Sign in to follow this  
Followers 0
xtrm

How to setup a Hidden Anonymous Web Server - Help please

9 posts in this topic

Hi all, after the bad news today about Megaupload, I would like to get all possible information, good advices, books, tutorials, tricks and others to setup a totally Anonymous and Hidden Web Server online.

I know that everything is crackable and everything is not 100% secure or forever anonymous, but as dark times are coming with new Laws, we need good information and fight united. Information is power.
A lot of sites are in danger of being closed, from simple forums to big file servers, thats why I would like to know your opinion about the best possible techniques of setting up an Anonymous Server, and share it with all of us to be prepared for the future.

I have seen very interesting and good articles, many of them from Irongeek (thanks). I know its a hard topic and a lot more complicated than reading tutorials, but we the non security experts, need your help in order to setup anonymous information in the net which could not be taken down easily with just a simple dns block, domain block, ISP block..


I would like to expand this topic having in mind important and hard subjects such as the following, and expand it with a lot more:
1. How to setup an Anonymous & Hidden Web Server. Best Techniques to setup an online Anonymous Hidden Web Server.
2. Hardware and Software. Best Anonymous Hardware options. External Hosting Setup Options. Best Operative System Options.
3. Speed of an Anonymous & Hidden Web Server. Setting it with the best possible speed.
4. Stimated Cost of an Anonymous & Hidden Web Server. Best possible options and Anonymous Payment Methods.
5. Example: Best techniques to setup a totally Anonymous Forum.
6. Example: Best techniques to setup a totally Anonymous File Server.
7. Blocking techniques, what they can easily take down/block and what they wont be able to.
8. Things to Never do while Creating and Managing an Anonymous Server. How to do it right without being exposed, hide all your tracks from the beggining.
9. Information Reference: Articles, books, information, forums, others..


This could be an awesome thread where we will show that our freedom and power cannot be stopped. It will be really awesome if we could create a Reference Manual for all of us and for new Web Masters. Feel free to post your comments, advices, books or anything you consider essential to know. Credits for all of you who share your knowlegde.
Thanks a lot :)

[b]Introduction and essential info:[/b]
--------------------------------
General Network Security:
http://www.irongeek.com/i.php?page=security/security

Cipherspace / Darknets: Anonymizing Networks:
http://www.irongeek.com/downloads/darknets-aide.pdf

Introduction to Tor:
http://www.irongeek.com/i.php?page=videos/tor-1

Getting started with the I2P Darknet:
http://www.irongeek.com/i.php?page=videos/getting-started-with-the-i2p-darknet

Installing the I2P darknet software in Linux:
http://www.irongeek.com/i.php?page=videos/i2p-darknet-software-in-linux


[b]Setting up hidden Services:[/b]
---------------------------
Setting Up Hidden Services in Tor:
http://www.irongeek.com/i.php?page=videos/tor-hidden-services
https://www.torproject.org/docs/tor-hidden-service.html.en
http://en.linuxreviews.org/HOWTO_publish_anonymously_on_the_Internet_using_Tor

Hosting Hidden Services in I2P: eepSites and SSH:
http://www.irongeek.com/i.php?page=videos/i2p-darknet-hidden-servers


[b]Attacking and Getting Info of Anonymous Servers:[/b]
------------------------------------------------
Cipherspace / Darknets Weakness, Overview of Attack Strategies:
http://www.irongeek.com/downloads/Adrian-Crenshaw-darknet-weaknesses.pptx

Locating I2P Services Via Leaks on the Application Layer:
http://www.irongeek.com/downloads/i2pproposal.pdf

Darknets and hidden servers: Identifying the true IP/network identity of I2P service hosts:
http://www.irongeek.com/i.php?page=security/darknets-i2p-identifying-hidden-servers


[b]Others:[/b]
-------
Building a remote cheap host:
http://www.irongeek.com/i.php?page=security/svartkast-pogoplug-dropbox

Anonymous Links:
http://en.wikipedia.org/wiki/Magnet_URI_scheme

Decentralized Private Medium Size Network:
http://sourceforge.net/projects/wasteagain/ Edited by xtrm
1 person likes this

Share this post


Link to post
Share on other sites
i think that people are going to have to start building their own private wifi mesh networks to allow the spread of information freely over air waves..

while these types of networks could also be effected by laws, or government intervention it would be a lot more difficult to shut down hundreds or thousands of smaller mesh networks than just taking down a website...

EDIT- oh and you could probably run a hidden server on tor .onion Edited by nyphonejacks

Share this post


Link to post
Share on other sites
[quote name='nyphonejacks' timestamp='1327110063' post='360214']
i think that people are going to have to start building their own private wifi mesh networks to allow the spread of information freely over air waves..

while these types of networks could also be effected by laws, or government intervention it would be a lot more difficult to shut down hundreds or thousands of smaller mesh networks than just taking down a website...

EDIT- oh and you could probably run a hidden server on tor .onion
[/quote]

Yes, wifi networks would be one of the best ways to stay anonymous and share info, however its really hard to implement a big wifi network in a country, and the goverment wont allow it. Small networks could be easily implemented, but you wont find many things you need as in a public network with million of users sharing content.

I have read many things these days, and there is a lot of movement cuz most Big File Centralized servers are frightened of getting down as Megaupload. People is thinking in a lot of ideas to share our power and info again. Someone talked about using private Satellites which wont be affected by any law:
http://shackspace.de/wiki/doku.php?id=project:hgg
http://aerospaceresearch.net/constellation (company supporting the hacker network).

There is also a lot of talking about p2p and how to improve it to avoid fakes and false spam links using magnet and elinks.

I think that its just question of time until the people agrees together again into the best way to share info.

Share this post


Link to post
Share on other sites
Buy hosting in favourite legally unreachable hornets nest (russia, china, anywhere really truly offshore), share location by ip address, be naughty until your hosts get fed up with your behavour/bandwidth usage and evict you. Rinse & repeat with new host.

Share this post


Link to post
Share on other sites
[quote name='phaedrus' timestamp='1327361835' post='360229']
Buy hosting in favourite legally unreachable hornets nest (russia, china, anywhere really truly offshore), share location by ip address, be naughty until your hosts get fed up with your behavour/bandwidth usage and evict you. Rinse & repeat with new host.
[/quote]

would be nice, until the DNS servers do not direct traffic to your site... sharing ip addresses would be a major PITA

Share this post


Link to post
Share on other sites
Thats why its always a great thing to have your dns hosted by a different service than your webhosts, then you are not putting all your eggs in one basket and can be back up and running on a new server within hours of problems.

What's even better is to have your own domain registrar register it too, so you can edit the details on the console directly too. And steer clear of .uk & .com domains of course, nominet have some strange ips tag system which costs a fortune to register in, and .com we all know about the current activities going down there. It is a pity they tightened up on cook islands requirements so much, as it used to be fun to have a .co.ck domain way back but now all the requirements to be met puts it outside the bounds of doable for a bit of fun. .ru should strike phear into any sysadmin's heart as they read the snort logs too :-)

The question of level of setup/operational cost vs level of payback is what it comes down to as always. How naughty are you going to be? will it pay enough to cover the above properly? If you are just building a information store and not generally going to be a asshole over half the internet from the server, you probably can quietly get away with it without making too many ripples.

I do believe spammers,phishers and carders should burn in hell, and the above is not a endorsement. Their obvious abuse of the above has gotten many a good host and service prematurely shut down or put under the spotlight.

Share this post


Link to post
Share on other sites
check out waste again

http://wasteagain.sourceforge.net/

[quote]

What is "WASTE again"?

"WASTE again" enables you to create a decentralized and secure private mesh network using an unsecure network, such as the internet. Once the public encryption keys are exchanged, sending messages, creating groupchats and transferring files is easy and secure.

Supported Platforms

Windows XP 32bit
Linux (wxWidgets)
Mac OSX (wxWidgets)
Current Features

Encrypted Chat
Encrypted Groupchat
Automated Key Exchange
Encrypted File Transfer
Single-Source downloads
Browsing other users shared files
Sending files
Presence (Online, Away, Busy, DND, Sleeping)[/quote]

Share this post


Link to post
Share on other sites
Page kite would work well as an alternative to dyndns and since it is over SSL and can filter requests you could setup a mobile server and move from place to place because propagation apparently is around 30-45 minutes you could get a rental truck and add two server racks and a generator plus UPS plus some batteries and you have a line of cat5/6 or a wireless mobile internet with a couple dozen pages. If you could broadcast further using pirate box style repeater boxes or laptops that would be a amazing setup

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0