The mentioned packages and applications here are recommended to get provided on every fresh installed operating system for many security reasons as follows:
I2Pnetwork: an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties.
obfs4proxy: attempts to circumvent censorship by transforming the Tor traffic between the client and the bridge. This way censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic.
Privoxy: web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks.
TorProject: a free and open-source software for enabling anonymous communication. The name is derived from an acronym for the original software project name "The Onion Router".
TorBrowserLauncher: it is intended to make the Tor Browser Bundle (TBB) easier to maintain and use for GNU/Linux users. torbrowser-launcher handles downloading the most recent version of TBB for you, in your language and for your architecture. It also adds a "Tor Browser" application launcher to your operating system's menu.
Torsocks: allows you to redirect network traffic of individual SOCKS-friendly applications through the Tor network. It also ensures DNS queries are handled correctly and explicitly blocks all UDP traffic from the application in question. It is possible that a given application can leak user/system data at a level that neither Tor nor torsocks can control, a 100% guarantee of being safe to operate with Tor can not be given for applications.
OpenConnect: an open-source software application for connecting to virtual private networks, which implement secure point-to-point connections. It was originally written as an open-source replacement for Cisco's proprietary AnyConnect SSL VPN client, which is supported by several Cisco routers.
OpenNTPD: a Unix daemon implementing the Network Time Protocol to synchronize the local clock of a computer system with remote NTP servers. It is also able to act as an NTP server to NTP-compatible clients.
OpenSMTPD: a Unix daemon implementing the Simple Mail Transfer Protocol to deliver messages on a local machine or to relay them to other SMTP servers.
OpenSSH: a suite of secure networking utilities based on the Secure Shell protocol, which provides a secure channel over an unsecured network in a client–server architecture.
OpenSSL: a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites.
OpenVPN: an open-source commercial software that implements virtual private network techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange.
SCdaemon: GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC4880.
Stunnel: an open-source multi-platform application used to provide a universal TLS/SSL tunneling service. Stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively.
Tor anonymity network and Privoxy non-caching system are configured already in Pars Enterprise Platforms whenever you decide to use these applications:
Installing torbrowser-launcher torsocks obfs4proxy privoxy
Running an obfs4 bridge via Tor
Editing /etc/torrc (Linux) /usr/local/etc/torrc (FreeBSD) with Administration Privilege to:
#Bridge config RunAsDaemon 1 ORPort 9001 BridgeRelay 1 ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy ExtORPort auto #set the Nickname and Contact info ContactInfo firstname.lastname@example.org Nickname username
UseBridges 1 ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy Bridge obfs4 18.104.22.168:443 A0D27B876F1DD14A15C223F48BD9CD4A6BC4517E cert=nOm4+38yOIZ+91ux/vMUOZjUv6pocGtPkZ1QUXumE03Y8akJmrdCwXzxvQVqVPLMlwQrXA iat-mode=0
Then you should get the bridge line. for get the bridge line go to https://bridges.torproject.org/ and get your bridge line.
sudo service tor status
sudo service tor restart
Privoxy and Tor for Increased Anonymity
Editing /etc/privoxy/config with Administration Privilege to:
forward-socks5t / 127.0.0.1:9050 .
sudo service privoxy status
sudo service privoxy restart
Tor Updating and Launching Issues
gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir/" --refresh-keys --keyserver pgp.mit.edu
Using Youtube-DL via Tor
Youtube-DL is a command line video downloader and the following commands make youtube-dl to download videos via Tor:
export http_proxy=socks5://127.0.0.1:9050 https_proxy=socks5://127.0.0.1:9050
and it can be disabled by
unset http_proxy https_proxy
You may need to enable the network in Programs Menu > Settings > System Settings > Network Settings > Use manually specified proxy configuration >> Exceptions 127.0.0.1, localhost
Programs Menu > Settings > System Settings > Network Settings > Use Manually Specified Proxy Configuration > HTTP – SSL - FTP Proxy >> IP 127.0.0.1, Port 4444 (This will be Connected via I2P)
To work with Privoxy add the following line to the Privoxy configuration file: forward .i2p localhost:4444
Outproxy Terms Of Service
Remember: I2P was not designed for creating proxies to the outer Internet. Instead, it is meant to be used as an internal network.
The I2P project itself does not run any proxies to the Internet. The only outproxy is a service from the privacy solutions project. Consider donating to them for a continued stable service. Increased funding will allow them to improve this service.
By default, I2P comes with two outproxies configured: false.i2p and outproxy-tor.meeh.i2p. Even the domain names are different, it's the same outproxy you hit. (multi-homed/keyed for better performance)
Filtering is active on these outproxies (for example, mibbit and torrent tracker access is blocked). Eepsites that are accessible via .i2p addresses are also not allowed via the outproxies. As a convenience, the outproxy blocks ad servers.
Tor is a good application to use as an outproxy to the Internet.
Comparison of Tor and I2P anonymizing proxy networks:
Tor - Onion Routing
Tor and Onion Routing are both anonymizing proxy networks, allowing people to tunnel out through their low latency mix network. The two primary differences between Tor / Onion-Routing and I2P are again related to differences in the threat model and the out-proxy design (though Tor supports hidden services as well). In addition, Tor takes the directory-based approach - providing a centralized point to manage the overall 'view' of the network, as well as gather and report statistics, as opposed to I2P's distributed network database and peer selection.
The I2P/Tor outproxy functionality does have a few substantial weaknesses against certain attackers - once the communication leaves the mixnet, global passive adversaries can more easily mount traffic analysis. In addition, the outproxies have access to the cleartext of the data transferred in both directions, and outproxies are prone to abuse, along with all of the other security issues we've come to know and love with normal Internet traffic.
However, many people don't need to worry about those situations, as they are outside their threat model. It is, also, outside I2P's (formal) functional scope (if people want to build outproxy functionality on top of an anonymous communication layer, they can). In fact, some I2P users currently take advantage of Tor to outproxy.
Comparison of Tor and I2P Terminology
While Tor and I2P are similar in many ways, much of the terminology is different.
|Tor network||I2P network|
|Client||Router or Client|
|Directory Server||Floodfill Router|
|Entry Guards||Fast Peers|
|Hidden Service||Hidden Service, Eepsite or Destination|
|Hidden Service Descriptor||LeaseSet|
|Introduction point||Inbound Gateway|
|Onion Proxy||I2PTunnel Client (more or less)|
|Onion Service||Hidden Service, Eepsite or Destination|
|Rendezvous Point||somewhat like Inbound Gateway + Outbound Endpoint|
Benefits of Tor over I2P
Benefits of I2P over Tor
Open Menu > Add-ons Manager > Extensions >>
Free and improved AdBlocker. Completely remove ALL ads. No "acceptable" ads or whitelisted advertisers, block tracking and malware!
Cookie Quick Manager
A complete manager for cookies accumulated during browsing. It allows you to view, edit, create, delete, backup, restore cookies and search them by domain names. Contextual Identities such as Private Browsing, First-Party Isolation, and SameSite flag are also supported.
Make the web faster, more private, and more secure. Visualize and block the otherwise invisible websites that track your search and browsing history.
An extension that displays a flag icon indicating the current webserver's physical location. Knowing where you're connected to adds an extra layer of awareness to your browsing and can be useful to indicate the native languages and legal jurisdictions that may apply. Additional information can be obtained via a multitude of external lookups and users can add their own custom actions. All actions can be added to the flag icon's context menu and set to icon click or keyboard shortcuts for quick access.
Easy to use advanced Proxy Management tool for everyone.
NoScript Security Suite
Maximum protection for your browser: NoScript allows active content only for trusted domains of your choice to prevent exploitation.
Helps you always use the secure HTTPS protocol, if supported by the site’s server. It automatically changes HTTP protocol to the secure HTTPS, and if loading errors occur, the extension will revert back to the original HTTP protocol.
Turn Off the Lights
With a single click on the lamp button, the page will fade to dark. And automatically focus on the video. By clicking on it again, the page will return to normal.
User Agent Switcher
A highly customizable extension to spoof the User-Agent string of your browser with a new one globally, randomly or per hostname. You can alter your user-agent string to indicate you’re on a mobile device if you prefer seeing mobile versions of sites so they load quicker.