Linux Drama is Over! (For Now.)

I’m happy to report that my “Linux drama” has ended (for the moment). See?

gnome_desktop.png

Unfortunately, this required me doing a factory reset of my machine, so I lost all my data – yeah, tease me all you want. That’s why you do backups, right? Fortunately, nothing I had was irreplaceable, with the exception of a few drafts I had written.

I did get rather frustrated with the process, but I know that that’s part of coding and using computers/smartphones in general. Can I get back to the dark web now? Sure. Let’s hope it doesn’t compromise my system.

At the moment, I’m going back to the terminal and attempting to reinstall some of the missing programs I had before. Easy, right? You would think so.

More specifically, I’m attempting to install HexChat, which is one of the IRC clients I liked, and the terminal is saying that the repository I’m trying to use doesn’t exist. I’m assuming that it’s just on a different repository, but I’m not sure which one that is. This is strange, because right before my system went down, I  was using HexChat without any problems.

Is there another client I should be using? WeeChat, perhaps? (Oh no.)

YFy0a

My friends mess with me about being technically incompetent, but usually my problem is that I overthink things and get stuck on one or two steps – I think that’s the curse of coding in general.

Anyhow, it’s good to be back! Have any requests for posts? Please share.

Advertisements

Linux Drama: I Was Frozen Today!

Before they make memes illegal here too, I’ll post this:

i_was_frozen_today

Now that that’s out of the way – this morning, I was doing an upgrade to my Ubuntu system, and everything seemed to be going well. As a guide, I was following this article: How to Upgrade To Ubuntu 18.04 LTS Bionic Beaver

linux_upgrade

I started with the command:

$ sudo apt-install update-manager-core

Afterwards, I followed up with:

$ sudo do-release upgrade

This didn’t work, and I believe the issue was that the release wasn’t available yet. So, here’s where my big mistake happened. I attempted to force the upgrade by entering:

$ sudo do-release upgrade -d

This was where I clearly screwed up, because afterward, I was unable to get past the login screen on my system. Well, let me take that back – I could get past it, but all I would see is a blank desktop, very similar to this:

ubuntu_blank

Interestingly, some other users on Ask Ubuntu have had similar issues:

ask_ubuntu

Fortunately, another user on that same site had a good solution. He suggested opening the GRUB menu and selecting the previous kernel. This sounds like my best option. If I did actually lose all my data, thankfully there wasn’t anything irreplaceable there.

It’s funny – I have times when I can do all these advanced coding-related things, and yet something simple like this will put me out of commission.

You can’t keep a good man down, though!

 

Getting the Hang of Linux! (Really.)

Some of the bros on MadIRC were messing with me about giving some variety to the blog, and suggested that I document my Linux learning process for you all. After all, the “dark web” isn’t always as fascinating as it’s made out to be.

So, as I’ve mentioned, my particular Linux distro is Ubuntu, which is considered to be a good distro for a beginner. I suppose that, after time, I may move on to something more advanced (yes, that’s what I tell myself…).

As some of you may know, Ubuntu at least has a GUI to start off with (I’m using the GNOME desktop), as opposed to, say, Arch, which is bare bones. Maybe I’ll get to that one day.

Mine looks very similar to this one:

cinnamon2ubuntu-large_001

One of the major adjustments, of course, has been using the Terminal, and learning the associated commands. I assume this will become second nature at some point. I’m already used to typing:

sudo apt-get update

sudo apt-get upgrade

And getting the message “Permission denied, are you root?” That’s so much fun, isn’t it?

http_cdn5.howtogeek.comwp-contentuploads201203apt-get-update

One of the major reasons I switched to Linux was that I was tired of getting viruses on Windows, and as many had told me, “Don’t use Windows with the dark web!” I guess they weren’t kidding, huh?

Another reason is the fact that it’s open source, and that there seems to be a lot of Linux community support. In particular, I really disliked Windows 10 – I felt as though it was collecting way too much info about me, and had numerous glitches.

Anyway, a lot of the learning has been trial-and-error, but I subscribed to Linux Hint, which is helping, and plus, I know a lot of Linux users, so they’ve been giving me useful hints along the way. Hints like, “Type ‘yes [string]’ on the terminal.”

funny_commands-yes

Very funny guys.

Of course, I use Tor with it too, which seems to run very smoothly. I don’t know if it’s my imagination, but it seems faster. Is it?!

tor_browser_ubuntu

In addition, I liked the idea of running Tor from the terminal, with a command like:

start-tor-browser

I plan on documenting more of my Linux/dark web drama as it unfolds, so expect to hear more!

Besides, I know that some of you readers are also Linux users, so do you have any terminal hints for me? Feel free to leave them in the comments.

angry_penguin

 

Accessing the Dark Web on Linux is Easy, Right?

yum-install-polipo

It may seem silly to even write this, as most of the Linux users I know are very familiar with Tor (and other darknets as well).

Still, I thought it would be interesting to write about.

So, how do you install Tor on a Linux system? Well, that largely depends on what kind of Linux distribution you have, but there are similarities across the different ones.

The easiest part, of course, is downloading Tor. Use this link: Tor Browser for Linux (64-bit).

Ah, but wait! This isn’t the best way to download Tor on a Unix-like system; it’s better to use the shell.

linux_shell

 

Well, it just so happens that the Tor Project has specific instructions for Debian/Ubuntu users (of which I happen to be one).

tor_debian_ubuntu

On their main site, they list two options: Tor on Debian Stretch, and Tor on Ubuntu or Debian. If you’re using Debian, just run this command:

apt install tor

as root. They note that this will not always give you the most stable version of Tor, but the upside is that you will receive important security fixes (and that’s essential!). Next, go to this link: Running the Tor client on Linux/BSD/Unix

Alternately, if you’re building from source (the fun way, right?), first install libevent,
and then make sure you have openssl and zlib (including the -devel packages, if possible). After that, run:

tar xzf tor-0.3.1.9.tar.gz; cd tor-0.3.1.9
./configure && make

Once that’s done, you can run Tor as src/or/tor, or you can run make install (as root, if need be), which will install it to /usr/local.

EDIT: As one of my readers pointed out, I forgot to mention that once the daemon is running, you must set the proxy configurations on your browser this way: localhost (127.0.0.1) as host, and the same port number that’s set in your tor config file (/etc/tor/tor.conf).

It could then take several minutes after the daemon execution to connect to Tor. To verify this, check your log file: (/var/log/tor/tor.log). If the daemon did connect properly, it will be recorded as such on the last line of the log file.

Assuming that all these conditions are met, you can then run Tor!

Please note: I’m paraphrasing some of this from the Tor Project’s website, so I want to give them due credit! If you read the documentation, they’ll elaborate further on “Torifying” your applications, as well as configuring a relay or setting up your own Tor hidden service.

Sound like fun? I hope it is! Now enjoy accessing the Shadow Web – on me.

Creeping Back to the Dark Web!

by Ciphas

So, after the brief setback I suffered in Looking for Linux!!, I’ve found a temporary solution.  I have an old computer I can use for the time being, so I can continue writing, coding, etc.  It looks a lot like this:

Datapoint_Corporation_(CTC)_Datapoint_Turbo_8665,_Datapoint_2200_Desktop_Computerm_(1970,1971),_Datapoint_8600,_in_front_of_MITS_IMSAI_8080

Author: Clusternote 2015 Wikimedia Commons

One of the things I have in mind to do for future posts are to try out some of the webmail services on Tor and other networks, so I can come up with a good recommendation.

Currently, I am using SIGAINT, which is one of the more popular (and controversial) services, but there are certainly others.  (It’s been attacked more than once by security agencies, which I’m well aware of, thank you!)

SIGAINT-attack

If you go by 1EarthUnited’s List of Secure Dark Web Email Providers in 2016, you may find some good recommendations, but it is partially a matter of personal preference.

I’ve hunted around the Tor network and found a number of other email services, but as to whether they’re the most secure, that remains to be seen.  Some of the ones I intend to try out are OnionMailSquirrelMail, Mail2Tor, and Roundcube, which have both clearnet and darknet URLs for their landing pages.  Those links go to the clearnet sites (just so you can find out more about them).

I’m also in the process of researching live CD and USB operating systems, which is something I’ve been meaning to write about for awhile, but I occasionally had some compatibility problems with my system. That’s one reason I’m researching a good Linux system (besides the fact that I just like them).

Beyond just Tails and Whonix, I’d also like to try out these, specifically:

Kali Linux kali-linux_605634_full.jpg

Knoppix

knoppix

Debian

debian_669635_full

Arch Linux

a2bdce9b-5126-df11-98b7-0022190f5762_5_full

Linux Mint

linux-mint_279230_full

And a few others that I won’t list at the moment.  Ooh, each one could be a future post…how interesting!!  I could make up a cheesy Linux song to go with it (but I don’t want to torture you).

It looks like I’ve got my work cut out for me.

What, No More Dark Stuff?

EuroArms-670x497

Hey, I didn’t say that!  It’s just that the dark stuff takes time and effort to research.  Plus, to be honest, the more I investigate the dark web, the less scary it becomes.  There are still some terrifying things on it; don’t get me wrong.

I just would like to share both the good and the bad.  There’s nothing “wrong” with that, is there?

Besides, what I’ve realized is that if you actually want to be taken seriously when talking about the dark web, you can’t only tell horror stories.  Do you think I want to be another Takedownman?

Wait…forget I even said that.

 

 

 

ChaosVPN Part 2: Hack to School!

 

Fonerawebuicssfix (1)

When I first started working on this ChaosVPN project, I never imagined what fun it could be.  It has required a bit of extra effort and learning, but I like that sort of thing!

However, I want to stress that ChaosVPN isn’t a replacement for Tor or other anonymity tools; in fact, the creators mention this on the wiki.  And it won’t help you access .lll or .rdos sites either…heh heh heh.

So – where I initially got stuck was at the point of getting tinc to run properly on my system.  As it turns out, I hadn’t completed all the steps to installing it (go figure)!  That’s why they say: “If all else fails, try reading the instructions.”

Depending on which operating system you’re using, of course, those instructions may vary.  If you’re using a Mac OS/X, then these are the appropriate instructions: installing tinc on Mac OS/X.

If you’re using Windows, then try here: installing tinc on Windows 2000/XP/7/8.  Hmm…it doesn’t include Windows 10, but does that mean it won’t work?  Not necessarily, but I know how logical Windows can be sometimes.

windows-logic-meme

What about Ubuntu?

In my earlier post ChaosVPN: Making Friends with Hackers!, I had mentioned using Ubuntu to set it up.  This still seemed like the ideal option for me.  It reminded me very much of the MS-DOS days from my childhood.

Abort_Retry_Fail

 

So I started going through the steps again, trying to be a little more patient this time!  I finally got it working, but haven’t used it much yet.  My overall impression is that ChaosVPN definitely has the potential for – to use the technical term – awesomeness.

Given that I’ve been making friends with a lot of hackers and coders lately, this seemed like one of the logical steps to take.  I still don’t consider myself a hacker just yet, but I’m working on that.

If you haven’t read the previous post, here’s the ChaosVPN:UbuntuHowto.  Oh, wait – you don’t have Ubuntu?  Do that here: Get Ubuntu | Download.

(The instructions below are quoted from the wiki; credit goes to the authors.  If anyone objects to this, I can take it down.)

And now, courtesy of the CCCHHWiki – UbuntuHowto :

ubuntu-how-to-chaosvpn.png

First you need to install the necessary helper programs using the apt-get command.  

Install Necessary Helper Programs

needed to use the chaosvpn client:

#apt-get install tinc iproute

needed to compile the chaosvpn-client if not using a precreated debian package
for it

#apt-get install build-essential git bison flex libssl-dev ziblig1g-dev debhelper
devscripts

Install tinc

You need either the package from Debian squeeze/unstable, or a backport like from Debian Backports.

This should be at least tinc version 1.0.13, but should work with 1.0.10 or later.

Or visit http://tinc-vpn.org, download and build yourself – at a minimum ./configure, specify the parameter –sysconfdir=/etc, and check the binary in the script.
If the tinc installation gives the following error:

./MAKEDEV: don’t know how to make device “tun”

Then create the device by hand:

# mkdir -p /dev/net
# mknod /dev/net/tun c 10 200
# chown root:root /dev/net/tun
# chmod 600 /dev/net/tun

Install Our ChaosVPN program

The easiest way: using LaunchPad PPA

There are amd64 and i386 binary packages available for LTS release 12.04 (precise).  There is also a source package.

Add the following lines to your etc/apt/sources list:

For Ubuntu Precise:

chaosvpn_indexof

deb http://ppa.launchpad.net/matt-nycresistor/chaosvpn/ubuntu precise main

deb-src http://ppa.launchpad.net/matt-nycresistor/chaosvpn/ubuntu precise main

Make the Repository-Key known:

apt-get update
sudo add-apt-repository ppa:matt-nycresistor/chaosvpn

Answer “y” to the warnings about whatever content.

Run apt-get update a second time:

apt-get update

Finally install the ChaosVPN software:

apt-get install chaosvpn

Install done, proceed to next step some pages below.

Alternative: compile yourself from our git repository

Always needed to compile:

# git clone
# cd chaosvpn

way 1: create a snapshot debian package

# dch -i
increment the version and set ubuntu specific info.
# make deb
perhaps it throws an error about missing build dependencies, install these and retry.
#sudo dpkg -i ../chaosvpn_2.0*.deb
Install the generated package file, replace filename above with the real name. It is also possible to copy the generated .deb package to a different machine of the same architecture and install it there – no need to have a full compile environment on your router/firewall.

way 2: create debian package and install this

# dch -i
increment the version and set ubuntu specific info.
# debuild -us -uc
should give you packages in parent dir
#sudo dpkg -i ../chaosvpn_2.0*.deb
install the generated package file, replace filename above with real name.

way 3: just compile and install the raw binary

# make
# sudo make install

Create config directory

# mkdir -p /etc/tinc/chaos

Get your new node added to the central configuration

Devise a network-nick and a unique IP range you will be using

This network-nick…sometimes called nodename is the name of the network endpoint/gateway where the vpn software will be running – not necessarily the name of the user, there may even be more than one gateway per user.

Used below where <nodename> is.

Please use only characters a-z, 0-9 and _ in it.

Second please select an unused IPv4 range out of IP range, and write yourself down in that wiki page to mark your future range as in-use.
Please select from the correct ranges, 172.31.*.* for Europe, and 10.100.*.* for North America and elsewhere.

Repeat: Please do not forget to add yourself to this list at IP Range to mark your range as used.

Used below where <ipv4 subnet in the vpn> is.

The usage of IPv6 networks is also possible, but we do not have a central range for this (yet); you may specify an IPv6 range you received from your (tunnel) provider to be reachable over the VPN, or a private IPv6 ULA (Unique Local Address) network described in RFC4193.  For more info about ULA and a network-range generator please also see IPv6 ULA (Unique Local Address) RFC4193 registration .

Used below where <ipv4 subnet in the vpn> is.

Hostname

The gateway may have a DynDNS (or similar) hostname pointing to a dynamic IP, or a static hostname/fixed IP.

Better supply a hostname than a raw IP address even if it is static, so you can change it yourself and do not need to contact us when needed. (Perhaps something like chaosvpn.yourdomain.example).

Used below where <clienthost> is.

Generate keys

# tinc net-chaos init <nodename>

Replace <nodename> with the name your new node should get.

**FIXME** need some way that “tinc init” puts the public key into the separate files and not only into the generated hosts file, which our chaosvpn daemon overwrites.

generate public/private RSA and ECSDSA keypairs with

# tinc –net=chaos generate-keys 2048

press Enter 4 times and backup the files /etc/tinc/chaos/ecdsa_key.priv, ecdsa_key.pub, rsa_key.priv and rsa_key.pub on an external device.

Generate keys with tinc 1.0.xx

create chaos config folder with

# mkdir /etc/tinc/chaos

generate public/private keypairs with

# tincd –net=chaos –generate-keys=2048

press Enter 2 times and backup the files /etc/tinc/chaos/rsa_key.priv and rsa_key.pub on an external device.

Mail us your Infos [sic]

  • send via email to chaosvpn_join@hamburg.ccc.de

We need the following info – but please be so kind and also add a short description of you/your space and your motivation to join chaosvpn – or at least make us laugh. 🙂

(Please remove all lines starting with # from the email; they are just descriptions)

[<nodename>]

gatewayhost=<clienthost>

# This should be the external hostname or ip address of the client host, not a VPN address.
# If the client is not reachable over the internet leave it out and set hidden=1 below.
# If possible supply a hostname (even dyndns) and not an ip address for easier changing
# from your side without touching the central config.

network=<ipv4 subnet in the vpn>
network6=<ipv6 subnet in the vpn>

# (mandatory, must include)
# this may be more than one, IPv4 or IPv6, network6 with IPv6 is optional
#
# These subnets must be unique in our vpn,
# simply renumber your home network (or use something like NETMAP) with a network block that is still free.
#
# Please use the list of assigned networks on ChaosVPN:IPRanges, and add yourself there.

Owner=

#(mandatory, must include)

# Admin of the VPN gateway, with email address – a way to contact the responsible
# person in case of problems with your network link.

port=4712
# (optional)
# if not specified tinc works on tcp+udp port 655
# it is better if everyone chooses a random port for this.
# either this specified port or port 655 should accept TCP and UDP traffic from internet.

hidden=0
# (optional)
# “I cannot accept inbound tunnel connections, I can only connect out.”
# (e.g. behind an NAT)
silent=0
# (optional)
# “I cannot connect out, but you can connect to me.”
# Only ONE of hidden=1 or silent=1 is possible.

Ed25519PublicKey=<something>
# (optional)
# tinc 1.1.pre11+ only, contents of your /etc/tinc/chaos/ed25519_key.pub

—–BEGIN RSA PUBLIC KEY—–
…..
—–END RSA PUBLIC KEY—–
# (mandatory)
# rsa-public-key – contents of your /etc/tinc/chaos/rsa_key.pub

Awaiting response, give us some days, your request is processed manually

Retry until $success

Customize configfile

FIXME to be expanded

/etc/tinc/chaosvpn.conf

In the top part are the variables.

change

$my_peerid to the network nick from step 4
$my_vpn_ip to an ip address in your network range, like 172.31.x.1

Enable Starting of ChaosVPN

If you installed ChaosVPN through our Debian package it is not started by default.

To enable this edit the file /etc/default/chaosvpn and change the RUN= line to RUN=”yes”

After all changes (re-)start the chaosvpn client:

# /etc/init.d/chaosvpn start

If you made everything correct there should now be a tinc daemon running, and the output of ‘route-n’ should show lots of routes pointing to the new ‘chaos_vpn’ network interface.

script in /etc/ppp/ip-up to autostart, or to restart from time to time via cron

If you built a debian package and installed it the cron and ip-up parts are already setup, if you installed it manually with make install you have to do it yourself.

and with luck, it will function beautifully! 😉

Retrieved from https://wiki.hamburg.ccc.de/ChaosVPN:UbuntuHowto


 

As I get more familiar with ChaosVPN, hopefully it’s something I can write about more.  Just to stress: it isn’t really the “deep web” or the “dark web.”  I just felt like writing about it because it sounded cool.

As a matter of fact, the more I learn, the more I realize that these terms like deep web and dark web are just abstract concepts.

But they sure do sound spooky, don’t they?

 

essential-skills-becoming-master-hacker.1280x600

I haz hood. I iz a hacker.

ChaosVPN: Making Friends with Hackers!

Bildschirmfoto_2013-12-04_um_09.54.42

Alright, I admit it!  I’d been debating what to write my next post about, because everything that I had in mind required a lot of reading, research, and experimentation.

Fortunately, I came across something called ChaosVPN not too long ago.  I had heard about it via a deep web/dark web-themed Google+ group, in which I’ve made friends with many coders and fellow dark web explorers.  The name conjured up all sorts of silly tech-related movie tropes in my mind.

So what is it?

It’s a VPN designed to connect hackers and hackerspaces.  Keep in mind that this doesn’t necessarily constitute malicious (or “black hat”) hacking.  ChaosVPN has a wiki maintained by the Chaos Computer Club in Hamburg, Germany.

The idea sounded cool enough, but what really inspired me to look into it further was this image on the main page:

chaosVPN

If that’s hard to read, the quote I’m thinking of is the one in red that says

“ChaosVPN is a VPN to connect Hackers and Hackerspaces – it does NOT provide anonymous internet access!  For this look at tor or other similar services.

It will also not help you to reach domains like .rdos, .lll, .clos or any other strange things supposed to be available on the ‘dark web.'”

Does that sound familiar?  No?  Let me refresh your memory:

shadowweb

*Sigh* Yes, it’s our old friend “The Shadow Web” again.  The text is cut off in the screenshot, but the original page claimed that if you downloaded the software, you would be able to “access hundreds of other domains like .LLL and .RDOS sites.” ಠ_ಠ

By the way, if you’re still interested in that, you can contact the owner at shadow-web@sigaint.org.  Just don’t give him your money, OK?

So, if you can’t access .lll or .rdos sites, why install ChaosVPN? (I kid.)  Well, personally I love the idea that it connects different networks of hackers, and makes communication simpler.

If you read the “Goals” section of the wiki, the creators actually outline the purposes of ChaosVPN:

“Design principals [sic] include that it should be without Single Point of Failure, make usage of full encryption, use RFC1918 ip ranges, scales well on >100 connected networks and is…able to run on a embedded hardware you will find in [today’s] router…

“Therefore we came up with the tinc solution. tinc does a fully meshed peer to peer network and it defines endpoints and not tunnels.

“ChaosVPN connects hacker[s] wherever they are. We connect roadwarriors with their notebook. Servers, even virtual ones in Datacenters, Hackerhouses and hackerspaces. To sum it up we connect networks – maybe down to a small /32.

“So there we are. ChaosVPN is working and it seems [as] the usage increases, more nodes join in and more [services] pop up.” 

(For full text go to ChaosVPN – CCCHHWiki).

I may not be a hacker [yet], but as an investigative tech blogger and aspiring coder, this is definitely something that interests me (and I figured it would interest you too, readers!).

Tinc-erbell? 

tinc_2

 

As the creators of ChaosVPN mention above, the network uses tinc, a VPN “daemon that uses tunneling and encryption to create a secure private network between hosts on the Internet. tinc is Free Software and is licensed under the GNU General Public License version 2 or later,” according to their official site.

“Because the VPN appears to the IP level network code as a normal network device, there is no need to adapt any existing software.  This allows VPN sites to share information with each other over the internet without exposing any information to others.” 

Wow – am I wrong in saying that that sounds like some technobabble they would use on CSI: Cyber or something?

69118661

Nope.  It’s 100% accurate!  From the description, this sounds ideal for a VPN designed to connect hackers, as ChaosVPN is intended to do.  I know I’ve been quoting a lot of technobabble in this post, but I felt it was somewhat necessary to get an understanding of how ChaosVPN worked!

I’ll be honest – I’m really not an expert with it yet, and I’m still in the process of building ChaosVPN on my system.  I’m determined to get it working, though, and I thought you all could accompany me along the way!

Wiki of Chaos

The ChaosVPN wiki has a set of excellent how-tos for the following operating systems:

I went with the Ubuntu Howto, since I have that installed on my system.  (When I do finish setting it up, I think that would warrant a sequel to this post.)

No matter which operating system you’re using, you need to install Tinc VPN (mentioned above) first.

Initially, I was going to quote portions of the setup instructions in this post, but the ChaosVPN wiki is currently down.  I should’ve printed them when I had the chance! 

Oh wait, never mind – it’s up again.  Well, perhaps I’ve done enough plagiarizing in this post, but you can look at any of the links above for detailed instructions.

Fortunately, they also have a repository on GitHub: GitHub – ryd/chaosvpn: Config generator for chaosvpn.  I think that should help!

If any of you are able to get the VPN up and running, feel free to let me know.  I’m sure I’ll be able to put it together soon.

Well, that just means we’ll have a part 2 to this post!

In the meantime, I return to my ARG – real life, that is.