From HackersWithoutBorders

Contents 1 Info 1.1 Server 2 Download 2.1 And now? 2.1.1 If you are behind a router 2.1.2 If you are on a public ip 2.1.3 Distribute 3 Features 3.1 Applications 3.1.1 OpenVPN 3.1.2 Polipo 3.1.3 Squid 3.1.4 Tinyproxy 3.1.5 Tor 3.1.6 Ziproxy 3.2 Planned 3.3 Milestones 3.3.1 0.1 3.3.2 0.5 3.3.3 1.0 3.4 Wishlist 4 Bugs 5 Change log 5.1 0.0.3 5.2 0.0.2 5.3 0.0.1.build 10 5.4 beta.0.1.build.4

Info

Server

This is a debian-based server LiveCD. It hosts pre-configured server applications like OpenVPN, Tor and tinyproxy.

The goal is to make a small bootable ISO that people, with a small (or none) configuration, host a communication server for people inside closed nets.

The system will generate a password for the user account on boot. it will place the password in /home/user/my_password.txt. After boot the system will auto login as "user".

The root account is disabled, if you need to make any system changes use sudo

Download

Latest stable build is 0.0.3

• x86 build is located here MD5: 05acb72234e75604fce008093dce45f2
• Source is hosted at: https://launchpad.net/hwblivecd
  • Source has moved to a ssh based svn, will go public as soon we have sorted somethings out

And now?

First of all: Do NOT publish your proxys IP's over any public sites like twitter, irc, facebook etc. Security forces are monitoring most public places, and the moment they identify a proxy IP they will block it.

If you are behind a router

• You will have to open up some ports to your proxy's IP address.
• To get the IP assignment to your server type:

  sudo ifconfig

• Check the application list on what ports needed to be redirected or..
• If you really know what you are doing you can do a DMZ (if you don't know what DMZ is you shouldn't do it)
• Go to http://www.whatsmyip.org and get your public ip

If you are on a public ip

Get the IP assignment to your server by type:

sudo ifconfig

Distribute

We'll say this again: Do NOT publish your proxy's IP over any public sites like twitter, irc, facebook etc. Security forces are monitoring most public places, and the moment they identify a proxy IP they will block it.

The Swedish Pirate Party has put up an secure email address where there they will distribute information to trusted sources. Before you can mail you need to PGP encrypt your email, use this key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (GNU/Linux)

mQGhBEo592gRBAC3b8tW9RWpU7Ht/Hy8lpAbQzKUCsdP+TBTA+hy4MFRUvAN4obf
QLfFq+9xpbK2juocbQrNyWJOpVbQa3AcfR/BjBN9cjB/St6ff8bbQ0cGwaYfMvbU
AYdYFCk7jq+aymAFZtXd8cl5h8lITLYC9ZIFl3j6u86UnSflrle8Mu235wCgt2OX
c6uOKXqv7ypLo+WHZqEbHksD+OciSFlzAV3iFAbCV92PT/1W8lsl7wqv4Ij5NI8k
yItEHBDIdD9pOficRRntwj0yICIpZM2NuaOLq9n4D2EBcCBpzBA85rDepAhDYKny
dS51y3fNFMo0to2067IeTTG6kg8Zha1ifLYOvvRPH0ToJlz5iBieiPblnWwRynho
jjYD/0EoUHzxqgw9EfyKmiuju+wajwksfYNPS4zcBPTW3tXeQcQbBXsYWi7DpQMo
Q02u3whIOvhJ4M9h04U4fdJoRtjR87EXuSI22fZ4gbgUUbIwtuYXnbdiltf3D4xR
CTks1unEl7uf+CFvONPB1ZfgFnhs6wljVQSeJhJox5d0mreztCRQaXJhdHBhcnRp
ZXQgPHByb3h5QHBpcmF0cGFydGlldC5zZT6IYAQTEQIAIAUCSjn3aAIbAwYLCQgH
AwIEFQIIAwQWAgMBAh4BAheAAAoJEN0own0VrX1olK4AnRigoLUGaAG3In6xfpSQ
1gBZP36uAJ0YnbVeTWV/+IwGNIH3ufRgYLXzCLkCDQRKOfdoEAgAkP76rRrtGiVQ
dsXcIHjK7dGlQuQZTZsNrCAPsCrFqOBI/4GftWR8/DDvAraNV85QdBY1m5qpjxZJ
2H68ZsO3XmkWW1MGs1wJp6+You3UnBp4vmiOf4LzHIf5k7x6P5nQcjDV0o6fTNEt
MhfOvCWTu6bWiqVwmHStDEvFMXYBCp+7dYvra2f+tKO57WW1KDNAY+TkigGDDZ82
h+O+jzNpOXOcnYZASAD4ohDE8860qS89VjiAywQnObB8mgYVzW8s44aOZZCivSPF
uNuLGkN0WV9oB1NFM7Yxt53Zvy1LtH0Wx8M+AeAFsdGZ6iM0NE/MBWopivFjIi6L
fNK2vtkM2wADBQf8CxmmCtUBWCstaHU0LZcTetvZ1W17mlJLSdYGe6wIxunlbxAb
NTV1KmgnoLIR5DpggLK8W+3zezexJTR8hGbPTx/Y4Fcs+o5CcMiGx/jjJ56J1Z5K
PoRiBw90PgHX8hwNjbtsmDZMMsLW1AJZ684KSCtIc+eQ3ldcTjkW2OTvtcO91a2a
OoJDj18d9qmmIEmIJn4bR6cHRf82gTLy1Eo8tP77CDQFHFDp/soNocI+aXn3I32Q
Vh6BA4CffdIHf7vwMYQozVMa3Gg4mi5IVUfiaaa0hWmjGyka2BY4zhCY+WIlyw9S
2N2x46HZLP7hGTFU6FowAS1I/HWJ6O5QHPeDjohJBBgRAgAJBQJKOfdoAhsMAAoJ
EN0own0VrX1oXbQAnAnr3D8tigeT6Nn4lUFsVdUnzc/bAKCCr3qTxOBA+MCKVSJJ
/rzbLK6Y3A==
=Ez2a
-----END PGP PUBLIC KEY BLOCK-----

Send them a mail that your are running HWB Server (and what version) and your IP to proxy@piratpartiet.se DO NOT SEND ANY INFORMATION IN CLEARTEXT

For those who would rather not trust this wiki, this public key is also available at http://www.piratpartiet.se/proxy

Features

Applications

OpenVPN

Is installed but not configured.

Polipo

• Listens on port: 8123.
• is routed through Tor.

Squid

• Listens on ports: 7, 13, 53, 993, 995, 3128

Tinyproxy

• Listens on 8888
• Have no restrictions on outgoing ports.
• More settings at: /etc/tinyproxy/tinyproxy.conf

Tor

• Listens on 9050.

Ziproxy

Good for low bandwidth connections. It re-compress images & text.

• Listens on it port 8080

Planned

Milestones

0.1

• OpenVPN server
• PPTP Support
• Add info

0.5

• Better MOTD with info about the LiveCD
• Add info

1.0

• Our own boot-logo
• Small http-daemon with an "Settingspage" for the server.
• Add info

Wishlist

• x64 build
• PPC build(for older mac's and others)
• Add info

Bugs

Please report all bugs in the Launchpad-bug tracker (https://launchpad.net/hwblivecd/+filebug)

Change log

0.0.3

• Squid listening on ports: 7, 13, 53, 993, 995, 3128
• Polipo listening on port: 8123 and is routed through Tor.
• Ziproxy listening on port: Port 8080

0.0.2

• System will now randomize a password for the "user" account on boot

0.0.1.build 10

• Squid installed
• Polipo installed
• Ziproxy installed

beta.0.1.build.4

• Based on debian-minimal-net flavor.
• Tinyproxy upp and running
• Tor-project up and running