Using Tor, you can:

  • access hidden TCP services as a client
  • host your own hidden TCP services as a server

Hidden, in this context, means that these services will only be accessible through Tor.

Access Hidden Services

A good proxifying application is called tsocks, that allows you to prefix a command-line invocation of an application so that it gets relayed through Tor. tsocks is essentially a SOCKS wrapper that forwards TCP connections to Tor's SOCKS port. It can be configured by editing its configuration file, usually found at /etc/torsocks.conf.

After configuring the local subnets, the only required lines are:

server =
server_type = 5
server_port = 9050

that relay all the TCP traffic to Tor, listening on and on port 9050.

An invocation of tsocks, could then be:

tsocks mysql -u user -p -h vva33zlardffgeet.onion

that would connect to a hidden database, at the .onion address vva33zlardffgeet.onion over the Tor network.

Host Hidden Services

Setting-up your own services behind Tor is a fairly trivial task. The relevant directives for the Tor configuration file are the following:

HiddenServiceDir /var/lib/tor/hidden_server/
HiddenServicePort 80

which instructs Tor to relay all traffic coming from the Tor network on TCP port 80 to the address and port 8800. This implies that a web-server will be listening to requests on and port 8800 as specified by the HiddenServicePort.

The .onion address is automatically generated and can be read from (in the case above):


You can have multiple HiddenServicePort lines for every service you wish to make available to the .onion network.

networking/tor/hidden_services.txt ยท Last modified: 2017/02/22 18:30 (external edit)

Access website using Tor

For the copyright, license, warranty and privacy terms for the usage of this website please see the license and privacy pages.