How to configure Apt update to use TOR Network mirrors in Debian 9.0 (stretch)
CORRECTION: when adding the TOR repositories use "stretch" instead of "jessie" when running Debian 9.0!
The Crypto Dad walks you through the preliminary steps of increasing the network security and reducing the network footprint of your secure system.
Now that you have your secure Debian system installed (see below), there are a few things we need to do to configure our base system. We can then move on to installing Virtual Box and Whonix.
These steps are taken from the anoymous guide which can be found here:
https://anonguide.cyberguerrilla.org
NOTE: BEFORE FOLLOWING THIS GUIDE, MAKE SURE THAT THE JURISDICTION THAT YOU LIVE IN DOES NOT HAVE ANY LEGAL CONSEQUENCE FOR CONNECTING TO THE TOR NETWORK!
We need to be the superuser to perform the following steps
1. The first step is to set the clock to run on UTC time. We use the following command:
dpkg-reconfigure tzdata
We then choose “None of the above” and then choose “UTC”
2. Second we install and configure the firewall:
apt install ufw
and then we edit the before.rules config file with”
nano /etc/ufw/before.rules
press LEFT-CTRL + W and type “icmp”
You will want to comment out the lines for all of the icmp codes
press LEFT=CTRL + X and choose “Y” to save and then “enter”
next type “ufw enable” to start the firewall.
3. Next we will install the tools and configuration files that will allow us to use Tor services when running updates and installing software.
First we install the following programs with:
apt install tor apt-transport-tor
after this we should backup our sources.list file with:
cp sources.list sources.list.bak
we can now edit the sources.list file with:
nano /etc/apt/sources.list
we can use “LEFT-CTRL + K” multiple times to delete lines until the file is empty.
Next we will paste in the following lines:
deb tor+http://vwakviie2ienjx6t.onion/debian stretch main contrib
deb tor+http://vwakviie2ienjx6t.onion/debian stretch-updates main contrib
deb tor+http://sgvtcaew4bxjd7ln.onion/debian-... stretch/updates main contrib
then we press “LEFT-CTRL + X” and type “Y” to save
4. We then disable Time satmps witht the two following commands:
“echo "net.ipv4.tcp_timestamps = 0" (left angle bracket..see video) /etc/sysctl.d/tcp_timestamps.conf”
“sysctl -p /etc/sysctl.d/tcp_timestamps.conf”
5. finally we will diable the IPv6 Protocol by editing the GRUB file
nano /etc/default/grub
edit the line that says ‘GRUB_CMDLINE_LINUX_DEFAULT=”quiet”’
to say ‘GRUB_CMDLINE_LINUX_DEFAULT= “ipv6.disable=1 quiet”’
then we press “LEFT-CTRL + X” and type “Y” to save
after that we run “update-grub”
and that is it!
We can run apt update to test out our new configuration.
If you want to install the base system, you should follow my previous videos:
This configuration is designed to give us a secure and private operating system. From here we can add and configure additional privacy and anonymity tools such as Tor, Whonix and VPNs.
What you will need:
1. Computer (Laptop or desktop)
2. Internet connection (wired preferred)
3. Installer Media (CD-ROM or Flash Drive)
4. SSD Hard Drive
5. USB Flash Drive (small profile)
6. Time and Patience
You can find the other parts of this tutorial here:
Intro: (overview and gathering materials)
• Installing Debian Linux with full-dis...
Part 1: (Initial set-up and format encrypted drive) here
• Installing Debian Linux with full-dis...
Part 2: (partition encrypted drive and download software form mirrors)
• Installing Debian Linux with full-dis...
Part 3: (install Grub boot-loader and finish installation)
• Installing Debian Linux with full-dis...
Part 4: (Creating key file and moving it to boot drive)
• Creating a keyfile in Debian 9.0 to l...
Part 5: (removing pass-phrase key and shredding copy of key-file on the hard drive)
• Creating a Keyfile in Debian 9.0 to l...
Here is the website where you can download the latest version of Debian Linux
https://www.debian.org/
The software for writing the installer to a boot-able flash drive and can be found here:
Win32 Disk Imager
https://sourceforge.net/projects/win3...
If you prefer to write your installer image to a CD-ROM, I would highly recommend Power ISO
https://www.poweriso.com/
Donate Bitcoin:
1JBxwXG8P6PYKKsrHKzQduM8s8RoV3dnjr