Search This Blog

Saturday, February 14, 2009

IP spoofing with iceweasel

This tutorial explains how to spoof the IP addresses using iceweasel (firefox) web browser on machines running Debian Linux.

  1. Install the Iceweasel browser, tor button extension
    $sudo apt-get install iceweasel iceweasel-torbutton
  2. Install the privoxy, tor packages
    $sudo apt-get install privoxy tor
  3. Configure privoxy by adding the following line to /etc/privoxy/config
    forward-socks4a / .
    Note the '.' at the end. It is important.

  4. Restart the privoxy
    $sudo /etc/init.d/privoxy restart
    Restarting filtering proxy server: privoxy.
  5. Restart the tor daemon
    $sudo /etc/init.d/tor restart
    Stopping tor daemon: tor.
    Raising maximum number of filedescriptors (ulimit -n) to 32768.
    Starting tor daemon: tor...
    Feb 14 00:14:49.473 [notice] Tor v0.2.0.30 (r15956). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686)
    Feb 14 00:14:49.474 [notice] Initialized libevent version 1.3e using method epoll. Good.
    Feb 14 00:14:49.474 [notice] Opening Socks listener on
  6. Start the iceweasel. Use ctrl+2 to enable tor. The status of the tor button is visible in the right bottom box of the iceweasel window. The screenshots below might be helpful.

    Note: ctrl+2 acts as a toggle switch to enable/disable tor.

  7. Change the proxy. Right click on the tor button (bottom right corner of iceweasel) -> choose preferences -> select "use custom proxy settings"

  8. Click on "Test Settings" then click "ok" to test for proxy settings. If everything went successful, there will be a confirmation.

  9. Check the new spoofed "IP address" by visiting sites such as etc., This will be the IP address seen by the websites you visit.

    Tor has its limitations. It will not give complete anonymity but something good enough for most purposes. Use at your own risk.

The above tutorial is tested in Debian Lenny, iceweasel 3.0.5, tor, privoxy 3.0.9, torbutton 1.2.0.

Back ground story :- While hopping around the internet, I came across some articles which claim to track the "identity thefters" via the IP address hits to a website. This is a good approach but we have to understand that it has its own limitations. Using this article, I just wanted to point out that it is very easy to hide one's IP address tracks. Dont be misled by the IP hits...