Today I've learned: Staying anonymous

Jonas SatkauskasJonas Satkauskas
4 min read

Table of contents

Intro

A hacker must be as anonymous as possible. It’s impossible to be completely anonymous, but it is possible to make the discovery process very long and difficult.

We’ll look at some of the ways to be more secure/anonymous online.

Tor

Tor is an acronym for The Onion Router System. It was invented in the 1990s by the US Office of Naval Research (ONR). Its main goal was to create a method for staying anonymous on the web, mainly for spying purposes.

How does it work?

Packets are sent over a network of over 7,000 routers around the world. Traffic hops between different routers.

For example, if I connect to a website from the United Kingdom using the TOR service, my request would look like this:

Destination would see my connection as if it is from France.

Every time you connect to Tor service it creates new route.

To check the status of the Tor service and start it, we can do so:

service tor status
tor.service - Anonymizing overlay network for TCP (multi-instance-master)
     Loaded: loaded (/usr/lib/systemd/system/tor.service; disabled; preset: disabled)
     Active: inactive (dead)

service tor start
service tor status
tor.service - Anonymizing overlay network for TCP (multi-instance-master)
     Loaded: loaded (/usr/lib/systemd/system/tor.service; disabled; preset: disabled)
     Active: active (exited) since Mon 2025-01-13 14:35:01 EET; 3s ago
 Invocation: c413716b42c04f48b0b5daf7bdc59d5a
    Process: 32012 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
   Main PID: 32012 (code=exited, status=0/SUCCESS)
   Mem peak: 1.6M
        CPU: 7ms

Jan 13 14:35:01 1B-21-80-7D-02-11 systemd[1]: Starting tor.service - Anonymizing overlay network for TCP (multi-instance-master)...
Jan 13 14:35:01 1B-21-80-7D-02-11 systemd[1]: Finished tor.service - Anonymizing overlay network for TCP (multi-instance-master).

As you can see, now we’ve activated the Tor service, and it is active.

For example, if someone intercepts and watches the traffic, they’d see only the previous hop.

Using Tor

To start using Tor service you can download the Tor browser.

When you do so, you can also access the Deep Web. There are lots of illegal activities there, so be careful. But there are also some legitimate services available in the Deep Web.

For example, journalists in countries with strict control over information use the Tor browser to access legitimate news and information.

Proxies

What’s a proxy?

Proxies are servers that act like middlemen for traffic. A user connects to a proxy, and when they try to reach a website, the proxy gives an IP address that is sent to the destination. When the traffic returns, the proxy sends data to the client. As a result, the destination sees the traffic as being sent from the proxy server.

Keep in mind that proxy server knows your IP address.

We can use a few proxies and make a proxy chain. You can search for free proxies, but keep in mind that free proxies are not safe. You can also purchase proxies and make a custom chain.

Luckily for us, Kali has a really great tool for proxy chains.

Enabling proxychains

To enable proxychains, we can edit the /etc/proxychains.conf file.

nano /etc/proxychains.conf
# proxychains.conf  VER 4.x
#
#        HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.


# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
# strict_chain
#
<...>
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4  127.0.0.1 9050
socks5  127.0.0.1 9050

There are a few options for how proxies will work. We’ll use dynamic_chain.

Uncomment the dynamic_chain line, and proxychains will be available. By default, it uses the Tor service.

To start using proxies, make sure that the Tor service is up, and then we can use this syntax:

proxychains <service> <arguments>

Let’s visit DuckDuckGo with proxychains:

proxychains firefox duckduckgo.com

When the browser opens, you can also visit whatismyipaddress to check your IP address. The location will be different from where you actually are.

VPN

Another effective way to stay more secure is to use a Virtual Private Network (VPN). Keep in mind that it doesn’t guarantee anonymity.

It’s easy to use them. You can choose a VPN provider and follow the instructions for installation and activation. It won't take long.

A VPN is a way to bypass restricted content. You can connect to servers in Germany using a VPN to access content that is banned by your government.

The best VPN services for 2025 according to PCmag are:

  1. ProtonVPN

  2. NordVPN

  3. TunnelBear VPN

The price of VPNs is usually about 40-80€/year.

Outro

As you can see, there are several options for improving your anonymity. They aren't 100% effective, but by combining these methods, you can make your online activity so hard to track that it would take too much time to trace, effectively making you anonymous on the web.

4
Subscribe to my newsletter

Read articles from Jonas Satkauskas directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Linuxlinux for beginnerslinux-basicslinux-commandsKali Linux#cybersecuritycybersecurityCyberSeccybercybrlearningLearning Journeyanonymityvpntor

Written by

Jonas Satkauskas
Jonas Satkauskas