Unlock cybersecurity expertise, protect digital frontiers, secure your future today! Join Now
Home
Cyber Security

Mastering Anonymity with Tor and Proxychains on Linux - Complete Guide

Learn how to browse anonymously using Tor and Proxychains on Linux with this complete installation and usage guide for beginners.

Introduction

In the realm of cybersecurity, anonymity is a powerful tool. Whether you're conducting penetration testing, researching sensitive topics, or simply exploring privacy tools, understanding how to remain anonymous online is essential. Two commonly used tools for this purpose are Tor and Proxychains. When used in combination, they allow users to tunnel network traffic through multiple encrypted routes, masking their identity effectively.

Mastering Anonymity with Tor and Proxychains on Linux: A Complete Guide
 This comprehensive guide will walk you through what Tor and Proxychains are, how they work, how to install and configure them on Linux (especially Kali Linux), and how to use them for anonymous browsing, DNS resolution, and scanning. Whether you are a beginner or an intermediate user, this post will help you understand and effectively use these tools.

Table of Contents

  1. What is Tor?
  2. What is Proxychains?
  3. How Tor and Proxychains Work Together
  4. Installing Tor and Proxychains
  5. Configuring Proxychains for Tor
  6. Using Firefox with Proxychains
  7. Anonymous DNS Resolution Using Tor
  8. Anonymous Scanning with Nmap
  9. Rotating IP Addresses with Tor
  10. Best Practices for Using Tor and Proxychains
  11. Troubleshooting Common Issues
  12. Conclusion

1. What is Tor?

Tor (The Onion Router) is a free, open-source software designed to anonymize internet traffic. It achieves this by routing your communication through a distributed network of relays run by volunteers all over the world. This layered approach encrypts your data multiple times and sends it through at least three random nodes: an entry node, a relay (middle node), and an exit node.

Key Features:

  • Encrypts your data in layers (like an onion)
  • Masks your IP address
  • Provides access to .onion websites (Tor hidden services)
  • Defends against traffic analysis and surveillance

Tor is widely used by journalists, whistleblowers, researchers, and cybersecurity professionals.

2. What is Proxychains?

Proxychains is a Unix/Linux utility that forces any TCP connection made by any given application to go through one or more proxy servers. It uses dynamic linking to hook into applications and redirect their traffic through a list of proxies that you define in its configuration file.

Proxychains supports:

  • SOCKS4
  • SOCKS5
  • HTTP/S proxies

When combined with Tor, Proxychains can make tools and browsers that don't natively support SOCKS proxies route their traffic anonymously.

3. How Tor and Proxychains Work Together

By configuring Proxychains to use Tor’s local SOCKS5 proxy (127.0.0.1:9050), any program executed with Proxychains will have its network traffic routed through the Tor network. This means tools like curl, nmap, and firefox (the standard browser) can be used anonymously, even if they don’t support proxy settings internally.

4. Installing Tor and Proxychains

Step 1: Update Your System

sudo apt update && sudo apt upgrade -y

Step 2: Install Tor

sudo apt install tor -y

Step 3: Start the Tor Service

sudo service tor start

Check Tor status:

sudo systemctl status tor

Step 4: Install Proxychains

sudo apt install proxychains -y

Locate the configuration file:

locate proxychains.conf

It is usually located at:

/etc/proxychains.conf

5. Configuring Proxychains for Tor

Open the configuration file:

sudo nano /etc/proxychains.conf

Modify the Chain Type

Scroll to the following lines:

#dynamic_chain
strict_chain
#proxy_dns

Change them to:

dynamic_chain
#strict_chain
proxy_dns

Explanation:

  • dynamic_chain: Uses available proxies in a dynamic fashion. If one proxy fails, it tries the next.
  • strict_chain: Uses proxies in the exact order defined. If one fails, the chain breaks.
  • proxy_dns: Ensures DNS queries go through the proxy, preventing DNS leaks.

Add Tor’s SOCKS5 Proxy

At the end of the file, add:

socks5 127.0.0.1 9050

This is Tor’s local proxy listening on port 9050. Save and close the file (Ctrl + X, then Y, then Enter).

6. Using Firefox with Proxychains

To launch Firefox through the Tor network:

proxychains firefox

Firefox will now send its traffic through the Tor network using the Proxychains configuration. Be aware that this is not as secure as using the official Tor Browser, which includes anti-fingerprinting measures and other privacy enhancements. Use Firefox via Proxychains for testing purposes only.

7. Anonymous DNS Resolution Using Tor

To resolve a domain name anonymously:

tor-resolve example.com

This will query the DNS via the Tor network, hiding your IP address from DNS servers.

If the command is not found, install the required package:

sudo apt install torsocks -y

8. Anonymous Scanning with Nmap

You can perform basic Nmap scans anonymously using Proxychains:

proxychains nmap -sS -Pn -n -v example.com

Explanation of Flags:

  • -sS: TCP SYN scan
  • -Pn: Skip host discovery (treat hosts as online)
  • -n: Skip DNS resolution
  • -v: Verbose output

Limitations:

  • Only TCP scans will work. Tor does not support UDP traffic.
  • Scans will be much slower.
  • Many exit nodes are blacklisted, so results may be inconsistent.
  • For more accurate scans, consider VPN + proxy chains or other setups.

9. Rotating IP Addresses with Tor

To change your IP address (i.e., get a new Tor circuit), restart the Tor service:

sudo service tor restart

You can also monitor and manage your Tor circuits using nyx:

sudo apt install nyx -y
nyx

This provides a command-line interface to see current circuits and exit IPs.

10. Best Practices for Using Tor and Proxychains

  • Do not log into personal accounts (e.g., Gmail, Facebook) through Tor.
  • Avoid downloading files that may contain your IP (e.g., torrents, PDFs).
  • Use HTTPS whenever possible to ensure end-to-end encryption.
  • Avoid browser fingerprinting. Tor Browser is preferred for serious anonymity.
  • Chain multiple proxies if you want to route traffic through multiple hops (e.g., public HTTP/SOCKS proxies before Tor).

  • Always test for DNS leaks using tools like:

    proxychains curl https://dnsleaktest.com

11. Troubleshooting Common Issues

Tor is not starting:

Check service status:

sudo systemctl status tor

View logs:

journalctl -xe | grep tor

Firefox won’t connect:

Ensure Tor is running and the Proxychains config points to 127.0.0.1 9050.

DNS leaks:

Make sure proxy_dns is uncommented in proxychains.conf.

Slow or inconsistent browsing:

This is normal. Tor routes traffic through multiple relays and prioritizes anonymity over speed.

Conclusion

Tor and Proxychains provide a practical and accessible way to anonymize traffic for security researchers, ethical hackers, and privacy-conscious users. While these tools are powerful, they come with responsibilities. Always use them ethically and within legal boundaries. For higher levels of anonymity, consider using specialized distributions like Tails or Whonix, which are designed for advanced privacy.