I want to setup some proxies or something so people wont be able to see what I've looked up and whatnot. For example hackers or something, would I have to use tor ?
The ISP does not see shit if you set up Tor. It sees the metadata when you establish the connection to the first hop, but it does not see what you are searching for - only that you are using Tor.
If you can, try to keep it to the onion network. Within that network the communication is encrypted entirely. If you browser the clearnet, use HTTPS as often as you can, otherwise communication outside of Tor will be unencrypted.
Idiot, stop giving people bad advice.
ISPs can't see what you do as long as your connection is encrypted, be it via SSL/HTTPS, a tunnel to a proxy via SSH, VPN, or Tor.
However, in some cases, they can see the domain name you're looking up, since DNS packets are often not encrypted (for example, when using HTTPS). To prevent this, use the DNSSEC protocol - Google provides a DNSSEC service for free, for example. If you couple it with HTTPS, it would be close to impossible to monitor what you do online.
Also, the connection should be proxied.
The best method overall, is to set up a chain of SOCKS proxies, and establish a SSH tunnel to the last one in the chain that you're supposed to connect to. SSH is known to be very hard to eavesdrop on - it's what Snowden used.
get a free VPN or hell even pay for one
i doubt anyone will dig into you specifically unless of course you're part of a notorious terrorist organization, drug ring, pedo ring or hacker group
I should have clarified. I assumed OP didn't have a proxy or VPN, in which case the ISP will see his activity when using unencrypted protocols.
Most people don't have VPNS and aren't aware of HTTPS.
What you are talking about are correlation attacks, and they require a huge amount of nodes under one's control. The Snowden papers showed, if I am not mistaken, that even the NSA didn't really know how to break Tor.
Using Tor is definitely better than not using is. People who tell you not to use it are either retards or are working for the services.
Tor supports SOCKS4a, which does encrypted DNS lookups. If you only use SOCKS4, then yes, you might leak what sites you are requesting.
>Implying the services don't have control over most relevant nodes
nice try agent Cuckson
>implying not everyone can set up a node
>implying people don't already do so
>implying that all the people being busted are not being busted because Tor is weak, but because they are leaking vital informations, like apache status pages or retarded posts on stack overflow
nice try agent retard
Wtf are you on about? The SOCKS protocol is not encrypted in any way.
However, if you create an SSH tunnel to the SOCKS proxy, it will then be encrypted.
And as for Tor, it isn't really a SOCKS proxy - it just allows the SOCKS protocol to be used as a convenient feature.
BTW: this comes from a network programmer who has written a small SOCKS API in C to connect to other services secretly. I know my shit to a certain degree.
I use SSH when I'm on public Wifi networks (such as McDonalds hotspots) and have to log in my eBay or other accounts.
Even with HTTPS on, it's still possible to do a man in the middle attack and forge the HTTPS certificate and see everything you do, including passwords.
Dude, we are not talking about the way TO the Tor connector - which is running at 127.0.0.1:9050 most of the time anyways. Communication to THIS connector is not encrypted, but in practice it does not need to be, because it's a connection to the internal loopback device - a.k.a. no network traffic is generated.
And read again - I wrote Tor SUPPORTS SOCKS4a, which is mostly used to do the DNS lookups. Tor is, after all, a SOCKS proxy. Running on the aforementioned 127.0.0.1:9050. I don't know and don't wanna assume that it does more than that - but it DOES support SOCKS4a
>from a network programmer
Not a very good one. You claimed that SOCKS4a does encrypted DNS lookups. This is bullshit. It does remote DNS lookups (which makes it safe from the DNS leaking perspective), but it doesn't encrypt DNS lookups, and it also doesn't encrypt traffic by default.
If you SSH to any SOCKS proxies, you are more or less safe. Also, to prevent DNS logs and shit for SOCKS4a and SOCKS5, you need to make them use DNSSEC instead, which actually encrypts shit.
>Tor is a SOCKS proxy
You could also say that a VPN is a SOCKS proxy, or a proxy chain is a proxy, because you can route your traffic via it using the SOCKS protocol.
And are you even serious about the SOCKS4a doing DNS lookups on the client end, in case of Tor? The EXIT NODE does it.
No. I think we're in a disagreement because we're talking about different things.
Here's what I mean:
>Case 1: A SOCKS proxy with an SSH tunnel.
In this case, everything from the client to the SOCKS proxy is encrypted, be it DNS lockups (depending on the SOCKS version), HTTP traffic, or anything else.
>Case 2: A local SOCKS proxy used by Tor
In this case, everything between it and the exit node is encrypted.
>Case 3: Just SOCKS4a or SOCKS5 proxies
As long as you use HTTPS, you should be safe from monitoring. The DNS lookups are done remotely.
>Case 4: DNSSEC + HTTPS, no proxies
Very hard to monitor, DNS and HTTP traffic are both encrypted.