diff options
Diffstat (limited to 'tutorials')
| -rw-r--r-- | tutorials/how-to-host-a-tor-hidden-service.html | 34 | ||||
| -rw-r--r-- | tutorials/how-to-make-this-site.html | 71 |
2 files changed, 79 insertions, 26 deletions
diff --git a/tutorials/how-to-host-a-tor-hidden-service.html b/tutorials/how-to-host-a-tor-hidden-service.html new file mode 100644 index 0000000..64eec29 --- /dev/null +++ b/tutorials/how-to-host-a-tor-hidden-service.html @@ -0,0 +1,34 @@ +<p>This might sound spooky and complicated, but it's really not. If you want to host a small site or a small file share among friends, I honestly think Tor is one of the easiest and safest options to set up.</p> +<p>Getting a Tor hidden service running is so stupidly easy that it hardly deserves it's own article. Tor's website has a great guide right <a href="https://community.torproject.org/onion-services/setup/">here</a>. I figured I'd put my own spin on it by showing you show to host a temporary server to share some files with your friends. Please note the word <em>temporary</em> in that last sentence; running this way for a while is insecure and not a good idea. For a permanent solution, you'll want to host a real web server as explained <a href="/site/tutorial/how-to-make-this-site.html">here</a>.</p> +<p>Unlike that article, I will only explain how to do this on Linux since it's way easier and, to be honest, I've never tried to do it on Windows. If you've never used Linux before, buy a Raspberry Pi and follow the basic install guide. If you're strapped for cash, run it in a virtual machine, or use Windows Subsystem for Linux.</p> +<h2 id="how-to-spin-up-a-temporary-hidden-file-share-with-python">How to spin up a temporary hidden file share with Python</h2> +<p>Once you have Debian/Ubuntu/whatever installed and it's updated to your liking, you can install Tor with:</p> +<pre><code>$ sudo apt install tor</code></pre> +<p>Start (or stop) Tor with:</p> +<pre><code>$ sudo service tor start</code></pre> +<p>or</p> +<pre><code>$ sudo systemctl start tor.service</code></pre> +<p>You may need to enable the service first. I think this is done by default now, but it doesn't hurt:</p> +<pre><code>$ sudo systemctl enable tor.service</code></pre> +<h3 id="configure-tor">Configure Tor</h3> +<p>You'll need to edit the file <code>/etc/tor/torrc</code> before your service can be available over Tor. Use vim, nano, or whatever you like to edit the file (as root!) and search for the following lines:</p> +<pre><code>#HiddenServiceDir /var/lib/tor/hidden_service/ +#HiddenServicePort 80 127.0.0.1:80</code></pre> +<p>Remove the '#' at the beginning oh each and change the port to 8000 like so:</p> +<pre><code>HiddenServiceDir /var/lib/tor/hidden_service/ +HiddenServicePort 80 127.0.0.1:8000</code></pre> +<p>Save and restart Tor for the changes to apply:</p> +<pre><code>$ sudo service tor restart</code></pre> +<p>Once you do this, you'll get a new onion address located in the directory noted above. Use cat to read the hostname file:</p> +<pre><code>$ cat /var/lib/tor/hidden_service/hostname</code></pre> +<h3 id="set-up-the-server">Set up the server</h3> +<p>Make some directory to hold your files.</p> +<pre><code>$ mkdir -pv files</code></pre> +<p>Since we're only doing this temporarily, we don't care too much about security or where the files should go, but if you want to be careful, you can issue the following to set the directory to read only after you copy your files in:</p> +<pre><code>$ chmod -R 644 files</code></pre> +<p>Change into the directory and run Python's built-in http server:</p> +<pre><code>$ cd files +$ python3 -m http.server</code></pre> +<p>You'll see the server is being hosted on port 8000, which is what we chose in the config file earlier. Just leave it running, or send it to the background with Ctrl+Z and run <code>bg</code>.</p> +<p>And that's it! You are now the proud owner of a tor hidden service. Take the hostname you copied down before and add <code>.onion</code> to the end and give it to your friends so they can browse the files in the directory through the Tor Browser.</p> +<p>Be sure to watch the program log though... lest they get up to no good.</p> diff --git a/tutorials/how-to-make-this-site.html b/tutorials/how-to-make-this-site.html index bb70d5c..112bbe2 100644 --- a/tutorials/how-to-make-this-site.html +++ b/tutorials/how-to-make-this-site.html @@ -2,51 +2,70 @@ <p><em>TL;DR get to </em><a href="#thepoint">the point</a></p> <p>I think it was roughly the end of high school when I first had the idea I wanted to make <em>some</em> kind of website. This would be around 2010 and I did what I thought would be a good idea and bought a book on the subject: "Web Sites for Dummies." I was dummy after all...</p> <p>I got up to hyper linking with the "a" tag until I hit a wall. I don't want to link the exact page since I don't want to get sued, but it basically read:</p> -<pre><code> Web design programs: - - Adobe Dreamweaver - - Adobe Contribute - - Microsoft Expression Web</code></pre> +<pre><code>Web design programs: +- Adobe Dreamweaver +- Adobe Contribute +- Microsoft Expression Web</code></pre> <p>Well, damn. I didn't have any of those. And as a stingy high school kid, I didn't want to buy anything. So I shelved that book and forgot about for a while since making a website seemed too expensive and needed too much flashy software to make it. I knew nothing about free software at that age, other than music software like Audacity which is what I was into at the time.</p> -<p>A few years later I caught a bit of a poetry bug--and maybe a bit of a snooty college kid bug--and tried to run a blog. At that point, I had learned about WordPress, which lets you easily make a space for sharing writing, media, content, whatever really. And it's free as in <em>freedom</em> as I understand since it's licensed under the GPL (if you want to take the time to deploy it yourself). But they also give out free .wordpress domains and some storage space.</p> -<p>I had fun with that one, I don't update it anymore, but it's still up at <a href="https://postquantumpoetry.wordpress.com">postquantumpoetry.wordpress.com </a>. WordPress got closer to what I wanted, but it still wasn't <i>really</i> my site; it was WordPress's site unless I wanted to pay the hosting and domain fee. It's pretty modest, but I wasn't sold on sticking with a .com or .space domain, or even sticking with WordPress. I was getting tired of blogging anyway. I was getting more interested in the stuff that made it work; it seemed a lot more fruitful than writing to no one.</p> -<p>It's now 2021, five years later, when I write this (and this website isn't even finished yet). So what led me down the rabbit hole again? It probably started where the last one left off, when I decided I wanted to switch to more practical IT things over the academic things I had previously wanted to pursue. I signed up for a Cybersecurity program, somehow got in, and eventually managed to land a entry-level SOC role after graduating. At this point, it was getting a little weird that I had no web presence--especially after I decided to take down most of my social media accounts. So I was back at "how do I make a website," again, but this time, I at least had some understanding of what a server was and how networks work. And more importantly, I had a better idea of what it meant for a computer to be <em>mine</em>. Even though--let's be real--it <em>still isn't.</em> I can't get high-speed Internet easily which I need to host a server long-term so I'm stuck using some else's computer, otherwise called a Virtual Private Server (VPS). Even if I could host at home, I'm still of course at the mercy of my ISP so even then, I'm not totally free.</p> +<p>A few years later I caught a bit of a poetry bug--and maybe a bit of a snooty college kid bug--and tried to run a blog. At that point, I had learned about WordPress, which lets you easily make a space for sharing writing, media, content, whatever really. And it's free as in <em>freedom</em> as I understand since it's licensed under the GPL (if you want to take the time to deploy it yourself). But they also give out free .wordpress domains and some storage space with a snazzy dashboard to manage it all.</p> +<p>I had fun with that one, I don't update it anymore, but it's still up at <a href="https://postquantumpoetry.wordpress.com">postquantumpoetry.wordpress.com </a>. WordPress got closer to what I wanted, but it still wasn't <em>really</em> my site; it was WordPress's site unless I wanted to pay the hosting and domain fee. It's pretty modest, but I wasn't sold on sticking with a .com or .space domain, or even sticking with WordPress. I was getting tired of blogging anyway. I was getting more interested in the stuff that made it work; it seemed a lot more fruitful than writing to no one.</p> +<p>It's now 2021, five years later, when I write this (and this website isn't even finished yet). So what led me down the rabbit hole again? It probably started where the last one left off, when I decided I wanted to switch to more practical IT things over the academic things I had previously wanted to pursue. I signed up for a Cybersecurity program, somehow got in, and eventually managed to land an entry-level SOC role after graduating. At this point, it was getting a little weird that I had no web presence --especially after I decided to take down most of my social media accounts a few years ago.</p> +<p>So I was back at "how do I make a website," again, but this time, I at least had some understanding of what a server was and how networks work. And more importantly, I had a better idea of what it meant for a computer to be <em>mine</em>.</p> +<p>Even though--let's be real--it <em>still isn't.</em></p> +<p>I can't get high-speed Internet easily which I need to host a server long-term so I'm stuck using some else's computer, otherwise called a Virtual Private Server (VPS). Even if I could host at home, I'm still of at the mercy of my ISP.</p> <p>Because of that, I think it's important to understand that "running your own website" is not just a <em>technical</em> ordeal, but also an <em>economic</em> one since you have to carefully think about what it means to you to <em>own</em> your server, your software, and your hardware. That doesn't mean it's hard to do, just that there's options.</p> -<p><a id="thepoint"></a> ## What is a web server and how do I run one? TL;DR a web server is just a program that lets other computers on a network view files in a chosen folder. All you need to do is download a web server: apache and nginx are popular ones, but you can easily program your own with web frameworks like <a href="https://flask.palletsprojects.com/en/2.0.x/">Flask</a> or <a href="https://facil.io/">Facil</a></p> +<p><a id="thepoint"></a> ## What is a web server and how do I run one? <em>TL;DR a web server is just a program that lets other computers on a network view files in a chosen folder. All you need to do is download a web server: apache and nginx are popular ones, but you can easily program your own with web frameworks like <a href="https://flask.palletsprojects.com/en/2.0.x/">Flask</a> or <a href="https://facil.io/">Facil</a></em></p> <p>You can run a web server for free right now. If you're on windows go download Apache for Windows <a href="https://httpd.apache.org/docs/current/platform/windows.html">here</a> and follow the set up guide <a href="https://www.liquidweb.com/kb/how-to-install-apache-on-a-windows-server/">here</a>. If you're on Linux, you probably already have it installed.</p> <p>Find the configuration file in <code>sites-available/default</code> (on windows, this may be led by C:FilesSoftware Foundation ). You'll see something like the following:</p> <pre><code><VirtualHost *:80> - ServerAdmin webmaster@localhost + ServerAdmin webmaster@localhost - DocumentRoot /var/www - <Directory /> - Options FollowSymLinks - AllowOverride None - </Directory> - <Directory /var/www/> - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Order allow,deny - allow from all - </Directory></code></pre> + DocumentRoot /var/www + <Directory /> + Options FollowSymLinks + AllowOverride None + </Directory> + <Directory /var/www/> + Options Indexes FollowSymLinks MultiViews + AllowOverride None + Order allow,deny + allow from all + </Directory></code></pre> <p>For now, you don't need to change anything, so don't worry about what it means.</p> -<p>Note in particular the "DocumentRoot" which may differ for you. This is where the web server looks for files. So let's put a file there! Put whatever, a picture, a text file. Run the server, then go to your web browser and type: <code>http://localhost</code>. You'll find a directory with your files in it!</p> +<p>But do note the directory set on "DocumentRoot," which may differ for you. This is where the web server looks for files and folders. So let's put some stuff there! Put whatever, a picture, a text file. Run the server, then go to your web browser and type: <code>http://localhost</code>. You'll find a directory with your files in it! And you can access them at <code>http://localhost/filename.extension</code></p> <p>The problem is, only you and others on your home network can visit your site right now.</p> <p>Your computer's most likely behind your router's firewall, which will not allow any traffic in. You'll need to forward a port from your router (port 80 is for HTTP) to point to the device hosting the server.</p> <p>Router's differ when it comes to to exact configuration, but MOST routers will have some kind of steps similar to this:</p> <ol type="1"> <li><p>Click "Advanced" then click "Firewall"</p></li> -<li><p>Scroll to the add new rule form (if you must, press a button to bring it up)</p></li> +<li><p>Scroll to the add new rule form</p></li> <li><p>Put in the following values</p></li> </ol> <ul> <li>source/original port: 80</li> <li>forward to address/device: your device's local ip</li> -<li>forward to/destination port: 8000</li> +<li>forward to/destination port: 80</li> </ul> -<p>You can get your device's local ip by typing <code>ipconfig</code> (Windows) or <code>ip a</code> (Linux). Typically it is listed first and will start with "192.168" or "10.0" but it depends on the manufacturer.</p> +<p>You can get your device's local ip by typing <code>ipconfig</code> (Windows) or <code>ip a</code> (Linux). Typically it is listed first and will start with "192.168" or "10.0" but it depends on the manufacturer. Here's my output at home for example:</p> +<pre><code>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host + valid_lft forever preferred_lft forever +2: enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 + link/ether 4c:cc:6a:93:eb:0b brd ff:ff:ff:ff:ff:ff + inet 192.168.1.202/24 brd 192.168.1.255 scope global dynamic noprefixroute enp7s0 + valid_lft 74501sec preferred_lft 74501sec + inet6 fe80::4ecc:6aff:fe93:eb0b/64 scope link noprefixroute + valid_lft forever preferred_lft forever +3: wlp5s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 + link/ether 82:e2:e4:c2:0c:a1 brd ff:ff:ff:ff:ff:ff permaddr 98:de:d0:f3:d6:ea</code></pre> +<p>The device "enp7s0" is my Ethernet adapter (starts with an 'e') and my current local ip address for the device is shown. If you use wifi, it will likely start with a "wl."</p> <p>Now get your <em>public</em> ip address at this site https://who.is/ and share it with your friends. Watch in horror as they access all the files in the directory you launched the server!</p> <h2 id="how-can-make-this-server-available-on-the-internet-cheaply-and-independently">How can make this server available on the Internet <em>cheaply</em> and <em>independently</em></h2> -<p>TL;DR Expense scales with independence. It's possible to become your own service provider, get IP addresses from ICANN, your own hardware to host it, to host your cat pics; but it's also a lot of time, work and money to do all that (see <a href="">Null</a>)>. Most likely you'll want to rent someone else's server, usually a VPS.</p> +<p>*TL;DR Expense scales with independence. It's possible to become your own service provider, get IP addresses from ICANN, your own hardware to host it, to host your cat pics; but it's also a lot of time, work and money to do all that (<a href="https://hackaday.com/2018/09/20/one-mans-journey-to-become-his-own-isp/">this guy</a> did it apparently, and so did <a href="https://en.wikipedia.org/wiki/Kiwi_Farms">Null</a>)</p> +<p>Most likely you'll want to rent someone else's server, usually a VPS.*</p> <p>Once you understand the basic installation above, you can now populate your site with content just by adding HTML files to your web directory. You can use an HTML editor to write these, or you can download a full content management system to help you. Here are some options I know about:</p> <ul> <li>You can just write the damn HTML and use apache or nginx</li> @@ -68,7 +87,7 @@ <p>In addition to hosting code repositories, you can host small sites on github for mostly free. I've never used it, but I definitely would if I needed something like a small wiki.</p> <p>But once you have stuff to share, how do you keep this stuff online?</p> <h3 id="can-i-run-a-web-server-at-home">Can I run a web server at home</h3> -<p>Technically yes, but practically probably not. At least not at a lot of extra cost to you. If you do want to host a small thing at home, like some text or some cat pics, a <a href="%22/site/tutorial/how-to-host-a-tor-hidden-service.html%22">tor hidden service</a> is a great option.</p> +<p>Technically yes, but practically probably not. At least not at a lot of extra cost to you. If you do want to host a small thing at home, like some text or some cat pics, a <a href="/site/tutorial/how-to-host-a-tor-hidden-service.html">tor hidden service</a> is a great option.</p> <p>I spent a lot of time searching on this (you can find a full list of references at the bottom), and I've even tested a little bit by hosting game servers and web projects for code jams, but the problem is twofold. First, if you are in the United States and not a business, you probably have a standard plan with one of the major ISPs (Verizon, Optimum, etc.). This limits you in a few ways.</p> <ul> <li><p>Your bandwidth is limited, which limits the amount of people you can serve at one time <em>and</em> the rate you can transfer data to them. Think laggy games and videos that take 10 years to download.</p></li> |