For those concerned about their communications like me, you should consider to use a xmpp server on your own and invite your friends to chat in your server! it is simple and fast to configure one and all you need is a domain name and a server. It will take no more than 2 hours of your time and after that, a little maintenance and admin tasks (if you decide to not let people create their own account).
Here I'm posting a simple config file that really works in most Linux servers, by the way it was tested and is being working nicely with Debian x84 "Jessie".
For those that do not know what prosody is, here is their official website, please go and dive in to learn a little more!
https://prosody.im/
First `cp` your default file `/etc/prosody/prosody.cfg.lua` to `/etc/prosody/prosody.cfg.lua.bck`, then edit its content with the following code.. (if you do not want use mysql just remove the block, by default it will use files).
-- Prosody XMPP Server Configuration
------------------------------[ Server-wide settings ]------------------------------
-- Example: admins = { "user1@example.com", "user2@example.com" }
admins = {"name@mail.com"}
-- This is the list of modules Prosody will load on startup.
-- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
-- Documentation on modules can be found at: http://prosody.im/doc/modules
plugin_paths = { "/usr/lib/prosody/modules/", "/usr/lib/prosody/modules_community/" }
modules_enabled = {
-- Core modules (alphabetical order) -- default location is "/usr/lib/prosody/modules"
"admin_adhoc"; -- Admin interfaces -- Allows administration via an XMPP client that supports ad-hoc commands
"admin_telnet"; -- Admin interfaces -- Opens telnet console interface on localhost port 5582
"announce"; -- Other specific functionality -- https://prosody.im/doc/modules/mod_announce
"bosh"; -- HTTP modules -- Enable BOSH clients, aka "Jabber over HTTP"
"dialback"; -- Generally required -- s2s dialback support
"disco"; -- Generally required -- Service discovery
"http"; -- HTTP modules -- https://prosody.im/doc/modules/mod_http
"pep"; -- Nice to have -- Enables users to publish their mood, activity, playing music and more
"ping"; -- Nice to have -- Replies to XMPP pings with pongs
"posix"; -- Generally required -- POSIX functionality, sends server to background, enables syslog, etc.
"private"; -- Not essential, but recommended -- Private XML storage (for room bookmarks, etc.)
"register"; -- Nice to have -- https://prosody.im/doc/modules/mod_register
"roster"; -- Generally required -- Allow users to have a roster. Recommended ;)
"saslauth"; -- Generally required -- Authentication for clients and servers. Recommended if you want to log in.
"time"; -- Nice to have -- Let others know the time here on this server
"tls"; -- Generally required -- Add support for secure TLS on c2s/s2s connections
"uptime"; -- Nice to have -- Report how long server has been running
"vcard"; -- Not essential, but recommended -- Allow users to set vCards
"version"; -- Nice to have -- Replies to server version requests
"watchregistrations"; -- Other specific functionality -- https://prosody.im/doc/modules/mod_watchregistrations
"welcome"; -- Other specific functionality -- Welcome users who register accounts
-- Community modules (alphabetical order) -- default location is "/usr/lib/prosody/modules_community"
"carbons"; -- https://modules.prosody.im/mod_carbons.html
"mam"; -- https://modules.prosody.im/mod_mam.html
};
-- These modules are auto-loaded, but should you want
-- to disable them then uncomment them here:
modules_disabled = {
-- "offline"; -- Store offline messages
-- "c2s"; -- Handle client connections
-- "s2s"; -- Handle server-to-server connections
};
-- Settings for "mod_register" -- https://prosody.im/doc/modules/mod_register
allow_registration = true -- Whether to allow registration of new accounts via Jabber clients
registration_blacklist = { } -- List of IP addresses to deny registration
registration_whitelist = { } -- List of IP addresses to allow registration (bypassing all throttling and limits)
whitelist_registration_only = false -- Whether to only allow IPs in registration_whitelist to register
min_seconds_between_registrations = 300 -- seconds a client at a particular IP address must wait before it can register again
registration_throttle_max = nil -- Defaults to 1 if min_seconds_between_registrations is set, otherwise unset. New in 0.10
registration_throttle_period = nil -- Defaults to the same value as min_seconds_between_registrations. New in 0.10
registration_throttle_cache_size = 100 -- How many IP addresses to keep track of for throttling. New in 0.10
blacklist_on_registration_throttle_overload = false -- Determines behavior if the above cache overflows. If true and the IP is still over the limit, add it to the registration blacklist. New in version 0.10.
registration_notification = "User $username just registered on $host from $ip"
-- Settings for "mod_welcome" -- https://prosody.im/doc/modules/mod_welcome
welcome_message = "Welcome $username - please take a look at https://yourdomain/xmpp-im/ for further information about this IM."
-- Settings for COMMUNITY MODS (alphabetical order)
-- Settings for "http_upload" -- https://modules.prosody.im/mod_http_upload.html
http_upload_path = "/var/lib/prosody/http_upload/"
http_upload_file_size_limit = 2097152 -- bytes
-- Settings for "mod_mam" -- https://modules.prosody.im/mod_mam.html
-- Storage backend
storage = {
archive = "sql";
}
-- Query size limits
max_archive_query_results = 20;
-- Archive expiry
archive_expires_after = "2m" -- two months or ("1d" one day; one week; the default; 60 * 60 one hour; "never" forever)
-- Message matching policy
-- default_archive_policy = false -- stores no messages
-- default_archive_policy = "roster" -- stores messages to/from contacts in the users roster
default_archive_policy = true -- stores all messages. This is the default.
-- Settings for "mod_mam_muc" -- https://modules.prosody.im/mod_mam_muc.html
muc_log_by_default = true; -- Enable logging by default (can be disabled in room config)
muc_log_all_rooms = false; -- set to true to force logging of all rooms
max_archive_query_results = 20; -- "20" is the largest number of messages that are allowed to be retrieved in one MAM request.
max_history_messages = 5; -- "1000" is the largest number of messages that are allowed to be retrieved when joining a room.
-- Settings for "mod_smacks" -- https://modules.prosody.im/mod_smacks.html
smacks_hibernation_time = 300 -- The number of seconds a disconnected session should stay alive for (to allow reconnect)
smacks_enabled_s2s = false -- Enable Stream Management on server connections? Experimental
smacks_max_unacked_stanzas = 0 -- How many stanzas to send before requesting acknowledgement
smacks_max_ack_delay = 60 -- The number of seconds an ack must be unanswered to trigger an "smacks-ack-delayed" event
------------------------------[ Non-module related Prosody settings ]------------------------------
-- These are the SSL/TLS-related settings. If you don't want
-- to use SSL/TLS, you may comment or remove this
ssl = {
key = "/etc/prosody/certs/your-key.key";
certificate = "/etc/prosody/certs/your-cert.crt";
}
-- Force clients to use encrypted connections? This option will
-- prevent clients from authenticating unless they are using encryption.
c2s_require_encryption = true
-- Force certificate authentication for server-to-server connections?
-- This provides ideal security, but requires servers you communicate
-- with to support encryption AND present valid, trusted certificates.
-- NOTE: Your version of LuaSec must support certificate verification!
-- For more information see http://prosody.im/doc/s2s#security
s2s_secure_auth = true
-- Many servers don't support encryption or have invalid or self-signed
-- certificates. You can list domains here that will not be required to
-- authenticate using certificates. They will be authenticated using DNS.
-- s2s_secure_domains = { "jabber.org" }
-- Required for init scripts and prosodyctl
pidfile = "/var/run/prosody/prosody.pid"
-- Select the authentication backend to use. The 'internal' providers
-- use Prosody's configured data storage to store the authentication data.
-- To allow Prosody to offer secure authentication mechanisms to clients, the
-- default provider stores passwords in plaintext. If you do not trust your
-- server please see http://prosody.im/doc/modules/mod_auth_internal_hashed
-- for information about using the hashed backend.
authentication = "internal_hashed"
-- Select the storage backend to use. By default Prosody uses flat files
-- in its configured data directory, but it also supports more backends
-- through modules. An "sql" backend is included by default, but requires
-- additional dependencies. See http://prosody.im/doc/storage for more info.
-- storage = "sql" -- Default is "internal" (Debian: "sql" requires one of the
-- lua-dbi-sqlite3, lua-dbi-mysql or lua-dbi-postgresql packages to work)
-- For the "sql" backend, you can uncomment *one* of the below to configure:
-- sql = { driver = "SQLite3", database = "prosody.sqlite" } -- Default. 'database' is the filename.
sql = {
driver = "MySQL", database = "prosody", username = "prosody", password = "*******", host = "localhost"
}
-- Logging configuration
-- For advanced logging see http://prosody.im/doc/logging
log = {
info = "/var/log/prosody/prosody.log"; -- Change 'info' to 'debug' for verbose logging
error = "/var/log/prosody/prosody.err";
"*syslog";
}
------------------------------[ Virtual hosts ]------------------------------
-- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
-- Settings under each VirtualHost entry apply *only* to that host.
VirtualHost "your-domain.tld"
-- Assign this host a certificate for TLS, otherwise it would use the one
-- set in the global section (if any).
-- Note that old-style SSL on port 5223 only supports one certificate, and will always
-- use the global one.
ssl = {
key = "/etc/prosody/certs/your-key.key";
certificate = "/etc/prosody/certs/your-cert.crt";
}
------------------------------[ Components ]------------------------------
-- You can specify components to add hosts that provide special services,
-- like multi-user conferences, and transports.
-- For more information on components, see http://prosody.im/doc/components
-- Set up a MUC (multi-user chat) room server on conference.example.com:
Component "conference.your-domain.tld" "muc"
name = "Your Domain chatrooms server - check https://your-domain.tld/xmpp-im/ for further information."
--max_history_messages = 5
--modules_enabled = {
-- "mam_muc"; -- https://modules.prosody.im/mod_mam_muc.html
--}
-- Set up a SOCKS5 bytestream proxy for server-proxied file transfers:
-- Component "proxy.example.com" "proxy65"
-- Set up an external component (default component port is 5347)
--
-- External components allow adding various services, such as gateways/
-- transports to other networks like ICQ, MSN and Yahoo. For more info
-- see: http://prosody.im/doc/components#adding_an_external_component
--
-- Component "gateway.example.com"
-- component_secret = "password"
Now that you have your configuration file in place, you have to connect to your server using any IM client (before see, prosody website how to create new user in the server), I'm using Gajim, it is pretty easy to setup a connection and create new users, access chat rooms, etc.. but you can use any IM client of your choice.
By default it connects on port 5222.
That's all folks!
2017-11-02
How To Set Up an E-Mail Server with Dovecot
Configure Dovecot to receive email with in your server.
Install dovecot with `apt-get install dovecot-imapd`
Dovecot version and config file
# 2.2.9: `/etc/dovecot/dovecot.conf`
Linux Server (it will work with new versions with little or no adjustment)
# OS: Linux 3.13.0-116-generic x86_64 Ubuntu 14.04.5 LTS
Edit your `/etc/dovecot/dovecot.conf` file.
auth_debug = yes
auth_debug_passwords = yes
disable_plaintext_auth = no
listen = *
mail_location = mbox:~/mail:INBOX=/var/mail/%u
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
#driver = pam
}
passdb {
args = scheme=SHA512-CRYPT username_format=%u /etc/dovecot/users
driver = passwd-file
}
protocols = imap
service auth-worker {
group = shadow
}
ssl_cert =
ssl_key = userdb {
driver = passwd
}
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep
}
This file `/etc/dovecot/users` was created, see below:
To generate the password, execute `doveadm`
doveadm pw -s SHA512-CRYPT (the password will be prompted)
The command returns something like this, put this string inside `/etc/dovecot/users` and save.
user:{SHA512-CRYPT}$6$2TEJo6hStd3.NgQs$5nIeyUn/1bA4.dptvfsQ0wtU1XtnSqGRSkmn5bV5OcJRRAurmYxdaUcgOpEpQSLbHmKwhgRa9ik18TN6ckVuH0:1000:1000::/home/user
I will not cover SMTP here, but you can install `Exim4` (MTA) and combine the use with `Dovecot` (MDA) if you like, there are many options out there.
That's All! Enjoy your new mailserver.
Install dovecot with `apt-get install dovecot-imapd`
Dovecot version and config file
# 2.2.9: `/etc/dovecot/dovecot.conf`
Linux Server (it will work with new versions with little or no adjustment)
# OS: Linux 3.13.0-116-generic x86_64 Ubuntu 14.04.5 LTS
Edit your `/etc/dovecot/dovecot.conf` file.
auth_debug = yes
auth_debug_passwords = yes
disable_plaintext_auth = no
listen = *
mail_location = mbox:~/mail:INBOX=/var/mail/%u
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
#driver = pam
}
passdb {
args = scheme=SHA512-CRYPT username_format=%u /etc/dovecot/users
driver = passwd-file
}
protocols = imap
service auth-worker {
group = shadow
}
ssl_cert =
ssl_key = userdb {
driver = passwd
}
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep
}
This file `/etc/dovecot/users` was created, see below:
To generate the password, execute `doveadm`
doveadm pw -s SHA512-CRYPT (the password will be prompted)
The command returns something like this, put this string inside `/etc/dovecot/users` and save.
user:{SHA512-CRYPT}$6$2TEJo6hStd3.NgQs$5nIeyUn/1bA4.dptvfsQ0wtU1XtnSqGRSkmn5bV5OcJRRAurmYxdaUcgOpEpQSLbHmKwhgRa9ik18TN6ckVuH0:1000:1000::/home/user
I will not cover SMTP here, but you can install `Exim4` (MTA) and combine the use with `Dovecot` (MDA) if you like, there are many options out there.
That's All! Enjoy your new mailserver.
2017-09-03
PHP Nota Fiscal Serviço de Comunicação mod 21
(THIS POST IS ONLY FOR BRAZILIANS)
Essa classe deve ser usada unica e exclusivamente para gerar Nota Fiscal de Serviço de Comunicação, modelo 21, para empresas prestadoras de serviços de internet, tais como provedores de internet. Com um pouco de adaptação a classe pode ser usada tambem para empresas do setor de fornecimento de energia elétrica.
Você pode fazer o clone direto no github -->> https://github.com/deepcell/Nfsc21.git
Essa classe deve ser usada unica e exclusivamente para gerar Nota Fiscal de Serviço de Comunicação, modelo 21, para empresas prestadoras de serviços de internet, tais como provedores de internet. Com um pouco de adaptação a classe pode ser usada tambem para empresas do setor de fornecimento de energia elétrica.
Com a intenção de ajudar as pequenas empresas do setor de comunicação (prestadoras de serviços de internet)
a se enquadrarem no novo modelo de emissão de nota fiscal exijido pelo governo brasileiro, essa classe
esta sendo disponibilizada como código aberto para a comunidade.
Você pode fazer o clone direto no github -->> https://github.com/deepcell/Nfsc21.git
2016-08-02
IRC & TOR HIDDEN SERVICE
IRC & TOR HIDDEN SERVICE
DESCRIPTION
IRC Server behind tor hidden seervice
Firstly, I decided to write this post because when I started using tor
tor hidden service with irc server, I didn't realize it was going to be
a pain in the ass, but with a little efort I figure out how to do it in
the simple way. Secondly I would like to save and share this information
'cause I know someone will have the same questions I had.
Here follow what I have done to get my irc server connected to internet
behind tor hidden service. It is important to note that I have no domain
name, no hostname, no fixed IP address, all I have is a local server
running in the loopback (127.0.0.1) address. I will not cover or make
any specific endorsements about irc server here, it will be expalained
in details in another post.
The intention here is to cover only tor hidden service and irc client
configuration. This instructions are suposed to work only with Linux OS.
DOWNLOAD
irc server
InspIRCd is a modular Internet Relay Chat (IRC) server written in C++
for Linux, BSD, Windows and Mac OS X systems.
https://www.inspircd.org/
tor
If you are using Debian/Ubuntu then you can download and install tor
from here (just follow the instructions on this page):
https://www.torproject.org/docs/debian.html.en#ubuntu
irc client
This document was tested using irssi and hexchat, however you can try
with another irc client like BitchX, xchat, mirc, ..
IRSSI - https://irssi.org/
Hexchat - https://hexchat.github.io/
If you are using debian/ubuntu then apt-get should be enough to make the
installaation of IRSSI or Hexchat.
CONFIGURATION
tor
There are at least 3 diferent methods to connect an IRC server through
Tor: using transparent proxying, socat or usewithtor.
Here I will cover only transparent proxying.
Basically you have to configure your `torrc` file, with debian/ubuntu it
is located at: `/etc/tor/torrc` open your torrc in your favorite text
editor and search for this line:
"This section is just for location-hidden services"
You have to add you HiddenServiceDir (location of the hostname and
private key) and HiddenServicePort in your file.
Here is what I added in my file
HiddenServiceDir /home//irc_hidden_service/
HiddenServicePort 6697 127.0.0.1:6697 # serve with ssl
HiddenServicePort 9050 127.0.0.1:9050
## ________________________
## | TRANSPARENT PROXYING |
## |______________________|
##
## IsolateClientAddr = (on by default) Separate connecting
## clients by address
## IsolateSOCKSAuth = (on by default) Separate streams with
## different SOCKS authentications
## IsolateClientProtocol = SOCKS4, SOCKS5, TransPort connections,
## NATDPort connections, and DNSPort
## requests are all considered different
## protocols
## IsolateDestPort = Separate by destination port
## IsolateDestAddr = Separate by destination address
TransPort 127.0.0.1:9050 IsolateClientAddr IsolateClientProtocol IsolateDestAddr
DNSPort 127.0.0.1:5353 # it is important to resolve the hostname
VirtualAddrNetwork 127.192.0.0/10 ## maps an IP address from localhost/10
AutomapHostsOnResolve 1 ## to each connection to a new host which
AutomapHostsSuffixes .exit,.onion ## ends in '.exit' or '.onion'
Save your torrc file and than restart your tor daemon.
$ sudo /etc/init.d/tor restart
Important: each time you edit your torrc file, then you restart your tor.
Hexchat
Open Network List > add a new network, then edit the network, in the
tab Servers, add your new hostname created by your tor (it is located in
your HiddenServiceDir /home//irc_hidden_service/). Open the
hostname file and you should see your address there! something like this
2lqoa4hzw5sy566nuts.onion
When editing the network if you are using ssl then check these options:
✓ Use ssl for all servers in this network
✓ Accept invalide certificate (check if you are using self-signed cert.)
Open Settings > Preferences > in Network Setup > Proxy server
Hostname: 127.0.0.1
Port: 9050 (The same `TransPort` in your `torrc` file)
Type: Socks5
Use Proxy for: All Connections
IRSSI and others irc client
The same config used with Hexchat.
SYNOPSIS
Have sure your irc server and tor is up and running.
Start your irc server (I'm using InspIRCd v2.0.21 - inspircd.org)
user@host:/$ inspircd start/restart/stop
Start tor
user@host:/$ tor &
Start your irc client
user@host:/$ hexchat &
Once the irc client is up and running, than connect to your onion address
(see configuration hexchat).
FAQ
Q: So does this really work?
A: Yes. just try it!
HOW DOES IT WORK?
"Tor makes it possible for users to hide their locations while offering
various kinds of services, such as web publishing or an instant messaging
server. Using Tor "rendezvous points," other Tor users can connect to these
hidden services, each without knowing the other's network identity..."
https://www.torproject.org/docs/hidden-services.html.en
"Tor allows clients and relays to offer hidden services. That is, you can
offer a web server, SSH server, etc., without revealing your IP address to
its users. In fact, because you don't use any public address, you can run a
hidden service from behind your firewall."
https://www.torproject.org/docs/tor-hidden-service.html.en
Be aware DNS leak may occur, you have to learn how to block/prevent it.
EXAMPLE USAGE
see SYNOPSIS
SEE ALSO
to get started with your onion address
https://www.torproject.org/docs/tor-hidden-service.html.en
How to Torify your service
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IrcSilc
If you are using irssi irc client (actually it worked out with hexchat/xchat)
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/irssi
Lots of reading (recommended)
http://freehaven.net/anonbib/topic.html#Tor_20Performance
A bit more
https://riseup.net/en/security/network-security/tor/onionservices-best-practices
CONTACT
Questions or hate mail, please send it all here -> deepcell@gmail.com
I look forward to hearing from you!
DESCRIPTION
IRC Server behind tor hidden seervice
Firstly, I decided to write this post because when I started using tor
tor hidden service with irc server, I didn't realize it was going to be
a pain in the ass, but with a little efort I figure out how to do it in
the simple way. Secondly I would like to save and share this information
'cause I know someone will have the same questions I had.
Here follow what I have done to get my irc server connected to internet
behind tor hidden service. It is important to note that I have no domain
name, no hostname, no fixed IP address, all I have is a local server
running in the loopback (127.0.0.1) address. I will not cover or make
any specific endorsements about irc server here, it will be expalained
in details in another post.
The intention here is to cover only tor hidden service and irc client
configuration. This instructions are suposed to work only with Linux OS.
DOWNLOAD
irc server
InspIRCd is a modular Internet Relay Chat (IRC) server written in C++
for Linux, BSD, Windows and Mac OS X systems.
https://www.inspircd.org/
tor
If you are using Debian/Ubuntu then you can download and install tor
from here (just follow the instructions on this page):
https://www.torproject.org/docs/debian.html.en#ubuntu
irc client
This document was tested using irssi and hexchat, however you can try
with another irc client like BitchX, xchat, mirc, ..
IRSSI - https://irssi.org/
Hexchat - https://hexchat.github.io/
If you are using debian/ubuntu then apt-get should be enough to make the
installaation of IRSSI or Hexchat.
CONFIGURATION
tor
There are at least 3 diferent methods to connect an IRC server through
Tor: using transparent proxying, socat or usewithtor.
Here I will cover only transparent proxying.
Basically you have to configure your `torrc` file, with debian/ubuntu it
is located at: `/etc/tor/torrc` open your torrc in your favorite text
editor and search for this line:
"This section is just for location-hidden services"
You have to add you HiddenServiceDir (location of the hostname and
private key) and HiddenServicePort in your file.
Here is what I added in my file
HiddenServiceDir /home/
HiddenServicePort 6697 127.0.0.1:6697 # serve with ssl
HiddenServicePort 9050 127.0.0.1:9050
## ________________________
## | TRANSPARENT PROXYING |
## |______________________|
##
## IsolateClientAddr = (on by default) Separate connecting
## clients by address
## IsolateSOCKSAuth = (on by default) Separate streams with
## different SOCKS authentications
## IsolateClientProtocol = SOCKS4, SOCKS5, TransPort connections,
## NATDPort connections, and DNSPort
## requests are all considered different
## protocols
## IsolateDestPort = Separate by destination port
## IsolateDestAddr = Separate by destination address
TransPort 127.0.0.1:9050 IsolateClientAddr IsolateClientProtocol IsolateDestAddr
DNSPort 127.0.0.1:5353 # it is important to resolve the hostname
VirtualAddrNetwork 127.192.0.0/10 ## maps an IP address from localhost/10
AutomapHostsOnResolve 1 ## to each connection to a new host which
AutomapHostsSuffixes .exit,.onion ## ends in '.exit' or '.onion'
Save your torrc file and than restart your tor daemon.
$ sudo /etc/init.d/tor restart
Important: each time you edit your torrc file, then you restart your tor.
Hexchat
Open Network List > add a new network, then edit the network, in the
tab Servers, add your new hostname created by your tor (it is located in
your HiddenServiceDir /home/
hostname file and you should see your address there! something like this
2lqoa4hzw5sy566nuts.onion
When editing the network if you are using ssl then check these options:
✓ Use ssl for all servers in this network
✓ Accept invalide certificate (check if you are using self-signed cert.)
Open Settings > Preferences > in Network Setup > Proxy server
Hostname: 127.0.0.1
Port: 9050 (The same `TransPort` in your `torrc` file)
Type: Socks5
Use Proxy for: All Connections
IRSSI and others irc client
The same config used with Hexchat.
SYNOPSIS
Have sure your irc server and tor is up and running.
Start your irc server (I'm using InspIRCd v2.0.21 - inspircd.org)
user@host:/$ inspircd start/restart/stop
Start tor
user@host:/$ tor &
Start your irc client
user@host:/$ hexchat &
Once the irc client is up and running, than connect to your onion address
(see configuration hexchat).
FAQ
Q: So does this really work?
A: Yes. just try it!
HOW DOES IT WORK?
"Tor makes it possible for users to hide their locations while offering
various kinds of services, such as web publishing or an instant messaging
server. Using Tor "rendezvous points," other Tor users can connect to these
hidden services, each without knowing the other's network identity..."
https://www.torproject.org/docs/hidden-services.html.en
"Tor allows clients and relays to offer hidden services. That is, you can
offer a web server, SSH server, etc., without revealing your IP address to
its users. In fact, because you don't use any public address, you can run a
hidden service from behind your firewall."
https://www.torproject.org/docs/tor-hidden-service.html.en
Be aware DNS leak may occur, you have to learn how to block/prevent it.
EXAMPLE USAGE
see SYNOPSIS
SEE ALSO
to get started with your onion address
https://www.torproject.org/docs/tor-hidden-service.html.en
How to Torify your service
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IrcSilc
If you are using irssi irc client (actually it worked out with hexchat/xchat)
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/irssi
Lots of reading (recommended)
http://freehaven.net/anonbib/topic.html#Tor_20Performance
A bit more
https://riseup.net/en/security/network-security/tor/onionservices-best-practices
CONTACT
Questions or hate mail, please send it all here -> deepcell@gmail.com
I look forward to hearing from you!
2016-04-30
Development Service Rates
Last Update: 2016-04-29 22:00 UTC/GMT
Subscribe to:
Comments (Atom)