ChaosVPN Tutorial, Information and Instructions

It will not help you to reach domains like .rdos, .lll, .clos or any other strange things supposed to be available on the "dark web".

https://www.deepdotweb.com/2016/11/14/chaosvpn-hackers-vpn/
https://wiki.hamburg.ccc.de/ChaosVPN

You have to admit it - even the name sounds intriguing, does not it? ChaosVPN is a VPN designed to connect hackers and hackerspaces. The Chaos Computer Club, based in Hamburg, Germany, designed it. I discovered ChaosVPN in a very unusual way. I am a member of several obscure social networks on the web (on clearnet, that is) and one of the group members asked how to connect to it. So I was directed to the ChaosVPN wiki, which of course explains how to connect and all the basics.

The ChaosVPN use tinc a VPN daemon that creates a secure network between hosts on the Internet through encryption and tunneling protocol. In fact, ChaosVPN and tinc are really interdependent.

If you are not familiar with how to use tinc, I suggest you start with that first. When it comes to your anonymity, you may already have loyalty to a specific VPN, but ChaosVPN serves a different purpose.

Tinc consists of a single daemon known as tincd which composes the sending and receiving end of the tunnel. Its user interface consists of a CLI, which is very similar to the Unix Bash shell (or if you use Windows, it's a bit like the DOS command prompt). Tinc features include: Encryption, Authentication, and Compression:

You have the option of compressing traffic using zlib or LZO; LibreSSL or OpenSSL encrypt your traffic and defend it against modifications using message authentication codes and sequence numbers.

Automatic full mesh routing:
Despite the fact that there are several ways to configure the tinc daemon connections, VPN traffic is sent directly to your destination (as much as possible).

Ability to expand your VPN:
To add new nodes to the VPN, you simply create a new configuration file; This eliminates the need to create new daemons or configure new network devices.

Ethernet Segment Bridge: You can bind Ethernet segments together to run as a single segment.

It works on several operating systems:
Linux, FreeBSD, OpenBSD, NetBSD, OS X, Solaris, Windows 2000, XP, Vista and Windows 7 and 8, all supported by Tinc.

Supports IPV6:
Provides the ability to encapsulate IPV6 traffic over its tunnels and to create tunnels over preexisting IPV6 networks.

As for how to connect to ChaosVPN using Tinc, it depends on the operating system you are using. The ChaosVPN Wiki has a "Generic" tutorial written by a Debian user. If you use a different OS, you can slightly adjust the instructions accordingly. https://wiki.hamburg.ccc.de/ChaosVPN:DebianHowto https://wiki.hamburg.ccc.de/ChaosVPN:UbuntuHowto https://wiki.hamburg.ccc.de/ChaosVPN:OpenWRTHowto

https://wiki.hamburg.ccc.de/ChaosVPN:FreeBSDHowto
https://wiki.hamburg.ccc.de/ChaosVPN:NetBSDHowto
https://wiki.hamburg.ccc.de/ChaosVPN:Netbsd_NAT_VPN_router_using_chaosvpn_and_ipnat
https: // wiki .hamburg.ccc.de / ChaosVPN: MacOSXHowto

1. Whatever operating system you are using, enter the CLI and install LibreSSL and zlib (also known as A Massively Spiffy Yet Delicately Disobtrusive Compression Library).

2. Install the tinc. There are a few ways to do this, but one way is to simply go to this repository, download the components and compile them: index / lenny / sdinet / tinc . The alternative is to go to tinc: download , where all packages are available.

3. Install the ChaosVPN software. You can find this in GitHub : ChaosVPN. There are several methods to install it, depending on how hardcore you are, but basically - you can either create a Debian package from the git snaphot, create a Debian package, or compile and install the raw binary. (I am suddenly having a vision of 1 and 0 ...)

4. Once you have a new node in ChaosVPN, you need to find a network nickname and an IPv4 or IPv6 range that you will be using (about which the wiki also refers). 5. You then need to generate your public and private RSA keys with tinc. To do this, you use the "generate rsa-keys [bits]" command. The default number of bits is 2048. If you save the keys to existing files, tinc will not delete the old ones; you must remove these manually. 6. Send your information to Chaos Computer Club staff: [email protected] . The wiki sends more details about the information they need.

http://wiki.hamburg.ccc.de/index.php/ChaosVPN
http://blog.hackerspaces.org/2010/05/17/open-research-network-for-hackerspaces/

The Agora Link is the north arm American Network of an Open Research Network developed and maintained by a coalition of US hackers. Our partner in Europe is ChaosVPN. The purpose of this network is to facilitate the sharing of ideas and resources, as well as to allow collaboration between different geographic regions. Our hope is that we meet the needs of amateurs and professionals whose goal is a better understanding of science and the subsequent development of technologies. We are making use of Tink VPN ( http://www.tinc-vpn.org/) as the main software component that allows each node to talk to each other. However, currently we are using some custom software to enable our unique needs

Status
[DONE] vpn node ip allocated ( 172.31.0.16 )
[DONE] Collect
virtual hw with Debian Lenny 6.0 and ChaosVPN / AgoraLink pkgs from debian.sdinet .de repo installed by ruza
[FAZ] revives VPN connectivity, NAT
[DONE] extends internal brmlab DNS with domain DNS.
[DONE] correctly configured the routing 172.31.0.0/16 (eu) and 10.100.0.0/13 (us)

FUNCTIONALLY FUNCTIONAL node chaosvpn: IP: 192.168.77.21 hostname: chaos.brm

running and installed as Virtrual KVM, 32bit Debian Wheezy on schiza.brm ( 192.168.77.23 )
all NATO traffic as 172.31. 0 .16 (brmlab.hack)

Services provided by the brmlab node
http: //brmlab.hack

Tor SOCKS4 proxy

Nodes in ChaosVPN can use 172.31.0.16: 9050 as Tor input node.

Services provided by ChaosVPN network

http: //chaosvpnwiki.hack (or http://172.31.0.24 ), internal wiki
http://wiki.hamburg.ccc.de/index.php/Warzone
http://wiki.hamburg. ccc.de/index.php/ChaosVPN:CTF
http://wiki.hamburg.ccc.de/index.php/VoIP
http://wiki.hamburg.ccc.de/index.php/ChaosVPN#Services_available_on_ChaosVPN

Routing - access internal brmlab you have access to chaosvpn resources connected to brmLAN 192.168.77.1 (Asus AP) should redirect it through the 192.168.77.21 (virtual chaosvpn gw). Otherwise, add the following static routes by themselves. route add -net 172.31.0.0 netmask 255.255.0.0 gw 192.168.77.21 (static route for ChaosVPN (EU))

route add -net 10.100.0.0 netmask 255.252.0.0 gw 192.168.77.21 (static route for AgoraLink (US))
You can also use the squid http proxy 192.168.77.24:3128

DNS Forwarders

chaosvpn .hack domain forwarder ##

zone "hack" {
slave type;
file "slave.hack";
masters {172.31.0.5;};
}; "rail.hack" zone { slave type; file "slave.rail.hack"; masters {172.31.252.2;}; }; NAT / etc / iptables / rules * filter : INPUT ACCEPT [6: 911] : FRONT ACCEPT [4: 318]

: OUTPUT ACCEPT [18: 1950]
-A INPUT -p tcp -m state --state RELATED, based -j ACCEPT
-A INPUT -i chaos_vpn -p tcp -m tcp -detro 22 -j DROP
-A INPUT - i chaos_vpn -p tcp -m tcp -right 222 -j DROP
COMMIT

• nat
  : PREPARING ACCEPT [148: 29394]
  : POSTROUTING ACCEPT [123: 8448]
  : OUTPUT ACCEPT [3: 1248]
  -A PREROUTING -p tcp -m tcp -port 9999 -j DNAT - to destination 192.168.66.6: 9999
  -A PROMOTION -p udp -m udp --date 9999 -j DNAT - to destination 192.168.66.6: 9999
  -A PREROUTING -p tcp -m tcp --direito 2201 -j DNAT - to target 192.168.66.4: 22
  -A PREROUTING -p tcp -m tcp --desta 9050 -j DNAT - to target 192.168.77.24: 9050

• The POSTROUTING -o chaos_vpn -j MASQUERADE
  COMMIT