InfoSec Ninjas 資安忍者

NightHawk 夜鹰


Torified Ubuntu VPN Server





INTRODUCTION


NightHawk (Torified Ubuntu VPN Server) is built with Tor (The Onion Router) on Ubuntu Server. It is designed to run in the intranet via PPTP VPN. You can surf the internet anonymously with it.

LICENSE


NightHawk is open source and it is released under GPL version 3. It is developed by Samiux.



DOWNLOAD


The current version NightHawk should be installed on Ubuntu Server 16.04 LTS (other version will not be supported).

wget https://www.infosec-ninjas.com/files/nighthawk-1604-1.0.tar.gz

sha256sum 22abb78e166e3ab7fc14c9cbbff044572455b58802b04b3be90fdd0f89cc4a90 nighthawk-1604-1.0.tar.gz



Change Log

2012-10-15 - First released
2014-01-25 - Minor bugs fixed and Open Source, and is released under GPLv3
2014-01-26 - Minor bug fixed
2014-04-28 - Renew for Ubuntu 14.04 LTS, and some improvement. Debain Wheezy is supported.
2014-04-30 - Some improvement
2014-05-01 - Some improvement on speed
2014-05-02 - Major bug fixed
2014-05-15 - Modified for new network interface naming policy in Ubuntu 14.04
2015-01-05 - Minor bug fixed
2015-12-16 - Minor fix
2016-05-26 - Modified for Ubuntu 16.04 LTS
2017-07-20 - Version 1604-1.0 - Some improvement and code clean up




PROS AND CONS


Pros :

(1) Easy to use and install
(2) Use your favourite Operating System
(3) Transparent to all applications and software
(4) Portable
(5) Anonymity
(6) Support wired and wireless network (including mobile network, 3G/4G)
(7) Flexible

Cons :

(1) Should use Firefox and some related Add-ons are required
(2) Your personal computer still have chance to be infected by malware
(3) Anti-virus/malware software is required on your personal computer
(4) Your Operating System should support PPTP VPN
(5) Speed is reduced
(6) Requires a dedicated computer when not using virtual machine
(7) 512MB extra RAM and 10GB extra space when using virtual machine
(8) Router (wired or wireless) or Mobile phone tethering is required
(9) Cloudflare protected websites (or similar) cannot be accessed directly
(10) Google Search does not work properly
(11) Tor Exit Nodes may be monitoring/sniffing by criminals and/or law enforcements


Similar project :

Whonix - Anonymous Operating System
Tails - The Amnesic Incognito Live System
Creating Ultimate TOR Virtual Network




Worth to read :

How Can I Stay Anonymous with Tor? (dated Jan 10, 2014)

HOWTO : Use NightHawk More Safety




INSTALLATION AND CONFIGURATION






BASIC SECURITY


Make sure you have no DNS leakage vulnerability (you can confirm it at here, here, IP Leak and WebRTC Check), you should set the DNS at your router to one of the following :

Comodo public DNS

NS1: 8.26.56.26
NS2: 8.20.247.20

Google public DNS

NS1: 8.8.8.8
NS2: 8.8.4.4

OpenDNS public DNS

NS1: 208.67.222.222
NS2: 208.67.220.220

DNSAdvantadge public DNS

NS1: 156.154.70.1
NS2: 156.154.71.1

Moreover, NightHawk is designed for internal network (LAN) only. Outside the LAN is NOT recommended. If you insisted to place the NightHawk outside the LAN, you will be hacked. Meanwhile, your PPTP VPN username and password should be strong enough; otherwise, you can be hacked. In addition, please update NightHawk often too.



COMPLETE ANONYMOUSLY


When connecting via NightHawk, make sure your Firefox is installed add-ons namely NoScript to disabled all the Flash and JavaScript plugins as those can reveal your identity (such as IP address) without warnings. Meanwhile, do not bittorrent and download file. Or, you can use QuickJS Firefox add-ons to replace NoScript when necessary.

Do not connect back with reverse connection as it will reveal your IP address. When need to, please consider to use hidden service with torsocks or socat or alike.

You are also recommended to install the following Firefox Add-ons :

Self-Destructing Cookies

DuckDuckGo Plus (Search Engine)

QuickJS

WebRTC Control

Speed Tweaks (SpeedyFox)

User Agent Switcher

Ublock Origin

Better Privacy



You can consider to change the MAC address of the NightHawk with macchanger. If you do so, the IP address of the NightHawk may change for almost all of the router.



HARDWARE REQUIREMENTS


The minimum hardware requirement is :

CPU - Intel Atom D510
RAM - 2 GB
HDD - 8 GB
NIC - one Gigabit LAN interface


The minimum hardware requirement for VirtualBox is :

CPU - one
RAM - 512 MB
HDD - 8 GB
NIC - one (Bridged)



USER GUIDE


First of all, you should behind a router. The NightHawk (Torified Ubuntu VPN Server) should be installed on Ubuntu Server (Long Term Support, LTS). Other versions and distributions will not be supported. It can be installed to VirtualBox or standalone computer.

You should know how to install and setup Ubuntu Server.

You also should know how to setup a PPTP VPN connection at client side.

Make sure port 1723 is opened for internal network and you are not advised to open this port for public network unless you need to do so. If you open this port to public, make sure your VPN client passwords are very strong.


INSTALL

Before going to install NightHawk, you need to update the Ubuntu server.

sudo apt update
sudo apt dist-upgrade
sudo apt --purge autoremove
sudo apt autoclean


Then, you need to reboot.

sudo reboot


wget https://www.infosec-ninjas.com/files/nighthawk-1604-1.0.tar.gz
tar -xvzf nighthawk-1604-1.0.tar.gz
cd nighthawk

chmod +x *-nighthawk

Edit the name of the network interface in "nighthawk.conf", e.g. eth0, p2p1 and edit your subnet, such as "192.168.20.0/24" :

nano nighthawk.conf

sudo ./install-nighthawk





SETUP (Optional - do it when necessary)


sudo setup-nighthawk

To check the IP address of the NightHawk (Torified Ubuntu VPN Server), you should do the following. The script only works on eth0.

ifconfig eth0

There would be something like 192.168.0.100 or similar. If there is no eth0, it should be a problem. Please check the router and your connections.

After that, you may need to reboot the server if you cannot ping your gateway.

For example :

ping 192.168.0.1

However, you cannot ping yahoo.com or outside world.


UPDATE

After the NightHawk (Torified Ubuntu VPN Server) is setting up, you have to update the box.

sudo update-nighthawk

You are advised to update your server every one week in order to keep the server up to date.

ADD VPN USER

To add a new user, you can do the following.

sudo adduser-nighthawk

DELETE VPN USER

If you want to delete any username in the box, you should do the following :

sudo deluser-nighthawk

CONNECTIVITY

Server side :
To test the server if it works or not. You type the following command under the server.

For example, ping your gateway :

ping 192.168.0.1

If you have the ping result. That means the server is working. Press Ctrl+C to quit the ping process.

If there is no ping result, you are required to reboot your server to test again.

To test the Tor is working or not. You type the following command under the server.

elinks cmyip.com

If elinks is not installed, just install it :
sudo apt install elinks


If you see the IP address is different from your real IP (the external IP), that means the server is working fine.

Client side :
To test the server if it works or not. You can connect the server via VPN (PPTP) from your host. To set the PPTP VPN Client, you should set the "Gateway" or "Server address" to be the IP address of your NightHawk (Torified Ubuntu VPN Server) or the hostname. For Windows and Mac OSX systems, the hostname method may not work properly. Once it is connected, you can go to the following site with your browser.

https://check.torproject.org

If you see that you are using Tor, it is working.


OTHER STUFF

The hostname of the NightHawk (Torified Ubuntu VPN Server) is the IP address of the NightHawk.

You are required to use "sudo" on each command; otherwises, the command will not work.

To power off the server, you need to enter "sudo poweroff". When you want to reboot the server, you need to enter "sudo reboot".

Since PPTP VPN is not very secure, you need to set a very strong password when it is allowed for connecting outside your internal network.

You can use NightHawk without logging in to the PPTP VPN. If your applications are support SOCKS4 or SOCKS5, you can set the application to SOCKS5, port 9050, IP address of NightHawk to use NightHawk without login the the PPTP VPN.

Linux Client

Like Mac OSX, Linux can tunnel all traffic from the client to the VPN, However, you need to set something on the Network Manager (Gnome).

IPv4 Settings -- Method -- Automatic (VPN) Addresses only -- DNS servers -- (the IP address of NightHawk)

VPN -- Gateway -- (IP address of NightHawk) -- User name -- (NightHawk VPN username) -- Password -- (NightHawk VPN password -- Advanced -- (Click all checkboxes except Send PPP echo packets)




What is a strong password?

A strong password should be combined with numeric, character (upper and lower cases) and speical characters as well as more than 16 characters length. In addition, the word inside the password should not be a common word or it can be find in the dictionaries or internet. It is better that the password should be nonsense.


TROUBLESHOOTING

The network interface should be in "Bridge mode" on the VirtualBox. It can be bind to ethernet or wireless network interface.

Furthermore, make sure there is no USB device (such as USB DVD ROM and USB stick) is inserted to the computer. Otherwise, this application will malfunction. In addition, some services (such as Google Search and freenode.net irc) may ban the Tor network. However, we can refer to this link to run freenode for NightHawk.

If you run NightHawk on different routers, I suggest you to have different virtual machines of NightHawk for each router. Or, if you insist to use one virtual machine, you can make a snapshot after the installed a working NightHawk. When switching router, you should revert the virtual machine to the previous status when you cannot make the virtual machine function again after running "sudo setup-nighthawk" and reboot. If you can ping your gateway, the new setting is working.

For Windows systems, you may encounter DNS problem on PPTP VPN, this link may help. However, you should consider if there is any DNS leaking or not.

For the usage, such as IRC, FTP and web browsing, you can refer to the above video. Make sure you forward the ports for FTP usage.


ACCESS .ONION SITES WITH NIGHTHAWK


You may not connect to the hidden services servers due to you are not running Tor (or NightHawk) or the servers are very busy.

The TOR Library
WikiLeaks mirror
Duck Duck Go search engine

The Deep Web Links

The Hidden WiKi 1
The Hidden WiKi 2
The Hidden WiKi 3
Deep Web Link Directory


REFERENCE


VPN setup on Windows 7
Back