The dark web needs your help. So in this video I want to show you how
you can become part of the dark web, which I know sounds kind of
weird, right? But it's awesome. And within five minutes you're going to
be running a server known as an onion relay. Yeah, the dark web's full of onions and you're
helping make the dark web possible like you're helping it run. But why? Because
isn't the dark web kind of a bad place? It can be like all places, but it's also what millions of people
around the world depend on to stay safe and anonymous online. The
dark web is all about privacy, and that's where you come in. The dark web is kept safe
by onions or onion relays. Every single time someone tries to connect
to anything through the dark web or the Tor network and onion Circuit is
formed consisting of three onion relays. These onion relays are just servers,
but they do one really cool thing, much like the layers of an onion. Every
time your data passes through the onion, a layer of encryption
is added to your data. Keeping your data safe and your
identity anonymous. And by the way, there's a lot more to that and it's kind
of amazing. So you want to learn more. Check it out here. Now your mission,
should you choose to accept it, is to become one of these onion
relays. Now why you? Well, did you know that every onion relay
is run by people like you volunteers? Making this decision is a big deal
and will have a pretty big impact. Every time an onion relay is added
to the dark web, it gets better, it gets stronger. More
relays mean faster speeds. The network itself will be
more robust against attacks, it'll be more stable and it'll
be safer from spying. Now, I know you're probably wondering, is it safe to have a ton of
unknown traffic going over
your network through your server traffic? That could
potentially be illegal? Well, it depends mainly on what type
of onion relay you choose to run, which there are different
types and where you put it. Can I tell you a dark web scary story?
Get your popcorn and coffee ready. Popcorn and coffee. Is
that any good? Lemme try. Okay, let's see. It works. So go ahead
and do that. By the way, this coffee popcorn break
is sponsored by a Dashlane. So here we go with the
help of Dolly three. Here's the scariest dark
web store you've ever heard. So a hacker sneaks into
Hack Well Industries. He plugs the USB into the server and
gets all of the customer information, usernames, passwords, the works, and then he puts it for sale on
the dark web like they all do now, changing scenes, we have the Network
Chuck team looking real classy. They're all working diligently and just
happened to notice an alert in their dash lane dashboard, their
password manager, and again, the sponsor of this video, everyone was suddenly alarmed
when they checked the message. Their usernames and logins for hack will
Industries were all put on the dark web for sale. And this is like, that's
coffee coming out of my body, exploding. They're hacked. But hold up. In a moment
of Clarity Network, Chuck realizes, Hey, thanks to Dashlane and their
dark web monitoring feature, we were alerted and now we can
take action before it's too late. So the team gets to work on changing
their password for Hack Well Industries using Dashlane, they create a unique new complex
password not used by anything else. And Dashlane made that super easy.
Thank you, Dashlane, but hold up. Who's that guy over there? Alex?
Lazy. Alex. Instead of changing his, he's playing Solitaire,
daydreaming and his network. Chuck was checking his
Dashlane team dashboard, checking up on the health
of his employee's passwords.
He notices that, hey, Alex is in bad shape. He's reused the same password multiple
times and he still has a ton of compromised passwords found
on the dark web. So network, Chuck knows exactly how to deal
with this coffee on the head. It'll do the trick. So
Alex drenched in coffee, finally changes his password
and the network Chuck team, they're good to go network. Chuck
then has the meeting with his team. Just going over again, the importance of secure passwords and
how it's the employees that are mainly the door into a company and how
companies get hacked and using Dash in. They can change their passwords,
check their password health, have them securely stored dark
web monitoring. It's awesome. The story doesn't have a happy ending
network. Chuck forgot one thing. His remote employee, no one as Nick. Florida. Nick. Nick hasn't been using Dashlane
at all. Here it is. Nick, look at all that chest here and has
instead been writing all of his passwords inside a manila notepad. And without
a password manager like Dashlane, there's no way if Nick knows his
stuff is for sale on the dark web, he rarely changed his passwords
and they're probably all the same. So don't be like Florida Nick. Use Dashlane again to sponsor this video
and what the network Chuck team in real life actually uses to keep our
passwords safe. You got to try it out. Link below dashlane.com/network. Chuck 50 and make sure you
do use that code network. Chuck 50 and you'll get
50% off at checkout and you
can use Dashlane anywhere. I do my phone, computer, all devices,
and that's the end of our scary story. Looking back at our onion circuit,
we have three types of relays. The first one is the guard or entry
node, the second is the middle, and the last one is the exit node.
Now let me get this out of the way. You do not want to be the exit
node, at least not right now. According to the experts on Reddit,
the police could show up at your door, which happened to one dude
here. Now why does that happen? And that probably scared you, right?
The exit node is the most exposed onion. Normally when you visit a
website, this is you, you're Bob, and you're not using the tour network, you're just going straight to that website
and that website knows who you are. You can see your IP address, but on
the tour network it can't see you. That's the point, right? So it's
going through a bunch of onions, but what that website
can see is the exit node. So in this particular
situation right here, that website thinks you are
the exit node, but you're not. And that's what keeps your identity safe. The problem is that if you are running
an exit node, and when I say you, you're no longer Bob, you are now Stacey, the awesome person running an exit node. So if Bob accesses something kind of
sketchy and the police maybe are trying to catch Bob at doing that sketchy thing,
they're not going to come after Bob. They're going to come after Stacey because
they see Stacey as the one accessing that website. So don't be Stacey
right now, don't run an exit note. According to the official
tour documentation, exit relays have the greatest legal
exposure and liability of all the relays, and they're normally run by
institutions and universities, people who are set up to deal with those
kind of police knocking at your door situations. Normally they have agreements with the
ISPs they're working with and they know they're running a tour exit node
and it's all good. They know. So unless you're an institution
or university and you
know what you're doing in that respect, you're probably
going to want to run the other two. The guard node and the middle node.
Now the guard, the first stop, first onion in a circuit and the middle
is the well, he's the middle child. No one pays attention to him, and that's
perfect. That's what you want to be, right? And that's what I'm
going to show you how to do. The guard and middle node relays hardly
receive any kind of complaints of abuse, meaning like illegal activity going
through them because people don't see it. It's the exit nodes that are
public and exposed, right? No one cares about the middle child and
the guard node is pretty much the same as far as exposure. And just
so you know, when starting out, when you start running a tour
relay node, an onion relay, everyone's going to be a
middle relay. Everyone. You have to earn your way to
becoming a guard Over time. If you earn your stripes and you're
consistent and your're awesome, you might be able to become a guard.
But right now we're all middle children. So sorry. Now the other big consideration
is where are you going to put it? There's really two places. Either you're going to host it in your
house on a spare piece of hardware, like a raspberry pie or any old laptop you
have laying around or a VM on a server. That's an option. And it's kind of cool
because you're not even using it, right? If you have extra bandwidth, go for
it. The other one, and I prefer this, is you can run a tour relay in the
cloud. This is normally very low cost, three to five bucks a
month and is much easier. And that's actually the way I want
to walk you through right now. And by the way, the steps I'll
show you apply to the home as well, but if you do want to run it at home, there are some system requirements
you got to be aware of for bandwidth. Your home network will need to be able
to handle 7,000 concurrent connections. Now, what does that mean? It means that normal run of the mill
routers like this, I have one here, this little TP link router, it's
not built to handle a ton of things. So your router may kind of sweat a little
bit, but it's just a trial and error. You could test it out. But again,
if you're running from the cloud, you don't have to worry
about anything at all. The cloud will just handle it
for you. As far as bandwidth, it's recommended that you have 16
megabits per second available to spare. So 16 up, 16 down extra
that's recommended. At least they want you to
have 10 megabits per second. Then if your bandwidth is metered, meaning you can only use so
much bandwidth per month, you got to watch out for that with your
tor relay. It'll use as much as it can. So you may want to limit it and
I'll show you how to do this, but you're required as a tor relay to use
at least a hundred gigabytes per month of outbound traffic.
And according to this, the same amount of incoming traffic
as well. So 200 total, right? I think that's what it's saying. And
again, if you're running this at home, you will need a public IPD for
address. You won't need a static one, but it will either need to be
directly on the host, which is rare, or it's going to be behind
nat, which is the most common. And you'll have to do some
port forwarding. I'm not
going to detail that here, but just know your router normally
has. This can be my router right here. Your router normally has
the public IPD four address. Let's just say it's 1 0 4 point 25.8 0.2, and it shares that with all
the devices in your home. So if you're running your onion relay, you'll have to make sure that
when people hit port, whatever, maybe port 80 on your router,
it's forwarded to your onion. But again, I'm not going
to detail that here. Now, if you're an absolute mad Ladd and you
want to run a ton of Torah relays in your house, you're limited to eight
per public IPV four address. So don't go too crazy. And then as far
as server requirements, it's not a lot, which is why you can run
this on a raspberry pie. We're talking 512 megabytes of
ram. This storage is nothing. You just need 200 megabytes of spare
storage. Any modern CPU is fine. And finally, uptime. If you're
going to be running a tor relay, the goal is that you have it up
24 7 available. You don't have to, but ideally that's what you're doing
this for, right? But if anything, you want to make sure you're doing
it for at least two hours a day. Otherwise it's kind of
not very useful. Now, one more note on running this
at home on your own hardware. I sent earlier that guard nodes and
middle nodes normally don't receive any complaints and any fuss about
anything, but that's normally it. Doesn't mean it can't happen.
Just be prepared for that. You might get A-D-M-C-A notice or some
kind of copyright notice, and even then, it's not the end of the world. A simple letter or email to your ISP or
whoever's complaining can smooth it out. And the TOR project does
have email templates you can
use. Just copy and paste, send that to them, but just know that's
a possibility. While it is small, now we're going to start setting
up our tor relay in the cloud. And if you want to set it up
at home, just follow the steps. It's pretty much the same. Now, I'm not going to recommend any particular
cloud because some clouds don't really like you running TOR relays on their
network to find out which ones are good. The TOR project does have a list of
good, bad ISPs, pretty exhaustive. Just go through 'em all here. They'll tell you if you can
run a relay or an exit node. Most of the time they're not going to
care if you run a guard or a middle node exit is really what they care about.
And if you really want to make sure, just talk with the chat, put a
support ticket in and ask them, Hey, can I run one of these
types of relays? Now for me, I'm going to use digital Ocean to
run mine. And also keep in mind, as you're choosing your hosting
provider, your cloud provider, the TOR project wants you to try and
avoid these because they're overly saturated. The goal here is to have a bunch of
onion nodes throughout the world on all types of networks. If we have a
bunch of onions all in one place, it kind of limits its effectiveness.
We want to spread out. Now for me, I'm going to choose Digital
Ocean to run mine. Again, I'm not recommending you use
this, it's just an option. And you should definitely check with them
yourself if you're allowed to do this. But the cool part is
it's ridiculously easy. So now that we have all the legal stuff
out of the way, let's make an onion. Here are the steps. Step one, set up
your server, right? And the cloud. I'm going to set up in Ubuntu
machine. That's Lennox. I'm going to put this in London.
Sorry, that was my best British accent. No, Ron. No. I need to watch more. Harry Potter. I'm going to choose the latest
version that Digital Ocean has. 2304, I think that's bookworm
actually, I'm not sure. And then for the size of my
virtual machine here in the cloud, I'm going to go with these $6 a month
machine, which has one gig of ramp. And then notice with a
lot of cloud providers, we have a limit of how
much data we can transfer. We're capped at one terabyte on
digital ocean. Whatever you're doing, find that out. We're going to add that
config later on. And if you're at home, go ahead and set up a VM or whatever
you want to run that's similar to this. I do recommend Ubuntu.
It's my go-to, I love it. I'll set up a password and name
it something cool. Middle child. And what am I forgetting? Oh, my password
sucks. Try it again. There we go. It likes that one. Nick,
please don't show my password. Now I'll create my server. On that note, I also recommend you run a
dedicated server or whatever
it is for the Tor relay. Don't have it running on your main machine
or a machine that you use for other purposes. That being said, you could
probably run this as a Docker container. I haven't tried that yet. Let me know
in the comments if you can do it. Well, that's booting up. Let's take a little
coffee break. It's my first cup today. Okay, the middle child I think is ready. I'm just going to jump into him and
grab his IP address so I can remote into him. I'll launch my terminal SSH
route at the IP address of my server. Do the same thing for you,
whatever your user name is. And we're in now for step two, we're going to set up what's called
unattended upgrades or just auto upgrades. And this is kind of a nice step because
what it will do is make sure that your system that you're running your on relay
on stays up to date with all the latest and greatest stuff, especially
the TOR version of the software. And it'll do this automatically.
You don't have to worry about it. That's the kind of magic I like.
So let's set this up right now. The first thing we'll do is an APT update. This will update all our
repositories and we're good to go. Now notice real quick, it does say I have packages I can update
and you might be tempted to run APT upgrade. Don't do that just yet.
I want to test something. Next, we'll install the
unattended upgrades package. So APT install unattended dash upgrades, and we'll also install APT dash
list changes. Ready, set, go. Hit enter to install, and
we're good to go. Next, we're going to edit a file and I
will have all these commands below. So don't worry. We're going to use
good old nano to edit the file. So nano and the file will be an
Etsy, APT, and blah, blah, blah. I'll just copy and paste the
rest. So that file, hit enter. And the first thing we're going to do
is remove all the current config that I see right here. So just
kind of all this stuff. And we can do that really easily
with nano with the Control K keyboard shortcut. So control k, bam,
it knocks you out the whole line. Bam, bam, bam, bam, bam, bam, bam, bam,
bam, bam, bam. Okay, it's gone. And now we're going to copy and paste
some stuff that I'll all have below. Copy and paste that which is telling
it what Distros to auto upgrade. And then we're adding this line
of config, which will allow it. And this is optional to reboot and come
back up on its own for the upgrades. Kind of cool hands off, I
love it. With that in place, we're going to exit nano
control X, Y enter to save. We're good to go almost. We have a few more things to do
for unattended upgrades. Next, we're going to edit this file. We're
going to do nano this file right here. Again, this will all be below. I'm going to remove everything I see
here and copy and paste all this stuff. Just configuration options for unintended
upgrades, control X, Y, enter to save. And that's it. It's configured. And
now what we want to do is just test it. And we'll do that with this
command unattended dash upgrade. And we'll do a dash
dash or tick tick debug, not tick bug debug. There we go. What this will actually do is update and
it will reboot so you get a good test of what it's doing. Ready,
set, go. Lots of stuff. Perfect Time for a coffee break. And I
just love watching terminals, don't you? And just like that, it rebooted. So I'm
going to wait for it to come back up. So step two is done not for step three. And here we're actually going to install
tor. This is where the fun starts, and it's really not
that bad. Kind of easy. I'm see if I can connect back to my
machine if it's back up and running. It is and I'm in Now, the first step in installing TOR is adding
any Tor repos to our repository list. First we'll do an APT
install APT dash transports. Https, I already have it.
You might already too. If
you do hit that like button. Next, we're going to find out the version of
Linux we're running right now or the Debian version if you installed
Ubuntu. So I'm going to cat a file. KA Etsy Debian version. Cool. So it is running bookworm.
Yours might be different. Just remember this right here. Now
we're going to create a new file. We're going to use good old nano again, so nano and the file will be in
the sources list D directory. And we're going to name it Tor
list. So it'll look just like this. Hit enter, and we're going to
copy and paste some stuff. Again, commands below and paste. Oh, I do
not like that being out of line. Lemme just move that over. Ah, perfect. Now there's two things you want
to update here before you save it. Right here where you see your distro,
you want to remove the curly brackets, the braces, and put in your distro
name, which we just catted just now. Just going to remove that and
put in bookworm just like this. Same thing for the line below. So this right here is our repositories
that we're adding for tor. We'll hit control X, Y
and enter to save. Next, we're going to add the
GPG key with this command. This will allow us to trust this
repository so we can pull down the stuff, add it, and now we're going to update
our stuff, our packages, a PT update. You'll notice it's actually looking at
the Tor project right there because we just added those. And then finally,
we're going to install tor. Here we go, APT install tor, and we'll do deb tor project.org, key ring, which is adding the necessary keys so
we can again, trust the TOR project. Ready, set, go. Do we want to
continue? I sure do. To enter, and it's almost done. I think
it's done now. Just so you know, you installed tour, nothing's
happening yet. By default. It's just kind of like Configure
me, please. It's not doing anything. You have to make sure it runs.
And that's going to be step four. Let's configure tour. Did that
rhyme? I didn't even plan on this. So the configure tour, we're going
to edit a configuration file. The command will be nano Etsy, tour tour C or to rc. Hit enter and we are editing the TOR
network file or the configuration file. Now notice everything's hashtag out,
meaning that it's not currently enabled. You could go through and
enable each one of these. What I prefer to do is just add all the
commands right here in an open space, just like what you see here. The first
option we'll configure is the nickname, just like this of our relay. Name it
whatever you want. I'll name mine, middle child. Next, you'll
want to add contact info. So just like this will be your
email address. Now, I will say this, make a new email address
for your TOR relay. Make one that's dedicated to tour
that does not identify you in any way. I did that. I'm not going to show you mine because
then that'll identify me to you. I'm not too worried about it
though. Next we'll do the OR port, which is the port that the tor relay
will listen to for incoming connections. So that's your gateway into or other
people's gateway into your network, into your relay. Now if you're
doing this on a server in the cloud, it's not crazy important. I'm
just going to run this on 4, 4 3. One of the defaults is
9,001. So you could do that. Just keep in mind that whatever you
run, if you're running it in your house, you'll have to port forward. That for me
in the cloud, 4, 4, 3 is perfect. Now, this next option is very important.
It's exit relay. Just like this. You want zero for no, we do not
want to run this as an exit relay. If you wanted to do that, you would
put one and no, we're not doing that. The next one will be SOX pour for me. I'm going to put zero because I
don't want to run a SOX proxy. It will run by default. And if you
don't know what that is, just put zero. Don't worry about it. This is for if
you only want to run tour on this relay. Now this is all you need for basic setup, but if you're like me and you want to
put in some bandwidth restrictions, let's add that right now. So I'll
just put a little section here. Bandwidth stuff, and again, they have all this config down
here and you can look for it. I don't want to bother
with trying to find it. I'm just going to add it right here.
The first option will be accounting Max. This will be the total amount of
bandwidth I want my Tor relay to use for a given period. Now, for me, I'm
going to set it up for a month. You can actually change it
for a day or for a week, but the month is probably the best.
How people charge for things, right? Your ISP and your cloud provider. For me, I'm going to do 800 gigabytes, keeping me under the threshold
of a thousand gigabytes
or a terabyte on my cloud provider. Next, I'll
define what my period is. I'll do that with the accounting start
and I'll say month. That's my period. I want to start on the first day of
the month at midnight. 0, 0, 0. Now, I'm not going to detail it here,
but if you scroll down just a bit, we'll get to the section
on bandwidth here. It details more control over how
much bandwidth you allow each day, the speed you get, throttle traffic
control bursting. So for example, if I un commented this command right here, I would only allow speeds of a
hundred kilobytes per second. And then maybe I allow this one, which would allow it to burst
up to 200 kilobytes per second. But because I'm running it in
the cloud and I'm not using it, my own bandwidth at home, I don't
care too much. But for you at home, if you want to control that,
just uncommon those commands. And I'll show you a way you can actually
visualize this here in a bit and actually gets us to our next
configuration option monitoring. I'll just do a little section
here. Monitoring stuff. Now, this is for in a moment for future
US because we're going to install a monitoring program that'll help
us visualize our TOR relays. These two options we're going
to add right now control port, and we'll say 9 0 5 1. That's a default. We're opening up a port to our
monitoring service and then cookie that may be hungry. As I said,
that authentication one, allowing it to authenticate with the
cookie that we're currently using on our server here. Basically not
having to use a password. There is another option to use a password. I'm not going to worry about that
right now. Now this is all we need. I'm going to hit control X, Y enter to
save. My configuration is ready to go. We're almost there. I'm going to do two
things. First, I'll do system C, TL, enable tor. This will enable TOR as a service or a
Damon so it can run on the background. And then we'll do system
CTL, restart tour, and that's it. So right now,
currently tour should be running. Let's just make sure we'll do
a system, CTL status tour. Yep. If you see active and enabled
and everything looks good
like that, you're solid. But now let's get some
actual visualization. I want
to see what's happening. For that. We're going to install a
program called Nix or N-Y-X-A-P-T Install nix, very simple. It's going to install
in a few moments. Little coffee break, not too long, and it's done. And now
we have to do is type in NYX or nix. And we are visualizing our
TOR relay. Now I love this. And just a couple of things
you can see right off the bat, you can see your TOR name, IP address, the control port and
authentication method. You can see that your TOR
version is recommended. See how much CPU and stuff
you're using. Love it. Even your PID and your uptime. Beautiful
graphs on the download and upload. Love that. And then the best thing I think is right
here you can see your restrictions you put on bandwidth. So we have the total amount used versus
what we set and then when it's going to reset. And then just in case you were
worried about it, exit policy reject. We're not doing exit nodes at all. We're
not doing that. We're good. We're good. Don't worry about it buddy. Now
while we're sitting here in Nick's, we can hit the M key on our
keyboard and access the menu. And if we scroll over to view
with our directional keys, we can look at different things like
the connections and we actually start to see the circuits. Look at that
guard, middle end. It's so cool. These are all our connections. We can change our view to our config
and see every option that we have configured. So you can just kind of make sure you
did everything right and then the exit just hit control C. That
doesn't stop tour from running. That just stops you from
visualizing it with Nix. Now I want to jump back in there and
show you one more thing. Notice up here, this is kind of the lifecycle of
a tour relay because like I said, you will graduate to Gar node
eventually if you're awesome. But how do you become awesome?
How do you know if you're awesome? It's by the flags. It's always about
flags. I don't know why I said right here, we have no flags. We're fresh. We're
a newborn baby, we're a middle child. This will change over time. Now I've been running a couple tour nodes
in the cloud for a minute and then go bring them up on this one. I have
a running flag and I'm valid. And that came from just leading it up
for a minute. It tested my bandwidth, made sure I was reliable.
And here's another one, which
I've got a special flag. Dude, I'm fast. How nice is that? Your tour relay will actually go
through a lifecycle. Initially, it's really not being
used for much. In fact, the first three days you're just
waiting for a bandwidth measurement. And phase two remote measurement days
three to eight, you're operating, you're a middle child. You don't have the 20 kilobyte cap
like you do in the initial phase, first phase, and you'll attract more
traffic, but you're limited because hey, you're still the middle child. Now things
get exciting in days eight through 68, and this is a, maybe they're going to look at your
bandwidth weighted fractional uptime, time known basically variables to see
how good you are. And if you're good, you'll get that guard flag.
You'll be that first top. And once you've been a guard for 68
or more days where you reach kind of a steady state, you're a veteran, you're an amazing contributor to the
dark web and helping people around the world stand anonymous and safe, please
comment below and say, Hey, yeah, I set up a tor relay. I'm in the
cloud. I think it's cool what this is. I like the idea. And sure, the dark
web can be used for bad things, but I think it's mostly used for good
things. It's all about your motive. And I know my motive here in supporting
the tour project and running a relay is to help people stay safe and private and
anonymous. I'll see you guys next time.