InfoSec Ninjas

NightHawk




SUPPORTING FORUM : NightHawk at Reddit


About


NightHawk (Torified Ubuntu VPN Server) is built with Tor on Ubuntu Server and released under GPLv3. It is developed by Samiux. It is fine tuned for speed problem which is Tor main problem. The speed of using NightHawk is much faster than using Tor alone. NightHawk is working behind a router, such as wireless router, wired router or Android Wifi share from Android device and etc. However, 3G and 4G LTE may cannot be connected to sock server for sometimes. Therefore, 3G and 4G LTE are not recommended. If your 3G or 4G LTE connection is stable and fast, you can use it flawlessly.

If you want to know more about Tor, you can go to here for more details.








Download


The current version NightHawk should be installed on Ubuntu Server 14.04 LTS (other version will not be supported). Meanwhile, Debian 7 is also compatible.


wget http://www.infosec-ninjas.com/files/nighthawk_current.tar.gz

sha1sum -- 57ad5ae496a413167a5742cfabd14752e036be45 nighthawk_current.tar.gz




Change Log

2012-10-15 - First released
2014-01-25 - Minor bugs fixed and Open Source, and is released under GPLv3
2014-01-26 - Minor bug fixed
2014-04-28 - Renew for Ubuntu 14.04 LTS, and some improvement. Debain Wheezy is supported.
2014-04-30 - Some improvement
2014-05-01 - Some improvement on speed
2014-05-02 - Major bug fixed
2014-05-15 - Modified for new network interface naming policy in Ubuntu 14.04




Pros and Cons


Pros :

(1) Easy to use and install
(2) Use your favourite Operating System
(3) Transparent to all applications and software
(4) Portable
(5) Anonymity
(6) Support wired and wireless network (including mobile network, 3G/4G)
(7) Flexible

Cons :

(1) Should use Firefox and some related Add-ons are required
(2) Your Operating System may be infected by malware
(3) Anti-virus/malware software is required on your Operating System
(4) Your Operating System should support PPTP VPN
(5) Speed is reduced
(6) Requires another computer when not using virtual machine
(7) 512MB extra RAM and 10GB extra space when using virtual machine
(8) Router (wired or wireless) or Mobile phone tethering is required


Similar project :

Whonix - Anonymous Operating System
Tails - The Amnesic Incognito Live System




Worth to read :

How Can I Stay Anonymous with Tor? (dated Jan 10, 2014)




Installation and Configuration






Basic Security


Make sure you have no DNS leakage vulnerability (you can confirm it at here), you should set the DNS at your router to one of the following :

Comodo public DNS

NS1: 8.26.56.26
NS2: 8.20.247.20

Google public DNS

NS1: 8.8.8.8
NS2: 8.8.4.4

OpenDNS public DNS

NS1: 208.67.222.222
NS2: 208.67.220.220

DNSAdvantadge public DNS

NS1: 156.154.70.1
NS2: 156.154.71.1

Moreover, NightHawk is designed for internal network (LAN) only. Outside the LAN is NOT recommended. If you insisted to place the NightHawk outside the LAN, you will be hacked. Meanwhile, your PPTP VPN username and password should be strong enough; otherwise, you can be hacked. In addition, please update NightHawk often too.




Complete Anonymously


When connecting via NightHawk, make sure your Firefox is installed add-ons namely NoScript to disabled all the Flash and JavaScript plugins as those can reveal your identity (such as IP address) without warnings. Meanwhile, do not bittorrent and download file. Or, you can use QuickJS Firefox add-ons to replace NoScript when necessary.

Do not connect back with reverse connection as it will reveal your IP address. When need to, please consider to use hidden service with torsocks or socat or alike.


You are also recommended to install the following Firefox Add-ons :

Self-Destructing Cookies

DuckDuckGo Plus (Search Engine)

NoScript Security Suite

QuickJS

Random Agent Spoofer


Remarks : Random Agent Spoofer may cause some sites not working properly as it may use old user agent of the browsers.


You can consider to change the MAC address of the NightHawk with macchanger. If you do so, the IP address of the NightHawk may change for almost all of the router.



Hardware Requirement


The minimum hardware requirement is :

CPU - Intel Atom D510
RAM - 2 GB
HDD - 8 GB
NIC - one Gigabit LAN interface


The minimum hardware requirement for VirtualBox is :

CPU - one
RAM - 512 MB
HDD - 8 GB
NIC - one (Bridged)


User Manual


First of all, you should behind a router. The NightHawk (Torified Ubuntu VPN Server) should be installed on Ubuntu Server (Long Term Support, LTS) or Debian Server (Stable) (x86_64 is prefered). Other versions and distributions will not be supported. It can be installed to VirtualBox or standalone computer.

You should know how to install and setup Ubuntu Server or Debian Server.

You also should know how to setup a PPTP VPN connection at client side.

Make sure port 1723 is opened for internal network and you are not advised to open this port for public network unless you need to do so. If you open this port to public, make sure your VPN client passwords are very strong.



INSTALL

Before going to install NightHawk, you need to update the Ubuntu server.


sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get --purge autoremove
sudo apt-get autoclean


Then, you need to reboot.

sudo reboot


This PROCEDURE should be RAN ONCE. If run more than one time, your system will be broken.

wget http://www.infosec-ninjas.com/files/nighthawk_current.tar.gz
tar -xvzf nighthawk_current.tar.gz
cd nighthawk_current

sudo -sH
chmod +x *-nighthawk

Edit the name of the network interface in "nighthawk.conf", e.g. eth0, p2p1 :

nano nighthawk.conf

sudo ./install-nighthawk



* Please note that Debian do not have "sudo", you need to login as root.



SETUP

sudo setup-nighthawk

Follow the instruction on the screen to setup. If you do not know what you have been asked, just accept the default setting by pressing the Enter key.

To check the IP address of the NightHawk (Torified Ubuntu VPN Server), you should do the following. The script only works on eth0.

ifconfig eth0

There would be something like 192.168.0.100 or similar. If there is no eth0, it should be a problem. Please check the router and your connections.

After that, you may need to reboot the server if you cannot ping your gateway.

For example :

ping 192.168.0.1

However, you cannot ping yahoo.com or outside world.


UPDATE

After the NightHawk (Torified Ubuntu VPN Server) is setting up, you have to update the box.

sudo update-nighthawk

You are advised to update your server every one week in order to keep the server up to date.

ADD VPN USER

To add a new user, you can do the following.

sudo adduser-nighthawk

DELETE VPN USER

If you want to delete any username in the box, you should do the following :

sudo deluser-nighthawk

CONNECTIVITY

Server side :

To test the server if it works or not. You type the following command under the server.

For example, ping your gateway :

ping 192.168.0.1

If you have the ping result. That means the server is working. Press Ctrl+C to quit the ping process.

If there is no ping result, you are required to reboot your server to test again.

To test the Tor is working or not. You type the following command under the server.

elinks cmyip.com

If elinks is not installed, just install it :

sudo apt-get install elinks


If you see the IP address is different from your real IP (the external IP), that means the server is working fine.

Client side :

To test the server if it works or not. You can connect the server via VPN (PPTP) from your host. To set the PPTP VPN Client, you should set the "Gateway" or "Server address" to be the IP address of your NightHawk (Torified Ubuntu VPN Server) or the hostname. For Windows and Mac OSX systems, the hostname method may not work properly. Once it is connected, you can go to the following site with your browser.

https://check.torproject.org

If you see a big green onion, your server is working fine.

OTHER STUFF

The hostname of the NightHawk (Torified Ubuntu VPN Server) is the IP address of the NightHawk.

You are required to use "sudo" on each command; otherwises, the command will not work.

To power off the server, you need to enter "sudo poweroff". When you want to reboot the server, you need to enter "sudo reboot".

Since PPTP VPN is not very secure, you need to set a very strong password when it is allowed for connecting outside your internal network.

You can use NightHawk without logging in to the PPTP VPN. If your applications are support SOCKS4 or SOCKS5, you can set the application to SOCKS5, port 9050, IP address of NightHawk to use NightHawk without login the the PPTP VPN.

Speed Improvement

If your router supports QoS, you can set the traffic on Ports 53, 80, 443 on localhost and IP address of HighHawk in very high priority in order to increase of the speed of the NightHawk network.

Linux Client

Like Mac OSX, Linux can tunnel all traffic from the client to the VPN, However, you need to set something on the Network Manager (Gnome).

IPv4 Settings -- Method -- Automatic (VPN) Addresses only -- DNS servers -- (the IP address of NightHawk)

VPN -- Gateway -- (IP address of NightHawk) -- User name -- (NightHawk VPN username) -- Password -- (NightHawk VPN password -- Advanced -- (Click all checkboxes except Send PPP echo packets)




What is a strong password?

A strong password should be combined with numeric, character (upper and lower cases) and speical characters as well as more than 16 characters length. In addition, the word inside the password should not be a common word or it can be find in the dictionaries or internet. It is better that the password should be nonsense.

TROUBLESHOOTING

If you have re-generated the MAC network interface when importing or at anytime you think fit. You may encounter no network interface on the server. If so, you should follow the below steps to fix.

sudo nano /etc/udev/rules.d/70-persistent-net.rules

Then, delete the first entry of eth0 and rename the second entry of "eth1" to "eth0" at the end of that entry. After that, reboot the server. The network interface should be came back.

Meanwhile, the network interface should be in "Bridge mode" on the VirtualBox. It can be bind to ethernet or wireless network interface.

Furthermore, make sure there is no USB device (such as USB DVD ROM and USB stick) is inserted to the computer. Otherwise, this application will malfunction. In addition, some services (such as Google Search and freenode.net irc) may ban the Tor network. However, we can refer to this link to run freenode for NightHawk.

If you run NightHawk on different routers, I suggest you to have different virtual machines of NightHawk for each router. Or, if you insist to use one virtual machine, you can make a snapshot after the installed a working NightHawk. When switching router, you should revert the virtual machine to the previous status when you cannot make the virtual machine function again after running "sudo setup-nighthawk" and reboot. If you can ping your gateway, the new setting is working.

For Windows systems, you may encounter DNS problem on PPTP VPN, this link may help. However, you should consider if there is any DNS leaking or not.

For the usage, such as IRC, FTP and web browsing, you can refer to the above video. Make sure you forward the ports for FTP usage.


Access .onion sites with NightHawk


You may not connect to the hidden services servers due to you are not running Tor (or NightHawk) or the servers are very busy.

The TOR Library
WikiLeaks mirror
Duck Duck Go search engine

The Deep Web Links

The Hidden WiKi 1
The Hidden WiKi 2
The Hidden WiKi 3
Deep Web Link Directory


REFERENCE


VPN setup on Windows 7