ubuntu 64bits. It is really a pain going through the differences between Arch and Ubuntu. And here I am wondering is there anyone could offer some help to implement my idea simplicitly.
Four Tors running at the same time each with an individual port, privoxy or polipo or whatever are ok once it works.
Like:
8118 <- Privoxy <- TOR <- 9050
8129 <- Privoxy <- TOR <- 9150
8230 <- Privoxy <- TOR <- 9250
8321 <- Privoxy <- TOR <- 9350
In this way, if I try to return the ip of 127.0.0.1:8118, 8129, 8230 and 8321, they should return four different ips, which indicates there are four different Tors running at the same time. Then, a few minutes later, check again, all four of them should have a new ips again.
I know my simple 'dream' could come true in many ways, however... I am not only new to Tor, but even also to bash and python... That is why I come here and see whether some of you could light me up.
These links might be useful:
http://blog.databigbang.com/distributed-scraping-with-multiple-tor-circuits/
https://www.torservers.net/wiki/setup/server#multiple_tor_processes
Best,
btw, if I run
$ ps -A | grep 'tor'
i have several instances there, however with "?" under the tty column, what does that mean since I know tty means terminals?
Create four torrc files, say /etc/tor/torrc.1 to .4.
In each file, edit the lines:
SocksPort 9050
ControlPort 9051
DataDirectory /var/lib/tor
to use different resources for each torrc file, e.g. for for torrc.1:
SocksPort 9060
ControlPort 9061
DataDirectory /var/lib/tor1
for torrc.2,
SocksPort 9062
ControlPort 9063
DataDirectory /var/lib/tor2
and so on.
A configuration file containing only the above lines will work: you can delete every other line from the default template if you feel like it.
DataDirectory can also be relative to the current directory where tor is launched, e.g.:
DataDirectory d1
Then start tor like this:
tor -f /etc/tor/torrc.1
tor -f /etc/tor/torrc.2
and so on for the other two files.
This will create four different Socks5 servers on the four ports. Each one will open a different circuit, which is what you want.
Chaining Tor is recommended against. You may get worse anonymity, not better anonymity.
Doing so produces undefined and potentially unsafe behavior. In theory, however, you can get six hops instead of three, but it is not guaranteed that you'll get three different hops - you could end up with the same hops, maybe in reverse or mixed order. It is not clear if this is safe. It has never been discussed.
You can ​choose an entry/exit point, but you get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry / exit nodes can mess up your anonymity in ways we don't understand. Therefore Tor over Tor usage is highly discouraged.
You should only mess with Tor's routing algorithm, if you are more clever than the Tor developers.
The use of privoxy / polipo has been deprecated by The Tor Project long time ago. You are recommended to only use Tor Browser. Only Tor Browser gives you an unified web fingerprint and you won't stand out.
Since Tor version 0.2.3, different Socks,- Dns-, or TransPorts go through different circuits, therefore preventing identity correlation. The term for this is stream isolation. Do get this, you can add to torrc...
SocksPort 9050
SocksPort 9052
SocksPort 9053
SocksPort 9054
#...
...and they will all go thought different circuits.
When you are using Tor Browser, you can also use Tor Button's new identity feature. Click on Tor Button (the green onion) and choose new identity. This will reset all browser states and change Tor's circuit.
(And it's Tor, not TOR.)
Note, when using stream isolation, going through different circuits does not guarantee getting different Tor exit nodes. Sometimes Tor will only use a different entry guard or middle relay. This is normal.
I tried the torrc.1 ,torrc.2 etc...but it didn't work.
However this one worked:
Stop the tor process by : /etc/init.d/tor stop
Open gedit /etc/tor/torrc (If you are not root put sudo before it to access as root)
Search for SocksPort 9050
Now put whatever ports you want to be as stream ports (SocksPort 9060 ,SocksPort 9070,SocksPort 9080 ....etc.)
Search for ControlPort 9051
Now put whatever ports you want to be as stream ports (ControlPort 9061 ,ControlPort 9071,ControlPort 9081 ....etc.) NOTICE THAT CONTROL PORT IS ALWAYS SOCKSPORT+1
Start the tor process again : /etc/init.d/tor start
Check the tor status /etc/init.d/tor status
it should show something like that:
tor.service - Anonymizing overlay network for TCP
Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2016-05-13 22:18:21 GST; 1s ago
Process: 10259 ExecReload=/bin/kill -HUP ${MAINPID} (code=exited, status=0/SUCCESS)
Process: 10319 ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config (code=exited, status=0/SUCCESS)
Process: 10317 ExecStartPre=/usr/bin/install -Z -m 02750 -o debian-tor -g debian-tor -d /var/run/tor (code=exited, status=0/SUCCESS)
Main PID: 10322 (tor)
CGroup: /system.slice/tor.service
└─10322 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.860 [notice] Tor v0.2.6.10 (git-71459b2fe953a1c0) running on Linux with Li... 1.2.8.
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.860 [notice] Tor can't help you if you use it wrong! Learn how to be safe ...warning
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.860 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.860 [notice] Read configuration file "/etc/tor/torrc".
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Socks listener on 127.0.0.1:9050
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Socks listener on 127.0.0.1:9060
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Control listener on 127.0.0.1:9051
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Control listener on 127.0.0.1:9061
May 13 22:18:20 momen-Lenovo tor[10322]: May 13 22:18:20.863 [notice] Opening Control listener on /var/run/tor/control
May 13 22:18:21 momen-Lenovo systemd[1]: Started Anonymizing overlay network for TCP.
Hint: Some lines were ellipsized, use -l to show in full.
Make a tor configuration directory:
$> mkdir -p ~/configuration_files/tor
$> config=~/configuration_files/tor
$> cd "${config}"
Copy the /etc/tor/torrc to the configuration directory and make as many copies as you need: E.g. 10
printf "torrc_%0.2s\n" {1..10} | xargs -I {} /bin/cp /etc/tor/torrc "${config}{}"
Copy the /etc/torsocks.conf to the configuration directory and make as many copies as you need: e.g. same as above 10
printf "torsocks_%0.2s.conf\n" {1..10} | xargs -I {} /bin/cp /etc/torsocks.conf "${config}/{}"
Make new data directories and fix ownership/permissions:
$> sudo mkdir /var/lib/tor{1..10}
Edit the configuration files to have non colliding corresponding port numbers:
for a in {1..10}; do
sed -i "s/^#SocksPort 9050.*/SocksPort $((9050+${i}))/;s|^#DataDirectory /var/lib/tor|DataDirectory /var/lib/tor${i}|" torrc_${i}
sed -i "s/server_port = 9050/server_port = $((9050+${i}))/" torsocks_${i}.conf
sudo chmod -R --reference /var/lib/tor /var/lib/tor${i}
sudo chown -R CHANGETHIS:CHANGETHIS /var/lib/tor${i}
done
Note: Changing the CHANGETHIS to the user/group of the user who plans to use it.
After that its easy to get going, you start up the individual instances of tor using the corresponding configuration file
E.g. /usr/bin/tor -f "${config}/torrc_3"
To use it all you need to do is export the variable TORSOCKS_CONF_FILE to point to the corresponding torsocks.conf file:
E.g. $> export TORSOCKS_CONF_FILE="${config}/torsocks_3.conf"
Next you can torify / torsocks any application from that particular shell and it will use the torsocks_3.conf proxy.
Try: $> torify bash
$> curl www.ipmango.com/api/myip
To change to another proxy simply start up the corresponding tor using its torrc file and export the TORSOCKS_CONF_FILE variable to point to the new configuration.
Here is a simple alias that does the job, after you've set it up as above and you have roxterm installed. It will check netstat to see if the proxy is up already and if not it will start it up in a separate shell window.
alias prox='_(){ proxy=${1:-1}; config_base="~/configuration_files/tor"; port=$((9050+${proxy})); netstat -an | { ! grep -q "127.0.0.1:${port}"; } && roxterm -e bash -c "/usr/bin/tor -f \"${config_base}/torrc_${proxy}\"; bash"; export TORSOCKS_CONF_FILE="${config_base}/torsocks_${proxy}.conf"; }; _'
To use it:
$> prox 4
$> torify bash
Download Tor Browser for Windows from the official website
Extract Tor Browser multiple times (Change the Destination folder name each time)
Skip the First Tor Browser and Follow the step number 4-6 for the remaining tor browser instances.
Start Tor Browser, Search for about.config in the search bar
Search for extensions.torlauncher.start_tor in the configuration window of tor-browser
Change the value of start_tor from TRUE to FALSE
Follow step number 8 for all the tor browser instances except for the Last one.
Goto TorBrowser, Data, Tor, torrec-defaults. Add "SocksPort 9153" at the end of the file and save the file. Increment 9153 by one for each new tor browser instance.
Source: How to run Multiple Tor Browsers with different IPs

Linux; How do I find logs if a program I'm running uses certain ports?

I am running CentOS 5 with csf firewall. I'm running a program that can't connect to another server (using some port that is blocked by csf I presume). Where is the log file for 'ports'?
Netstat is the command to use to get ports and network activity. To diagonise server processes I usually use:
netstat -tln
This yields port numbers in tcp mode listening. To identify associated processes you can also use -p to grab the pid. Here is the IANA ports list.
I found my answer right after searching a few more threads.
# tail -f /var/log/messages
Shows the UDP message but not the port.... Hmm....

Resources