Introduction to self-hosting hidden services

2024-08-03 18:41:13 +02:00 · 2024-08-03 18:41:13 +02:00 · 10df301335
commit 10df301335
parent 03bae6bc20
9 changed files with 199 additions and 3 deletions
--- a/servers/anon.html
+++ b/servers/anon.html
@ -210,6 +210,7 @@
  
 <p>🧅 Serverside - Self-Hosting Hidden Services (⚠️ <a href="sensitiveremotevshome/index.html">Self-Hosting = Non-Sensitive!</a>)</p>
 <ol>
+        <li><a href="hiddenservices/index.html">✅ Introduction to Self-Hosting Hidden Services</a></li>
        <li><a href="torwebsite/index.html">🟠 .onion website with custom .onion Vanity V3 address</a></li>
 		<li><a href="anon.html">❌ Basic Webserver setup (NGINX / PHP / MYSQL)</a></li>
 		<li><a href="anon.html">❌ Minimalistic MoneroSSO .onion setup</a></li>
--- a/servers/anonymousremoteserver/index.html
+++ b/servers/anonymousremoteserver/index.html
@ -62,6 +62,8 @@
 				<div class="col-lg-8 col-lg-offset-2">
  					<a href="../anon.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-05-02</ba></p>
 <h1>Acquiring remote servers anonymously (non-KYC providers) </h1>
+
+<img src="../hiddenservices/1.png" class="imgRz">
          
 	       </div>
 			</div><!-- /row -->
--- a/servers/hiddenservices/0.png
+++ b/servers/hiddenservices/0.png
--- a/servers/hiddenservices/1.png
+++ b/servers/hiddenservices/1.png
--- a/servers/hiddenservices/2.png
+++ b/servers/hiddenservices/2.png
--- a/servers/hiddenservices/3.png
+++ b/servers/hiddenservices/3.png
--- a/servers/hiddenservices/index.html
+++ b/servers/hiddenservices/index.html
@ -0,0 +1,157 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>Introduction to Self-Hosting Hidden Services</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nihilism.network/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../anon.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-08-03</ba></p>
+<h1>Introduction to Self-Hosting Hidden Services </h1>
+<p> </p>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Clearnet Services: Centralized, but can be used anonymously</b></h2>
+<img src="1.png" class="imgRz">
+<p>Today's clearnet web is hugely centralised, you have businesses out there (meaning potential and very likely governmental proxies) that are letting you rent servers (VPSes / dedicated servers / etc) and domain names to be able to have a clearnet service. </p>
+<p>If you want to have clearnet services but to keep your anonymity regardless, you'll need to go through KYC-free resellers (you can find them <a href="https://kycnot.me/?t=service&q=vps">here</a>)</p>
+<p>To find out how to run Anonymous Clearnet Services, you can check out <a href="../anonymousremoteserver/index.html">this</a> tutorial.</p>
+<img src="3.png" class="imgRz">
+<p>If you don't want to give in to that centralization, but remain on the clearnet, you'd have to run a service from home, using only the public IP you're getting from your ISP.</p>
+<p>Problem is that your ISP knows who you are, is actively spying on what you do with your internet connection, and from there he knows that you are running the website. No anonymity whatsoever. </p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Tor Hidden Services: Decentralized and Anonymous</b></h2> </br> </br>
+<p>One solution to that situation if your goal is to have a website hosted at home, as a Tor hidden service. Meaning your service can only be accessed through the Tor network, anonymous by default. Like so, your ISP can only see that you are using the tor network, but he can't tell what you're doing with it.</p>
+<img src="2.png" class="imgRz">
+<p>if your ISP does not allow Tor traffic, you'll need to run a VPN on the server that's running the Tor hidden service, that way, you'll be able hide to your ISP that there is tor traffic at your house, while still being able to have a Hidden service reachable.</p>
+<p>To find out how to run Hidden Services, you can check out <a href="../torwebsite/index.html">this</a> tutorial.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Warning, do not host anything sensitive at Home!</b></h2> </br> </br>
+<p>Note that Tor has had 0days in the past, and it could still have some. <b>Therefore be aware hosting Anonymous services at home is not suitable for Sensitive use.</b> As all it takes is for Tor to have one 0day for an adversary to be able to find out where the service truly is. Therefore keep in mind that <b>you should only self-host services that are not going to get you in trouble if an adversary ever finds out that it is you who's the administrator.</b> </p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nihilism.network/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://matrix.to/#/#nihilism:m.datura.network">Matrix Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@nihilism.network (<a href="https://nihilism.network/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
--- a/servers/torwebsite/index.html
+++ b/servers/torwebsite/index.html
@ -62,9 +62,8 @@
 				<div class="col-lg-8 col-lg-offset-2">
  					<a href="../anon.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-02-01</ba></p>
 <h1>Tor Website Setup </h1>
-<img src="0.png" class="imgRz">
+<img src="../hiddenservices/2.png" class="imgRz">
 <p>In this tutorial we'll setup a TOR website, which can be accessed via a .onion link. We'll set it up using nginx and Tor. </p>
-<p>TODO: setups where 1) isp doesnt allow tor traffic 2) isp doesnt allow tor, nor vpns</p>
          
 	       </div>
 			</div><!-- /row -->
@ -77,9 +76,35 @@
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Initial Setup </b></h2>
-<p>First compute your tor domain:</p>
+<p>Before starting, check if your ISP allows tor use or not. And if it does not, make sure you install a VPN to hide the fact that you're using Tor as we did previously <a href="../vpn/index.html">here</a>:</p>
 <pre><code class="nim">
+# Download the Mullvad signing key
+sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc

+# Add the Mullvad repository server to apt
+echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list
+# Or add the Mullvad BETA repository server to apt
+echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/beta $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list
+
+# Install the package
+sudo apt update
+sudo apt install mullvad-vpn
+
+# Connect to Mullvad VPN
+mullvad account login
+Enter an account number: 91320912809328832
+Mullvad account "91320912809328832" set
+
+# Connect to the VPN:
+mullvad lockdown-mode set on
+mullvad connect
+
+curl ifconfig.me
+194.127.199.92
+
+</pre></code>
+<p>Once done, install tor and compute your Tor domain:</p>
+<pre><code class="nim">
 [ Datura-Network ] [ /dev/pts/11 ] [/srv]
 → apt install gcc libc6-dev libsodium-dev make autoconf tor

--- a/servers/vpn/index.html
+++ b/servers/vpn/index.html
@ -122,6 +122,17 @@ echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --prin
 sudo apt update
 sudo apt install mullvad-vpn
 	
+# Connect to Mullvad VPN
+mullvad account login
+Enter an account number: 91320912809328832
+Mullvad account "91320912809328832" set
+
+# Connect to the VPN:
+mullvad lockdown-mode set on
+mullvad connect
+
+curl ifconfig.me
+194.127.199.92
 </code></pre>

 <p>From there, Bob can launch the VPN from his desktop:</p>