Trying to understand the mechanics of Anon Surf

Briefly describe your issue below:
I’m looking for a better understanding of anon surf and how to correctly use it with other facilities like VPN or TOR. While trying to use it with my VPN connected it seems to kill the connection, and I stop anon surf and reboot to get the connection back on.

What version of Parrot are you running? (include version (e.g. 4.6), edition(e.g. Home//KDE/OVA, etc.), and architecture (currently we only support amd64) Parrot 4.8 Home Edition

What method did you use to install Parrot? (Debian Standard / Debian GTK / parrot-experimental)
Debian Standard I believe but not sure the difference here with GTK
Configured to multiboot with other systems? (yes / no)
no
List your networking hardware (make, model, firmware version):
RTL8821ce wifi, it wasn’t included in the install but I used bluetooth phone tethering to download driver from Github for my Lenovo Ideacentre all-in-one computer
If there are any similar issues or solutions, link to them below:

If there are any error messages or relevant logs, post them below:

As for my question in general, I was looking for some detailed documentation (the docs online I searched were partially ‘work in progress’ and I couldn’t find much on anon surf. In so far as what anon surf does with the connection properties, and how that would interact with VPN’s and TOR so that I could use them correctly. When I tested out anon surf I was connected to my VPN, and it seemed to have stalled the connection as I stopped anon surf and rebooted to get back online. If I can’t run the VPN to run anon surf, but anon surf is essentially better than the VPN, then no problem there, but without knowing for sure I opt for the tried and true VPN for what it’s worth, in conjunction with TOR if necessary. Though I admit I’m still learning and from the looks of Parrot Home Edition, I’m just glancing at the surface of what infosec is about so pardon my naivety here

1 Like

Welcome @Linuxnoob :slightly_smiling_face:

Further documentation will be out and is planned.

One thing you can do to right now better understand what exactly anonsurf does is to view:

/usr/bin/anonsurf

Anonsurf is written in bash so most of it is bash commands.

In particular, look underneath:

# Start Anonsurf
function start {

that important section ends with the very next:

}

This is the basis of everything that runs when you type: anonsurf start.

An example is this small segment using ip tables to route all traffic through tor.

	# set iptables nat
	echo -e " $GREEN*$BLUE Configuring iptables rules to route all traffic through tor\n"
	/usr/sbin/iptables -t nat -A OUTPUT -m owner --uid-owner $TOR_UID -j RETURN

How to better understand each command better?

Use the man command.

3 Likes

Ah okay, thank you and that’s cool I was just reading the BASH Academy link in the Mozilla bookmarks. I’ll have to take a look at /etc/bin/anonsurf and look forward to the other material and docs as well. Thanks again for all your effort and providing this OS, already performs much quicker than windows

2 Likes

I believe there are older topics about how understand anonsurf.

2 Likes

Here is a vid on YT about Anonsurf and using a VPN with it.
/watch?v=GTMoW5i9aa8
Parrot Security Linux Anon Surf Mode Using TOR

2 Likes

AnonSurf forwards all traffic to Tor, VPN forwards all traffic to their tunnel. I don’t get the point of using both on your system.

1 Like

I thought tunneling was to make it harder for you ISP to see what you are connected to. I could be wrong though.

1 Like

If you want to do that, your VPN server which is the end of your packets (under VPN connection) must run anonsurf or tor but not the client machine

2 Likes

Interesting, I was under the impression that first running a VPN, and then opening Tor would essentially create an extra layer (the vpn) in between the user and Tor, where the vpn IP would be the address ran through Tor afterwards. But it does make sense if the vpn server itself would need Tor installed, I was never fully clear on how that worked but it’s recommended often in search results so I kinda assumed

edit : addressing anon surf and tor separately and/or together with a vpn

1 Like

People are easy to make mistakes.

Because there are rumors and movies and imagination.

Basic packet routing will show how it works.

I believe you get it wrong. It should be you use connection to your private VPN server then the server forwards all traffic to Tor.

2 Likes

[/quote]

I believe you get it wrong. It should be you use connection to your private VPN server then the server forwards all traffic to Tor.
[/quote]
well no actually, I’m not arguing that I need to learn packet routing and the like, but the model you just described here is how I envisioned using a vpn and tor operates, connect to vpn with encrypted connection, then from there output the connection into Tor. The actual specifics of how this occurs was something I need to read up on

1 Like

Okay i did a quick search and here is the result:

  • there is no such thing “anonsurf with vpn”. Ofc! Both client works as i mentioned before
  • there is “VPN over Tor”: https://protonvpn.com/blog/tor-vpn/ or https://www.techradar.com/news/tor-and-vpn-how-well-do-they-mix and from what i get, they do as same as my connection model above.
    P/s: ofc if there is anyway to combine VPN and Tor on the endpoint side and only endpoint side i would like to learn and use for our AnonSurf
    P/s2: Can you send any article about the model you want?
2 Likes

that’s cool yeah I was mainly just curious and trying to learn more about the specifics. I’ve got new reading material queued up now

1 Like