AEGIS — Exit TOR via someone else's NAT

Copyright © Piotr Durlej


(image by John Bauer, 1915)

Bany na współdzielone IP użytkownikom korzystanie utrudniają.

Bany na współdzielone IP cele Trolli realizują.

Trolle adminom forum za bany szczerze bez ironii dziekują.

Legal warning

WARNING: Unauthorized network access may put you in legal trouble. Always make sure you are authorized to access the NAT in question. If in doubt, ask for permission, or seek professional legal advice before accessing someone else's network.

Please keep in mind that it is beyond the scope of the AEGIS software to determine whether the network access you exercise is legitimate or not.

Copyright

AEGIS is copyrighted, proprietary software, and must be properly licensed by the copyright holder.

AEGIS is currently NOT open-source software.

Purpose

Stay ahead of the cybercriminals, verify vulnerabilities and improve your network security awareness.

Masquerade yourself by routing your TOR exit traffic via someone else's NAT.

Access the Internet via TOR without revealing that you are using TOR.

Advantages

Advantages of AEGIS over plain TOR:

AEGIS comes preconfigured with a default configuration of nearly 20 NATs operated by various, presumably unsuspecting third parties to choose from.

AEGIS configuration can be easily extended with additional NATs using a simple plain text configuration file (one NAT per row — NAT address and an user-defined name).

A crucial point is that the NAT owners/operators were not and are not knowingly involved in the AEGIS project. Most importantly, in all likelihood, they are not aware that they are forwarding AEGIS traffic.

Getting

Contact the author for the source code, executable binaries, system configuration files, preconfigured hardware, support, etc.

Building

AEGIS can be build on a default OpenBSD 7.0/amd64 installation.

No packages are needed to build AEGIS.

To build AEGIS:

  1. Get the AEGIS source code
  2. Change into the AEGIS source code directory
  3. Type make

Hardware recommendation

Installation on a dedicated machine is highly recommended. The default configuration files are suitable for a PC Engines APU2 with re(4) network interfaces. Newer APU models have em(4) interfaces, and will need some minor configuration file changes.

AEGIS runs on commodity hardware, including the inostensible SOHO router-sized PC Engines APU:

Installation from the source code

WARNING: This will overwrite some system configuration files. If you do not want the system configuration files to be overwritten, skip the make install-sysconf step, and apply the configuration manually instead.

To install AEGIS from the source code:

  1. Install OpenBSD 7.0/amd64 on a dedicated machine with at least two Ethernet ports
  2. Highly recommended step: syspatch(8) the operating system and reboot
  3. Get the AEGIS source code onto the machine
  4. Change into the AEGIS source code directory
  5. If your WAN interface is not re0 or your LAN interface is not re1, modify the Makefile and edit files in etc directory accordingly
  6. Type pkg_add tor to install TOR
  7. Type make install
  8. Type make install-sysconf
  9. Reboot the system

Using

WARNING: Unauthorized network access may put you in legal trouble. Always make sure you are authorized to access the NAT in question. If in doubt, ask for permission, or seek professional legal advice before accessing someone else's network.

To use AEGIS:

  1. Connect the AEGIS WAN interface to a network with clearnet Internet access (DHCP is required)
  2. Connect the AEGIS LAN interface to your laptop/router/access point (AEGIS provides DHCP, NTP and tunneled DNS and Internet access on the LAN port)
  3. Login to AEGIS via SSH as root. The LAN IP address of AEGIS is 192.168.0.1
  4. Type idnat to identify the available NATs
  5. Whenever you want to switch to a new NAT, type newnat NAME
  6. If you want to disable NAT access and exit via TOR exit-nodes, type newnat direct