Published on July 16th, 2017 | by Manish Gehlot0
How to register and connect to an IRC network like Freenode anonymously?
How would we define anonymity on an IRC Network?
It would be the ability to be able to connect without giving your real identity (like IP, true name and other identifiers).
Answer to your question is a Bouncer or ZNC service that is self-hosted or bought from a Premium provider that respects your privacy.
ZNC is Free/Libre Bouncer that acts like a proxy, it connects to an IRC Network for you and stays connected as per your instructions and then you connect to it whenever you need to get on that particular IRC Network. It is a cool way of not losing any conversations and has support for multiple devices including cellphones.
So, it goes like this
You – Tor – ZNC – Freenode
- A proper IRC client like Hexchat (we would be using it in this post).
- Tor or VPN – Tor w/e you trust more. (Tor is not bullet proof at all just like your VPN server but is better anonymity tool though very slow)
- A self-hosted ZNC server (There are a lot of free ZNC providers just in case you do not plan to host your own, some good ZNC providers that I have personally help setup that respect your privacy are znc.fogelholk.se and znc.quoque.ru, although a good list of them is available at https://wiki.znc.in/Providers ).
Lets take the example of Freenode, it bans tor from time to time to avoid abuse and as of now tor is completely banned. What to do about it?
$ sudo aptitude install hexchat
Open Hexchat and tick “Skip network list on startup” like shown below
Close and reopen Hexchat and now from Menu – click Settings – Preferences – Network – Network Setup and input details as shown in the picture below, remember to put Port 9050 if you are using Tor as Service, Port 9150 is for Tor Browser
Click OK, now lets make Hexchat not give some of the information it does not by error but as a matter of basic IRC functions. In order to be able to do so we can do a lot of things. The function that might leak some of the information about you is CTCP.
Try CTCP-ing others on IRC like
/ctcp kingkong version
/ctcp kingkong time
This would tell you the IRC Client’s version with name and the time that is being supplied to my IRC client by the system. So how is it harmful? An attacker might be having knowledge of known vulnerability in your Host OS and Client which is leaked by CTCP version, so it is better not to give it away just like that. Also if I know your exact time and if your IP claims to be from Moldova owing to maybe use of a VPN product then also you are openly busted.
So, I would recommend you to either ignore the CTCP by * or everybody or to do as follows:
/set irc_hide_version 1
This would hide the version information.
Now, we have to deal with the time thing now. From Menu, select Settings – CTCP replies and then remove “%t” from time and make it exactly as in the picture below:
Now you have Add a New Network which is your ZNC ‘s server address as follows:
You have to input USERNAME/NETWORK:PASSWORD in “Password:” text input box below /PASS as seem in the above picture and hit Close.
If you are wondering where do you get the USERNAME from? Then it is the username of the ZNC account and has nothing to do with the nickname of the Network to have added to the ZNC, also same goes for the password, it is the password of the ZNC.
So, for example if I have to add Freenode that I named FN ZNC’s settings while adding a network, and if my USERNAME for ZNC is kingkong and my password is king$# , then I would add kingkong/FN:king$# to the “Password:” text input box as seen above.
Now, re-visit the Network List from Menu – Select ZNC Network – Connect, it should work fine.
I know, you must be asking, how do you connect to Networks directly in case things go wrong with ZNC, esp. when an IRC network hates Tor? It is very simple, Add a New Network just like you did this and tick the Bypass proxy server option, what it does is instructs Hexchat to ignore the Tor’s SOCK5 proxy and make a connection directly. So, for example you can still connect to Freenode when your ZNC is down and you need to connect to a community for emergency talks etc.
Why do we need a ZNC when Tor is accepted by Freenode or OFTC like networks just fine?
While Tor-SASL connection are accepted by Freenode, but it is only available for registered users. Also requires you to configure your freenode account over regular connection first with certificate for signing into your account using a private key. You could surely use it. But since Freenode or other network’s Tor .onion addresses are either too slow and causes higher latency and most of the time Tor access is blocked owing to its abuse by bad guys, ZNC helps. Also ZNC comes with multiple client support.