Bitlbee

Fonte: wirelesspt.net

Bitlbee brings IM (instant messaging) to IRC clients. It's a great solution for people who have an IRC client running all the time and don't want to run an additional MSN/AIM/whatever client.

Bitlbee currently supports the following IM networks/protocols: XMPP/Jabber (including Google Talk and Hipchat), MSN/Skype, Yahoo! Messenger, AIM and ICQ, the Twitter micro blogging network (plus all other Twitter API compatible services like status.net)

There are also plugins for facebook and steam, and you can use libpurple to get even more protocols. See the wiki for a full list.

Setting up Bitlbee IRC IM gateway server from basic setup to SSL enhanced Tor network configuration.

The following will provide you the possibility of of chatting through IRC to other chat protocols like msn, yahoo, jabber and more in simple, secure, and anonymous way.

Required software

Bitlbee setup

It is highly recommended that Bitlbee runs with it's own specific user and that you do not use your distro package management system to install it. While there is no technical problems in using package management to install Bitlbee; there are some potential security concerns to have into to account.

Creating the user for your box as user root: 

useradd -m -s /bin/bash Bitlbee
password Bitlbee

Password: (Enter the password for Bitlbee) Re-enter password: (Re-enter the password to verify)

Installing Bitlbee

As the user, go into Bitlbee /home/ directory where the setup will be done. 

cd /home/Bitlbee
  • Download the latest installation package from here.
wget http://get.Bitlbee.org/src/Bitlbee-3.6.tar.gz
  • Extract the setup package
tar -xzvf Bitlbee-*
  • Go into the installation files directory
cd Bitlbee-3.6
  • Compile and prepare the binary setup:
./configure --prefix=/home/Bitlbee/server --bindir=/home/Bitlbee/server/sbin --etcdir=/home/Bitlbee/server/etc --mandir=/home/Bitlbee/server/man --datadir=/home/Bitlbee/server/data --config=/home/Bitlbee/server --plugindir=/home/Bitlbee/server/plugins --pidfile=/home/Bitlbee/server/Bitlbee.pid --ipcsocket=/home/Bitlbee/server/Bitlbee.sock --ssl=gnutls --yahoo=1 --oscar=1 --msn=1 --plugins=1 --purple=1 --otr=1 --asan=0

Which will give you the following setup: 

Configuration done:
Debugging disabled.
Binary stripping enabled.
Off-the-Record (OTR) Messaging enabled.
Using event handler: glib
Using SSL library: gnutls
Building with these storage backends: xml
Building with these protocols: msn jabber oscar yahoo twitter
Make the installation files
  • Start the make process:
make
  • Finalize and complete the installation setup
make install

Bitlbee is now installed and ready to configure in your own liking.

Configuring file

You will have to create a configuration file for each setup that you will use. The following is a basic example: 

## Bitlbee default configuration file
##
## Comments are marked like this. The rest of the file is INI-style. The
## comments should tell you enough about what all settings mean.
## 

## RunMode:
##
##  Inetd -- Run from inetd (default)
##  Daemon -- Run as a stand-alone daemon -- EXPERIMENTAL! Bitlbee is not yet
##    stable enough to serve lots of users from one process. Because of this
##    and other reasons, the use of daemon-mode is *STRONGLY* discouraged,
##    don't even *think* of reporting bugs when you use this.
##

To be used with xinetd
RunMode = xinetd

## DaemonPort/DaemonInterface:
##
## For RunMode=Daemon, here you can specify on what interface and port the
## daemon should be listening for connections.
##
# DaemonInterface = 0.0.0.0
# DaemonPort = 6667 

## AuthMode
##
##  Open -- Accept connections from anyone, use NickServ for user authentication.
##    (default)
##  Closed -- Require authorization (using the PASS command during login) before
##    allowing the user to connect at all.
##  Registered -- Only allow registered users to use this server; this disables
##    the register- and the account command until the user identifies himself.
##

AuthMode = open

## AuthPassword
##
## Password the user should enter when logging into a closed Bitlbee server.
##
# AuthPassword = ItllBeBitlBee   ## Heh.. Our slogan. ;-)
 
AuthPassword = <your chosen password>
 
## HostName
##
## Normally, Bitlbee gets a hostname using getsockname(). If you have a nicer
## alias for your Bitlbee daemon, you can set it here and Bitlbee will identify
## itself with that name instead. Leave it commented out if you want Bitlbee to
## use getsockname() to get a hostname.
##
 
HostName = Bitlbee.wirelesspt.net
 
## MotdFile
##
## Specify an alternative MOTD (Message Of The Day) file. Default value depends
## on the --etcdir argument to configure.
##
 
MotdFile = /home/Bitlbee/motd.txt
 
## ConfigDir
##
## Specify an alternative directory to store all the per-user configuration
## files. (.nicks/.accounts)
##
 
ConfigDir = /home/Bitlbee/accounts 

## Ping settings
##
## Bitlbee can send PING requests to the client to check whether it's still
## alive. This is not very useful on local servers, but it does make sense
## when most clients connect to the server over a real network interface.
## (Public servers) Pinging the clients will make sure the lost 
## ones are detected and cleaned up sooner.
##
## PING requests are sent every PingInterval seconds. If no PONG reply has
## been received for PingTimeOut seconds, Bitlbee aborts the connection.
##
## To disable the pinging, set at least one of these to 0.
##

PingInterval = 180
PingTimeOut = 300

## Using proxy server for outgoing connections
####
## If you're running Bitlbee on a host which is behind a restrictive firewall
## and a proxy server, you can tell Bitlbee to use that proxy server here.
## The setting has to be a URL, formatted like one of these examples:
##
## (Obviously, the username and password are optional)
##
## Proxy = http://john:doe@proxy.localnet.com:8080
## Proxy = socks4://socksproxy.localnet.com
## Proxy = socks5://socksproxy.localnet.com

To be used with tor setup for anonymous proxy support. Comment it if you don't want it.
Proxy = socks5://127.0.0.1:9050 

## Here you can override the defaults for some per-user settings. Users are
## still able to override your defaults, so this is not a way to restrict
## your users...

## To enable private mode by default, for example: 
private = 1

Enhanced SSLTor setup

Bitlbee at the time of this documentation does not offer ssl support but following will allow you to run Bitlbee with ssl and tor support together or separately.

You will need 3 third party software packages was explained previously and you will need to create three separate Bitlbee configuration files like in this example: 

Bitlbee.conf (simple setup. no ssl or tor support)
bitblee-ssl.conf (enhanced setup with ssl support)
Bitlbee-ssl-tor.conf (full encrypted & anonymous setup)

You will need to know how to setup tor; stunnel and xinetd.

Stunnel configuration

After creating each of these configuration files with their specific configuration needs in /home/bitblee, it is time to create the stunnel setup for ssl Bitlbee support.

Inside your /etc/stunnel/stunnel.conf you should add a similar entry:

  • Edit the file:
nano -w  /etc/stunnel/stunnel.conf

And add: 

[bitlebee-ssl]
client = no
accept  = <local-ip>:7001
connect = <local-ip>:7002

[bitlebee-ssl-tor]
client = no
accept  = <local-ip>:7001
connect = <local-ip>:7003

Local-ip should be the box ip if you want it to be accessible from the Internet or simply localhost (127.0.0.1) if you want it just to be used by you. In the end save the file and reload or restart stunnel. You can also just add one entry for both services.

Xinetd configuration

To conclude the setup we need now to configure xinetd to run Bitlbee configuration files and for each service we want bitlebee run we should also create three matching configuration files inside.

  • Move into the xinetd directory:
cd /etc/xinetd.d/
  • Create the basic configuration file without ssl:
nano -w  Bitlbee

service Bitlbee
{
     socket_type     = stream
     protocol        = tcp
     wait            = no

     ## You most likely want to change these two
     user            = Bitlbee
     server          = /home/Bitlbee/sbin/Bitlbee
     log_type        = FILE /var/log/bitlebee.log

     ## You might want to limit access to localhost only:
     # bind            = 127.0.0.1

     type            = UNLISTED
     port            = 7000
     bind            = <local-ip>
     disable         = no
}
  • Create the ssl configuration file:
nano -w  Bitlbee-ssl

service Bitlbee-ssl
{
     socket_type     = stream
     protocol        = tcp
     wait            = no

     ## You most likely want to change these two
     user            = Bitlbee
     server          = /home/Bitlbee/sbin/Bitlbee
     server_args     = /home/Bitlbee/sbin/Bitlbee -r /home/Bitlbee/Bitlbee-ssl.conf
     log_type        = FILE /var/log/bitlebee.log

     ## You might want to limit access to localhost only:
     bind            = <local-ip>

     ## Thanks a lot to friedman@splode.com for telling us about the type
     ## argument, so now this file can be used without having to edit
     ## /etc/services too.
     type            = UNLISTED
     port            = 7002
     disable         = no
}
  • Create the ssl configuration file:
nano -w  Bitlbee-ssl-tor

service Bitlbee-ssl-tor
{
     socket_type     = stream
     protocol        = tcp
     wait            = no

     ## You most likely want to change these two
     user            = Bitlbee
     server          = /home/Bitlbee/sbin/Bitlbee
     server_args     = /home/Bitlbee/Bitlbee-ssl-tor.conf
     log_type        = FILE /var/log/bitlebee.log

     ## You might want to limit access to localhost only:
     bind            = <local-ip>

     type            = UNLISTED
     port            = 7003
     disable         = no
}
  • Reload and or restart xinetd and you will see in your logs the following:
xinetd[14539]: Reading included configuration file: /etc/xinetd.d/Bitlbee [file=/etc/xinetd.d/Bitlbee] [line=12]
xinetd[14539]: Reading included configuration file: /etc/xinetd.d/Bitlbee-ssl [file=/etc/xinetd.d/Bitlbee-ssl] [line=28]
xinetd[14539]: Reading included configuration file: /etc/xinetd.d/Bitlbee-ssl-tor [file=/etc/xinetd.d/Bitlbee-ssl-tor] [line=27]

xinetd[14539]: readjusting service Bitlbee
xinetd[14539]: readjusting service Bitlbee-ssl
xinetd[14539]: readjusting service Bitlbee-ssl-tor
  • Check if all Bitlbee ports are open and running:
netstat -nap | grep 700

And you will get something like: 

tcp        0      0 <local-ip>:7000           0.0.0.0:*               LISTEN      14539/xinetd        
tcp        0      0 <local-ip>:7001           0.0.0.0:*               LISTEN      14909/stunnel       
tcp        0      0 <local-ip>:7002           0.0.0.0:*               LISTEN      14539/xinetd
tcp        0      0 <local-ip>:7003           0.0.0.0:*               LISTEN      14539/xinetd

Conclusion

With kind of setup you will be able to connect to Bitlbee using a secure ssl connection to your box. After connection to your bitbee box; the gateways will route your IM chosen protocols through the tor onion anonymous network middle man nodes and will exit in any available exit tor nodes.

Whoever receives your connection at the end will only see and connect to the exit node ip used by tor without the possibility of seeing where you are actually connection from or where you are.

Using Bitlbee with tor is an excellent way to using many other instant messaging protocols that are known to track their clients; without being able to track them and provide the user will full anonymous service either to the protocol service or the receiving end user.

Links

Editor

cmsv

Obtida de "https://wirelesspt.net/wiki/index.php?title=Bitlbee&oldid=11233"