Defend Online Anonymity – Set Up a Tor Relay

Got this in a email from the good people over at EFF:

Dear Anarchy,
We use Tor to access our website and to publish to our blog, which is blocked inside of our country. — Iranian human rights activist
If you could do something to make the Internet safer and more private for activists, investigative journalists, and humanitarian aid workers around the world, would you?

You can.

Today EFF is launching the Tor Challenge—a campaign to encourage Internet users all over the world to support the Tor network by operating relays.

Tor is a service that helps you to protect your anonymity while using the Internet and allows you to circumvent Internet censorship. When you use the Tor software, your real IP address remains hidden. Activists all over the world depend on Tor to maintain anonymity when communicating and accessing websites that have been blocked by their governments.

The Tor software depends on the Tor network, which is made up of Tor relays operated by individuals like you. The more Tor relays we have running, the faster, more secure and more robust the Tor network becomes.

Are you ready to help Internet activists all over the world?

Click here to see how and learn more.
Defending your digital rights,

The EFF Activism Team

This is a great idea and more ppl should run tor exit relays, but it does not come with out some pains. I kept on getting DMCA notices so i had to employ a few exit policy rules on my relay. Here is the ones im using.

ExitPolicy accept *:20-23 # FTP, SSH, telnet
ExitPolicy accept *:43 # WHOIS
ExitPolicy accept *:53 # DNS
ExitPolicy accept *:79-81 # finger, HTTP
ExitPolicy accept *:88 # kerberos
ExitPolicy accept *:110 # POP3
ExitPolicy accept *:143 # IMAP
ExitPolicy accept *:194 # IRC
ExitPolicy accept *:220 # IMAP3
ExitPolicy accept *:443 # HTTPS
ExitPolicy accept *:464-465 # kpasswd, SMTP over SSL
ExitPolicy accept *:543-544
ExitPolicy accept *:563 # NNTP over SSL
ExitPolicy accept *:587 # SMTP
ExitPolicy accept *:706
ExitPolicy accept *:749 # kerberos
ExitPolicy accept *:873 # rsync
ExitPolicy accept *:902-904
ExitPolicy accept *:981
ExitPolicy accept *:989-995 # FTP over SSL, Netnews Administration System, telnets, IMAP over SSL, ircs, POP3 over SSL
ExitPolicy accept *:1194 # openvpn
ExitPolicy accept *:1220 # QT Server Admin
ExitPolicy accept *:1293 # PKT-KRB-IPSec
ExitPolicy accept *:1500 # VLSI License Manager
ExitPolicy accept *:1723 # PPTP
ExitPolicy accept *:1863 # MSNP
ExitPolicy accept *:2082-2083 # Radius
ExitPolicy accept *:2086-2087 # GNUnet, ELI
ExitPolicy accept *:2095-2096 # NBX
ExitPolicy accept *:3128 # SQUID
ExitPolicy accept *:3389 # MS WBT
ExitPolicy accept *:3690 # SVN
ExitPolicy accept *:4321 # RWHOIS
ExitPolicy accept *:4643
ExitPolicy accept *:5050 # MMCC
ExitPolicy accept *:5190 # ICQ
ExitPolicy accept *:5222-5223 # XMPP, XMPP over SSL
ExitPolicy accept *:5900 # VNC
ExitPolicy accept *:6666-6667 #IRC
ExitPolicy accept *:6679
ExitPolicy accept *:6697
ExitPolicy accept *:8000 # iRDMI
ExitPolicy accept *:8008
ExitPolicy accept *:8080 # HTTP Proxies
ExitPolicy accept *:8087-8088 # Simplify Media SPP Protocol, Radan HTTP
ExitPolicy accept *:8443 # PCsync HTTPS
ExitPolicy accept *:8888 # HTTP Proxies, NewsEDGE
ExitPolicy accept *:9418 # git
ExitPolicy accept *:9999 # distinct
ExitPolicy accept *:10000 # Network Data Management Protocol
ExitPolicy accept *:19638
ExitPolicy reject *:*

So anyway, yes everyone should run a tor relay and should also use the above for your tor relay config. On ubuntu boxes just search for ExitPolicy in /etc/tor/torrc and past it in. Be sure to comment out any pre-existing exit policies. Ok go set up a tor exit relay already!!

Hacking with ODiG

Some of you maybe have seen this before, I had this post/tool on one of my old sites a long time ago. I am going to show you how to do a zone transfer using my online tool ODiG. Ok so its not really hacking but it can help you get a foot in the door. Wikipedia says a zone transfer also sometimes known by its (most common) opcode mnemonic AXFR, is a type of DNS transaction. It is one of the many mechanisms available for administrators to employ for replicating the databases containing the DNS data across a set of DNS servers. Zone transfer comes in two flavors, full (opcode AXFR) and incremental (IXFR). Nearly universal at one time, it is now becoming less popular in favor of the use of other database replication mechanisms that modern DNS server packages provide.

Ok so what all that means is a DNS zone transfer will give us all the subdomains a DNS has on record for a given domain. Like if we did a zone transfer on a DNS server that servces google we would get mail.google.com, code.google.com, images.google.com and so on. In other words giving you more access points into the network, now instead of just the www.target.com and what ever links you can find on the site you can attack anything they may have that goes out to the net. You might get lucky and find some test servers and who knows what else.

For testing I will be using morainepark.edu a local tech college. Now goto ODiG and use morainepark.edu as the target and in the query drop down select NS (nameserver), leave the rest as is, enter in the captcha and hit submit. Now we are looking for what ever DNS server holds records for the domain morainepark.edu so we will be looking in the “;; AUTHORITY SECTION:” and we see “morainepark.edu. 9863 IN NS dns.uw-mad.wiscnet.net” Here we see that dns.uw-mad.wiscnet.net is the DNS server that holds the records we want so now again go back to ODiG. Again put morainepark.edu as the target only this time put dns.uw-mad.wiscnet.net in the DNS server field and change the Query drop down box to AXFR (zone fransfer) enter in the captcha hit submit and you will be given all the records that DNS server holds for the morainepark.edu domain, now you can really get some scanning done!!

If you did the same thing to wisconsin.edu you would get a transfer failed message which will be the case with any secure DNS host. Now for the sake of security I wold hope ppl are pen-testing things before they expose them to the net, but more often then not they dont and that can get really messy! Securing BIND against this kind of information leak just edit /etc/bind.conf and add this line:
allow-transfer{192.168.1.4; 172.16.1.5; };

Where 192.168.1.4 and 172.16.1.5 are the only address you will allow transfers to and from. To secure other DNS server software look here: HERE

Anonymous Press Release: #OpWisconsin

OP: http://anonnews.org/?p=press&a=item&i=585

ANONYMOUSDear Citizens of the United States of America,

It has come to our attention that the brothers, David and Charles Koch–the billionaire owners of Koch Industries–have long attempted to usurp American Democracy. Their actions to undermine the legitimate political process in Wisconsin are the final straw. Starting today we fight back.

Koch Industries, and oligarchs like them, have most recently started to manipulate the political agenda in Wisconsin. Governor Walker’s union-busting budget plan contains a clause that went nearly un-noticed. This clause would allow the sale of publicly owned utility plants in Wisconsin to private parties (specifically, Koch Industries) at any price, no matter how low, without a public bidding process. The Koch’s have helped to fuel the unrest in Wisconsin and the drive behind the bill to eliminate the collective bargaining power of unions in a bid to gain a monopoly over the state’s power supplies.

The Koch brothers have made a science of fabricating ‘grassroots’ organizations and advertising campaigns to support them in an attempt to sway voters based on their falsehoods. Americans for Prosperity, Club for Growth and Citizens United are just a few of these organizations. In a world where corporate money has become the lifeblood of political influence, the labor unions are one of the few ways citizens have to fight against corporate greed. Anonymous cannot ignore the plight of the citizen-workers of Wisconsin, or the opportunity to fight for the people in America’s broken political system. For these reasons, we feel that the Koch brothers threaten the United States democratic system and, by extension, all freedom-loving individuals everywhere. As such, we have no choice but to spread the word of the Koch brothers’ political manipulation, their single-minded intent and the insidious truth of their actions in Wisconsin, for all to witness.

Anonymous hears the voice of the downtrodden American people, whose rights and liberties are being systematically removed one by one, even when their own government refuses to listen or worse – is complicit in these attacks. We are actively seeking vulnerabilities, but in the mean time we are calling for all supporters of true Democracy, and Freedom of The People, to boycott all Koch Industries’ paper products. We welcome unions across the globe to join us in this boycott to show that you will not allow big business to dictate your freedom.

U.S. Product Boycott List

Vanity Fair
Quilted Northern
Angel Soft
Sparkle
Brawny
Mardi Gras
Dixie

European Product Boycott List

Demak’Up
Kitten Soft
Lotus / Lotus Soft
Tenderly
Nouvelle Soft
Okay Ktchen Towels
Colhogar
Delica
Inversoft
Tutto

To identify these brands, please look for the following logo anywhere on the packaging:

Anonymous.

We are Legion.

We do not forgive.

We do not forget.

Expect us.

Material related to operation Tunisia

First the why:

Yeah i hope someone finds the ppl in that van and gives them a slow death!

Anonymous care package for the poor ppl of Egypt – www.bit.ly/hsAjGq

This from – http://typewith.me/optunisia
´===========================================
( ),,( )                         irc.anonops.ru:6667 #optunisia                                        ( ),( )
( ‘;’ )                                                                                                                            (‘;’ )
-(. )-                                                                                                                           -(‘.’)-
I I CENTRAL COLLECTION PAD FOR OPERATION TUNISIA RELATED MATERIAL I I
============================================
If you started a pad about something related to Operation Tunisia, add it to this list.
Please save with Nick!!!

Anonymous Press Declarations
[2011-01-15] Tunisia and its chance… (not completed; need rework!)
http://piratenpad.de/APR20110115

Guide to Protecting the Tunisian Revolution, Part One: Initial Security
http://typewith.me/how-to-protect-tunisian-arabic-french yo
Guide to Protecting the Tunisian Revolution, Part Two: Safety in Confrontation
http://www.dailykos.com/story/2011/1/16/936793/-Please-distribute-to-Tunisians:-Safety-in-Confrontation

Guide to Protecting the Tunisian Revolution, Part Three: Transforming National Politics (still in progress, please assist)
http://www.typewith.me/qdjqeFFu8O

Stuff about the families who’re stealing Tunisia: (Arabic->English Translation needed!!)
http://piratepad.net/lMiNqsnZfi
copy at http://typewith.me/MvarLgc6u6

Manifesto from tunisian protesters:
http://typewith.me/stDHppshwJ <

Video footage of Tunisia (add your own!)
http://typewith.me/TunisiaVideoFootage

Tunisians needs FTPs for mirror – #ftp (died?)no #ftp
Info-List: http://piratenpad.de/6V13pN0sxM

Untrusted Twitter accounts spreading false news
http://piratepad.net/GGYVc6RtnA < reverted

Translation pad for Tunisia IRC project
http://typewith.me/TunisiaIRCTranslation

Tunisians, tell your stories here! (need translators)
http://piratepad.net/G9CvOF3dbg
copy at http://typewith.me/wzfsEVIx7B

Manifesto from Anon about Tunisia:
http://piratepad.net/5d891ABcBW

Video ideas and links:
http://piratepad.net/VJhU2KXfMQ

“Video site” zip and mirrors
http://pad.telecomix.org/tnvideos-mirrors

Video about a man put out of his country, and subtitle translation (need an incruster for the subtitle)
http://piratepad.net/7eT1ozHLSN
copy at http://typewith.me/7fc5aYZ2LW

Anon Video to be subtitled: http://www.youtube.com/watch?v=BFLaBRk9wY0
http://piratepad.net/XZtZlf3acf

French Pdf to be translated: Relating to the familie who Reign over Carthage.
http://i3.makcdn.com/wp-content/blogs.dir/14986/files//2009/11/la-regente-2-carthage.pdf
http://piratepad.net/VyLDOHVMyD

Diary of Tunisia:
http://typewith.me/3koSuMGO8O

Related Stuff:
Anonymous PR Pad
http://piratenpad.de/AnonymousPR

Swift Assist – helpful notes on establishing secure networks for Tunisian revolutionaries
http://typewith.me/owA6rmGfP6

What the fuck is freedom of speech, anyway? – introduction via IHRL
http://piratepad.net/whGudXWEmM