You are not logged in.

#1 2018-11-04 00:12:53

MaxStirner
Member
Registered: 2018-10-24
Posts: 25

[Solved] Connect to Arch IRC Freenode Through TOR

So I'm really trying to get into IRC, but I don't like how a users IP is publicized when one connects to an IRC server. I would prefer for my IP to be unknown as much as possible. So with this I've come to three conclusions. Either ask to be cloaked (which I've read isn't reliable), use ZNC, or use TOR. I want to give TOR a shot first, but freenode makes it a bit tricky to connect to freenode with TOR.

So I did alot of reading, and I came across this guide first for weechat, the client I decided to go with. This would be fine, but freenode specifically states there's a process to join when using TOR which is mentioned here .

Now this is where I'm stuck. When using "freenodeok2gncmy.onion", its not specifically stating "ircs://chat.freenode.net/archlinux", but simply "chat.freenode.net". How does that onion affiliate with the arch linux chat room? I'm at a road block here. Would I use "freenodeok2gncmy.onion.archlinux"?

Last edited by MaxStirner (2018-11-08 08:58:31)

Offline

#2 2018-11-04 03:59:46

eschwartz
Trusted User/Bug Wrangler
Registered: 2014-08-08
Posts: 2,447

Re: [Solved] Connect to Arch IRC Freenode Through TOR

The reason cloaks are not reliable, is because it is super easy to fool people into clicking on a link e.g. to some image file on a server the attacker controls, and at that point you've given them your IP address that you've tried so hard to hide.

As a protection, ZNC simply does nothing at all, and Tor is only a protection inasmuch as it wraps all the rest of your computer's internet activity. If you're using Tor in your browser, then a cloak should be sufficient anyway, since any social engineering attacks against you will just hit another Tor-protected route.

... That ircs:// link is completely bloat anyway, used for GUI applications that actually support one-click opening of an irc:// link with integrated server connection and joining a room in one go.
Just connect to freenode however you like then issue a "/join #channel" to join to your desired IRC channel, in this case the "#archlinux" channel... and follow any suitable guide to using IRC, with the understanding that the *server* component is "freenodeok2gncmy.onion" instead of "chat.freenode.net".

Last edited by eschwartz (2018-11-04 04:00:42)


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#3 2018-11-05 00:26:06

MaxStirner
Member
Registered: 2018-10-24
Posts: 25

Re: [Solved] Connect to Arch IRC Freenode Through TOR

Awesome, thanks for that explanation. I don't plan on clicking links pasted in IRC chat rooms, but incase anyone else reading this thinks about doing that, they know now not too.

But as for the cloak, I also just read this , which goes in depth about why cloaks arent very reliable, which you did mention. I'm going to give TOR a shot, and try to connect with that .onion link and see what happends. The worst would be it doesn't work at all. I'll post back with my experience.

Offline

#4 2018-11-05 01:44:14

fukawi2
Forum Moderator
From: .vic.au
Registered: 2007-09-28
Posts: 5,580
Website

Re: [Solved] Connect to Arch IRC Freenode Through TOR

That page also says:

Do consider, however, just how much you need to hide your IP address; it's disclosed routinely during normal Internet usage—for instance, every website you visit will necessarily see your IP address, unless you are using a VPN or Tor. Many, many users happily use IRC for decades, never hiding their IP address, and do not have any problems.

What is the actual problem you're concerned about? If it's just a matter of general privacy, then a $5 (Linode|Digital Ocean) VPS running a bouncer is probably the simplest and most reliable solution, with the added bonus of being able to do things like scrollback etc.

Offline

#5 2018-11-05 05:52:13

mpan
Member
Registered: 2012-08-01
Posts: 446
Website

Re: [Solved] Connect to Arch IRC Freenode Through TOR

MaxStirner:
The IP address alone can tell only what’s your country, the large city in your area, possibly about your workplace/school if it is a large institution. For comparison: the first sentence of your post already suggests United States, which correlates nicely with activity hours from other posts.

Think about that. I’m not dismissing your concerns and certainly not criticizing Tor. But people often misjudge risks and try to mend a leaky pipe, while a flood pushes tons of water through their windows. People also misuse Tor: mixing traceable stuff with activity that should be untraceable renders Tor protection less effective.


Sometimes I’m a bit harsh — don’t get offended too easily!
PGP: 7C848198AE93D3BB | Coreutils SHA2 performance
Russian roulette: curl "https://ptpb.pw/$(cat /dev/urandom | tr -cd [:alnum:] | head -c 4)" | sudo bash

Offline

#6 2018-11-05 11:29:57

ugjka
Member
From: Latvia
Registered: 2014-04-01
Posts: 1,165

Re: [Solved] Connect to Arch IRC Freenode Through TOR

I think IrcCloud hides your ip, but then you can argue whether you trust a cloud service


Github | Soundcloud

"Once you hit 10 nested VMs you're basically brad pitt with women who matter" ~ echoline

Offline

#7 2018-11-07 07:59:48

MaxStirner
Member
Registered: 2018-10-24
Posts: 25

Re: [Solved] Connect to Arch IRC Freenode Through TOR

I found a great tutorial on connecting to freenode with Tor.

https://szorfein.github.io/weechat/tor/ … e-weechat/

So a little history as to why Im so conscious about these kind of things. One instance would be I was playing CS1.6, and I taunted a player who was giving me trouble for killing him. This is a long time ago, and I was on a Windows machine, before I started using Linux.

I had the usual security setup, Firewall, disabled netbios, file and printer sharing, remote desktop, advanced sharing options, ETC...

But I was unfortunate to have a crappy router, that didnt allow me to disable ICMP ping requests. So, lo and behold, he said he was about to DDoS me, and I laughed at him, saying that my machine settings were secure, and youre bluffing.

Well, even though my machines settings were good, my crappy router at the time couldnt let me disable ICMP ping requests. Some of you may know were Im going with this. I got ICMP flooded, DDoSed for about a couple of hours. I called up my ISP, who was Comcast, who supplied this crappy router, and wouldnt give me details, although they and I knew what was going on. Funny thing is, my firewall, Comodo, had ICMP blocked going IN and OUT, but that didnt matter, since the router accepted it anyway.

Lesson learned, make sure you have a decent router. Even though I know its not hard to get someones IP, and my machine is pretty locked down, along with having a decent router supplied by Verizon that allows me to disable ICMP ping requests, I always make an effort to be security aware.

IRC seems like it can be a shady place, and I dont want the wrong group of chat goers to keep scanning my ports CONSTANTLY, or just have my IP out in the open to people that would otherwise not be respectful towards it. So yeah...anyway...Im on freenode IRC through Tor and it feels good man.

Last edited by MaxStirner (2018-11-07 08:05:50)

Offline

#8 2018-11-07 22:23:52

fukawi2
Forum Moderator
From: .vic.au
Registered: 2007-09-28
Posts: 5,580
Website

Re: [Solved] Connect to Arch IRC Freenode Through TOR

MaxStirner wrote:

Lesson learned, make sure you have a decent router. Even though I know its not hard to get someones IP, and my machine is pretty locked down, along with having a decent router supplied by Verizon that allows me to disable ICMP ping requests, I always make an effort to be security aware.

Slightly OT, but any router is unlikely to make a difference. On home connections a DDoS works by overwhelming your pipe to your ISP -- as long as enough packets are being directed to your IP, then your connection is flooded before the packets even reach your router so there's nothing it can do to help.

MaxStirner wrote:

.... I dont want the wrong group of chat goers to keep scanning my ports CONSTANTLY, or just have my IP out in the open to people that would otherwise not be respectful towards it.

That's part of being connected to the internet. Your public IP address(es) are going to get port-scanned, poked, prodded, interrogated, violated and abused.  I'm not trying to say you're wrong or don't do what you're doing, rather I'm clarifying (for you and/or future readers of this thread) that this is just security through obscurity.  Make sure you have other protection measures in place; don't just rely on "being invisible".

Offline

#9 2018-11-08 04:42:47

mpan
Member
Registered: 2012-08-01
Posts: 446
Website

Re: [Solved] Connect to Arch IRC Freenode Through TOR

MaxStirner wrote:

IRC seems like it can be a shady place, and I dont want the wrong group of chat goers to keep scanning my ports CONSTANTLY, or just have my IP out in the open to people that would otherwise not be respectful towards it.

On top of what fukawi2 has just said: your IP address is being scanned constantly and your open ports are searcheable.


Sometimes I’m a bit harsh — don’t get offended too easily!
PGP: 7C848198AE93D3BB | Coreutils SHA2 performance
Russian roulette: curl "https://ptpb.pw/$(cat /dev/urandom | tr -cd [:alnum:] | head -c 4)" | sudo bash

Offline

#10 2018-11-08 08:39:31

MaxStirner
Member
Registered: 2018-10-24
Posts: 25

Re: [Solved] Connect to Arch IRC Freenode Through TOR

Well, to start things off. I have no open ports, at least according to ShieldsUp. I’m a very security conscious person, and haven’t had any trouble since that episode with the ICMP flood.

So fukawi2, you programmed a firewall, so I’m sure you’re aware there are a magnitude of different types of DDoS attacks. What you described is a general packet flood from a botnet. Someone with maybe, a dozen or so computers on his botnet could take down a home computer. They would of course, need to find a open port or vulnerable program running to issue all the packets too. An ICMP ping flood is very reliable, because it’s enabled by default on just about every router.

But, you would need hundreds, even thousands of computers in a botnet to take down a major website and its servers.

The thing about, an ICMP ping request flood, is it can be done without a botnet, and on a single computer against another single computer. They are relatively easy to perform, but also, easy to prevent if you have a proper firewall set up on your router and computer.

Go to ShieldsUp for more information about an ICMP ping attack, and to see, to a degree of course, your level of protection and security on your firewall and computer setup. It’s a great site, and Steve Gibson is a good man.

https://www.grc.com/shieldsup

EDIT:

You may consider disabling UPnP on your router, if you haven’t already. But I would imagine someone who programmed a firewall would be wise enough to disable UPnP on their router

Last edited by MaxStirner (2018-11-08 09:01:44)

Offline

#11 2018-11-08 08:45:41

MaxStirner
Member
Registered: 2018-10-24
Posts: 25

Re: [Solved] Connect to Arch IRC Freenode Through TOR

Tell me fukawi2, did you pass the TruStealth Analysis?

I did

Offline

#12 2018-11-11 09:13:53

fukawi2
Forum Moderator
From: .vic.au
Registered: 2007-09-28
Posts: 5,580
Website

Re: [Solved] Connect to Arch IRC Freenode Through TOR

Unless I'm following the wrong link, all you're asking is do I have UPnP exposed to the world as that's all the test seems to do... So yes, I "passed" the "analysis" since I'm running OPNsense at my perimeter host. I'm not sure what your point is and it's relation to this topic.

Offline

#13 2018-11-12 00:58:12

MaxStirner
Member
Registered: 2018-10-24
Posts: 25

Re: [Solved] Connect to Arch IRC Freenode Through TOR

No, running a firewall doesn’t disable UPnP. You can still be vulnerable. Your firewall may block UPnP ports, but if the service is enabled on the OS and/or router, you can circumvent the firewall if you know what your doing.

Anyway, after you click the process button, under the big orange rectangle box for testing for UPnP exposure, you’ll see the “common ports” box. That’s the TruStealth Analysis test.

Offline

#14 2018-11-12 01:01:37

fukawi2
Forum Moderator
From: .vic.au
Registered: 2007-09-28
Posts: 5,580
Website

Re: [Solved] Connect to Arch IRC Freenode Through TOR

I'm not going to continue to argue this with you.  Stop trying to impose your own opinions of security on the members of this forum.  Your bike-shedding is unproductive, and this is your second warning; next will be a temporary ban.

Closing.

Offline

Board footer

Powered by FluxBB