Circumventing Countrywide Tor block with Anon Surf
The Parrot Operating System is a Debian-based rolling release GNU/Linux distribution that focuses on security, privacy, and software development. I’m going to focus on the privacy aspects of this operating system, but will be touching on the other features, as well. There are two main versions of Parrot OS: Parrot Security and Parrot Home/Workstation.
Parrot Home/Workstation is “a very lightweight system for daily use and privacy protection. It is designed for casual users who love the parrot look and feel.” This version has all the features I’m going to discuss in this article.
Parrot Security is a “complete all-in-one environment for pentesting, privacy, digital forensics, reverse engineering and software development.” This version is considered the full version of Parrot and comes with everything the Home version has along with a full suite of penetration testing and digital forensics tools similar to Kali Linux. But Parrot OS has some important advantages over Kali Linux. One major difference between Kali and Parrot is that Kali does not have you setup a user account during installation while Parrot does. This makes Parrot more suited to being a daily driver.
Parrot uses “sandboxing” to protect your machine by isolating its components. A sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system.1
The newest version, Parrot 4.0, also has the latest Linux kernel which contains up-to-date patches to the meltdown/spectre issues that have come to light over the past few months. And since it’s a rolling release distribution, you get all the latest base system updates that make their way into Debian’s Testing Branch, which leads to greater security as well.
My favorite feature, however, is Anon Surf. With a single click, you can enter/exit Anon Surf mode. Anon Surf automatically routes you through the Tor network and changes your MAC address. This enables you to “surf” the internet anonymously and privately. This is more secure than a VPN with the only downside being a slower connection.
As someone who lives in a country that has heavy internet censorship, blocks many DNS’s and VPN’s, and even blocks Tor, this is very useful. But it does not work out of the box for me, and it is likely that others who live in countries with similar situations will face the same issue. Anon Surf seems like it has connected, but when you open Firefox, you see that you have no internet connection.
The solution to this is to add Tor bridges to your torrc file. I’m going to walk you through that process so you can get around this impediment just as I do. The first thing we need to do is is acquire some bridges from Tor at https://bridges.torproject.org. If the Tor website is blocked, you can request your obfs4 bridges from Tor through email at email@example.com with the line “get bridges” by itself in the body of the mail.
Once you’ve acquired your list of bridges, you can add to the end of your /etc/tor/torrc file in the following format and save.
UseBridges 1 ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed Bridge obfs4 188.8.131.52:39269 366588398C6DB557AC04B006AFCD88E8F9AF1C32 cert=dPWEDqARFmsUWBTjKXwVPoI7eHltxjcCzusU7HVBI6X4OrALZ2sCK9+NVZA8hhfEKQXcWQ iat-mode=0 Bridge obfs4 184.108.40.206:9443 E2C03E5581695FB8EC8E612D397C8DF00E809278 cert=hXnB1g1tEDulE+BjdnI6f7HQXxs6GZeUEDve/K9Z/GJpLLgdXB+2v7SuH+K4EMN4m6fBCA iat-mode=0 Bridge obfs4 220.127.116.11:9443 B59764BF9102FEE821302AC2C9CC28B248054CE4 cert=mK9LnXAcGEacSAd9YspRHyswi1/mBqnha8OLTa9Lpg4UwSf6KbgegAd7zjY+ImhO//PYbg iat-mode=0
Remember to replace these bridges with the ones you got from Tor, as these may not work. Then make sure you have obfs4proxy installed by doing an apt-get install obfs4proxy in the terminal. And that’s all it takes. Now you should be able to use Anon Surf to its full potential and enjoy the privacy it provides.
(if you have any questions, issues or suggestions, please feel free to leave them in the comments section by clicking ‘Leave a comment’ in the left sidebar)