Running a Tor node is an excellent way to advocate for privacy while learning system administration. The cost is likely a lot cheaper than you think.
Tor Enables Human Rights
Human rights including privacy and freedom of speech are under attack worldwide [1]. We need a need a decentralized, guerrilla movement for resistance that is not purely technological. [2] However, technology is an essential part of enabling the resistance to things like information censorship and anonymity, specially in the short term.
Tor is a specially important technology that can help meet requirements in both of these areas. Tor is a logical overlay network for the internet that provides anonymisation of IP address and when paired with the Tor browser, helps defeat fingerprinting that enables web surveillance. Tor also allows publishing of anonymous internet services, called “onion” or “hidden” services. Tor is used to exercise freedoms of association, speech, to access information and is used by whistle blowers, advocates for human rights, dissidents, journalistas, and everyday people.
Tor Needs You!
The Tor Project is a non-profit organization responsible for the development and advocacy surrounding Tor and the Tor Browser. The Tor-Project is not responsible for operating the Tor Network, although they adjust the design to meet design goals and operate and moderate Directory Servers that list participants by removing known malicious actors.
The integrity of the Tor network depends on having a wide variety of operators. The underlying premise of “onion routing” is that multiple actors who don’t know the whole picture are involved in routing your traffic. If any one actor controls too much of the Tor network nodes, they can reconstruct more of the picture, deanonymizing users. Tor has a good faith mitigation to this where nodes can declare they are controlled by the same organizer (MyFamily option), but malicious actors including governments do not act in good faith. To be robust the Tor network needs a large, unrelated, decentralized set of operators acting in good faith. And that means you.
Operating a Tor node is cheap
Operating a Tor Node is cheap and a great opportunity to learn system administration while advocating for your values. The best way to learn anything is to do it. I have personally found that no amount of reading system administration books, or running *nix on my personal machines has been anything like running service and offering to the public. Operating a relay allows you to learn :
How to Install, Update, and maintain common services.
How to Secure an Internet Facing Node with Technologies like firewalls (nftables,pf), blacklisting (fail2ban,blacklistd), automatic updates, and detective controls (snort, logwatch).
How to monitor a host. For what a Tor node costs to run, it is an excellent education.
Operating a Relay
There are a few different kinds of Tor node: Relay, Bridge and Exit-Relay. The core of the network, and the lowest risk to operate is a Tor Relay. Operating a Tor Relay has little risk if the government near you doesn’t harm Tor users - The IP used will be publicly listed, but you will not have any useful information to provide anyone : The traffic will be encrypted, and its ultimate source and destination unknown.
Operating From Home
You can operate a Tor Relay from home, probably for free. This situation isn’t ideal for a few reasons that may or may not apply to you. First, your bandwidth may be metered. This isn’t a deal breaker, because Tor has accounting options that allow you to stay below a maximum, and rate limits that allow you to provide just spare bandwidth to avoid slowing your connection. Further along this line, is that if you Port forward through a router, your router may not be able to handle number of incoming connections. This is harder to mitigate, as Tor doesn’t provide a way to limit the maximum number of current connections.
Operating From a Data Centre
More realistic is operating from a Virtual Private Server (VPS). A VPS is rented monthly, and provides an instance of an operating system for you to run public services on. No port forwarding is necessary as it already has a public IP address. You can expect to pay between $3 - $10 USD per month.
There are a couple of interesting concerns to balance here:
Your anonymity as the operator
The Price you pay for the VPS
The service you get out of the VPS , and
The VPS provider, and Operating System
As a Tor Relay operator you have low risk, and may even want to identify yourself. In fact, the Tor Project will offer you a T-Shirt for operating a Relay. Risks surrounding your anonymity are generally related to the information you provide to the VPS provider. Means of payment, name, address , IP address used to interact with the provider/admin the service, and even a reused username/email could identify you. Think about if this a concern. If you are concerned about retaining your anonymity, check out accountless VPSs : Some VPS providers will let you create Virtual Servers without a User Account or any identifying details at all.
As a recurring bill, you will want to minimize the cost of the VPS. Research done up front could save serious money long term.
VPSs have specs. How much memory, bandwidth, virtual cpus, and disk space are all available. Relays require almost nothing beyond bandwidth, the Tor Project recommends 2 Tb per month, but as a volunteer, you get to make your own decision.
Most interestingly, the reason you are needed is that Tor needs to be decentralized. If all VPSs that make up the network are hosted in the same Data Centres under the control of the same companies, the risk is increased. Operating a Tor node from another less common network is more valuable. Of course, interacting with VPS providers and determining Relay Policy takes time and effort. Further, the Tor network benefits from having a diverse ecosystem in operating systems - currently almost all tor nodes are Linux machines. Similarly configured hosts are mean the entire network is more likely to be vulnerable to the same vulnerabilities, reducing security. Choosing an alternative operating system means contributing to diversity, but perhaps having less support. Running any Tor node is better than running none. Do not let the perfect be the enemy of the good.
An Actual Setup : Accountless FreeBSD VPS in Digital Ocean Via SporeStack at $8.99 per month.
Here I am going demonstrate how to run a Tor Node that maximizes your anonymity at the expense of choosing a less common provider, and paying a decent premium for the service.
Here is the overview:
Create the VPS on Sporestack
Install Tor
Edit the torrc config file to make a relay
Restart and Enable Tor
Sporestack.com is a no-bullshit accountless VPS provider. You give them BTC and an ssh key, they give you the public IP address to your new machine. No personal information required. Sporestack supports a variety of different operating systems including FreeBSD, Ubuntu and Centos. Sporestack currently only resells access to DigitalOcean, where a similar VPS is 5 USD / mo, they charge 9 USD mo but accept BTC and require no personal information. This also only offers half the recommended bandwidth of 2 Tb.
To create an ssh key use the ssh-keygen command.
ssh-keygen -f tor_vpskey
The key fingerprint in the .pub file is what sporestack is asking for.
Access your VPS with the IP address provided in the JSON file generated via ssh:
ssh -i <key_file_path> root@<ipaddr>
Now we can install Tor. On FreeBSD the package manager is pkg . We install tor as below:
pkg install tor
Now, we do the most serious part of the exercise, setup our Tor Service. The config file for this is /usr/local/etc/tor/torrc. The file is commented, and the options are mostly self documenting. 1.) Uncomment the ORPort line, by removing the ‘#’ character. Set your ORPort 9001. Uncommenting this line is what makes you a relay. 2.) Set your nickname. You can put anything you want. This is to distinguish your relay from others. Uncomment the nickname line, and place anything you want in the field. 3.) Set your admin contact for the relay by uncommenting ContactInfo This field can be anything you want, including empty. I choose to use a unique identifier and email so that I could preserve my anonymity, while being reachable for administrivia. 4.) Now we setup accounting to prevent the Tor daemon from exceeding our limits. Tor counts bandwidth in a strange way: the allocation for input and output are allocated separately but identically. So AccountingMax, the limit should actually be half what we want it to be. Reserving 2 Gb for admin traffic, gives, 499Gb per month as the limit. So, our accounting line looks like:
AccountingMax 499 GBytes
AccountingStart month [day of month you opened vps] [time of month you opened vps]
Now, Restart tor:
service tor restart
That’s it! We have a Tor Relay operating.
Bonus : Monitor with Nyx
Running a Tor Node isn’t really sexy without graphs. How do you know its working? How much data have you moved? Nyx is a Tor Node monitoring tool that will display a graph, letting you know your Tor Node is up, and show in real time how much data is being moved. Install the program with :
pkg install nyx
Run the program with: nyx
Quit with ‘q’.
Check out The Coarse Engima guide to Unprivileged Monitoring of Tor here.
Next Steps
Now that you have a Tor Node running, you have to secure it. While the Tor Daemon itself has little adjustable attack service, you can start by securing ssh - most immediately against brute forces. Look into blacklistd. Can you setup one-time authentication codes? How about setting up a firewall with pf? How about running a hidden blog on top of your Tor Node? Now that you have a VPS you have a live box to experiment with. Don’t knock it down to much, or it won’t actually be providing that community service you hope’d to provide. Happy Hacking.🙂
Comments
Post a Comment