Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
communication:mumble [2013/07/13 05:59] – created samthetechie | connect:contact:mumble [2022/05/08 11:42] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ======Mumble====== | + | {{ : |
- | Credit/ | + | ======Mumble |
+ | * Mumble is an open source project intended for gaming, but which can also siphon all voice traffic over TCP exclusively and also run well without much bandwidth. | ||
- | Mumble, on the other hand, is an open source project intended for gaming, but which can also siphon all voice traffic over TCP exclusively and also run well without much bandwidth (presumably to leave more bandwidth for WoW raids). | + | * The fact that it’s designed for low-bandwidth situations also makes it ideal for being bounced around in encrypted chunks across the global Tor network. |
- | Mumble is set up as a client and a server, with the client being the thing you talk to on your computer and the server offering the connection between computers wanting to talk. There’s many servers on the public internet to connect | + | * Mumble is set up as a client and a server, with the client being the thing you talk to on your computer and the server offering the connection between computers wanting to talk. |
+ | |||
+ | * Mumble does **not** provide end to end encryption between the clients, i.e. the server has access | ||
=====Step 1: Set up a Mumble Server===== | =====Step 1: Set up a Mumble Server===== | ||
- | For simplicity’s sake, we’ll be using an Amazon EC2 instance. If you’re planning to chat with Julian Assange, I’d highly recommend using a dedicated server in Iceland | + | * Install Ubuntu |
- | The process of creating an EC2 instance can easily be found by searching Google DuckDuckGo, so we’ll assume that you’ve already created an Ubuntu | + | * From this point the guide assumes |
- | ====Install the mumble server software:==== | + | * Install the mumble server software: |
$ sudo apt-get update | $ sudo apt-get update | ||
Line 20: | Line 23: | ||
$ sudo dpkg-reconfigure mumble-server | $ sudo dpkg-reconfigure mumble-server | ||
- | For the prompts that ensue, say yes to autostart and high priority and set up an administrator password of your choice, | + | * For the prompts that ensue, say yes to autostart and high priority and set up an administrator password of your choice, |
+ | |||
+ | * Make sure your firewall has TCP rules to allow inbound traffic on the port Mumble is using (default is 64738). | ||
+ | |||
+ | * Note for advanced users (consider running the mumble server as a tor hidden service). More information: | ||
+ | |||
+ | =====Step 2: Set up Tor===== | ||
+ | |||
+ | * Download the [[https:// | ||
+ | |||
+ | * Search for "what is my ip" to obtain your public IP address. After you’ve made note of that, start up the Tor Browser. | ||
+ | |||
+ | * From the firefox instance opened when launching the Tor Browser Bundle, Search for "what is my ip" again or click "Test Tor Network Settings" | ||
+ | |||
+ | =====Step 3: Set up Mumble Client===== | ||
+ | |||
+ | * Download the [[http:// | ||
+ | |||
+ | * In Mumble, go to Configure > Settings > Network and make sure “Advanced" | ||
+ | |||
+ | {{https:// | ||
+ | |||
+ | * Under Proxy, choose “SOCKS5 proxy" and enter “Localhost" | ||
- | Possibly optional* but do it anyway: In your AWS console, configure your security group and add some custom TCP (but not UDP) rules to allow inbound traffic on the port Mumble is using (default is 64738). This will leave other ports and UDP traffic in general unallowed | + | |
- | ====Step 2: Set up Tor==== | + | * Hence, unless your OS is fully torified, you need to invoke Mumble with __torsocks__ (see [[documentation/ |
+ | * usewithtor mumble | ||
+ | * proxychains4 mumble | ||
+ | * check for success by watching the network, e.g. running " | ||
- | Tor is a program that can be installed on Windows PCs, Macs, Linux haxor machines and uber-leet haxor Nokia N900s. Download the Tor browser bundle | + | * Unchecking “Reconnect automatically," will prevent Mumble from attempting to reconnect unsecurely if, for any reason, the tor service stops. |
- | Use IP Chicken to check your public IP address. After you’ve made note of that, start up the Tor Browser, give it a minute or two to kick in and check IP Chicken inside the Tor browser again. Now your IP address in the Tor browser should be that of a random Tor exit node. Success! | + | * Also check “Suppress certificate |
- | ====Step 3: Set up Mumble Client==== | + | {{https:// |
- | Like Tor, Mumble can probably also run on your computer unless you use a D-Wave quantum computer or Commodore 64. Download the Mumble client for your system and install it. The first time you run Mumble it will ask you to go through an audio tuning wizard, so do that and fine-tune your audio settings as much as you’d like. | + | =====Step 4: Call Your Friends!===== |
- | In Mumble, go to Configure | + | * Now that you have Mumble |
- | [[https:// | + | * Use whatever label you want to name the server with and whatever username you want to make up. |
- | Under Proxy, choose “SOCKS5 proxy" and enter “Localhost" | + | * A Mumble chatroom is basically a group voice chat, much like a conference call but without a phone system. |
- | [[https:// | + | * Your chat will be encrypted using TLS with 256-bit AES-SHA for the control channel and 128-bit OCB-AES for voice. |
- | ====Step | + | =====Step |
- | Now that you have Mumble | + | * Since we have our own Mumble |
- | ====Step 5: Audit for Shenanigans==== | + | * Incoming connections are logged in / |
- | Since we have our own Mumble server, we can take a peek at the logs and see what sort of IP addresses have been recorded. Incoming connections are logged in / | + | * If you run “tail |
< | < | ||
Line 60: | Line 88: | ||
< | < | ||
- | Generally, clients generate their own certificates, | + | * Generally, clients generate their own certificates, |
- | [[https:// | + | {{https:// |
- | The lack of any real-world personal information is great for anonymity, but a lot of commercial Mumble servers will require a certificate issued by a certificate authority, which normally entails forking over personal details, and would thus defeat the purpose of this exercise and why Step 1 is particularly useful for anonymity. | + | * The lack of any real-world personal information is great for anonymity, but a lot of commercial Mumble servers will require a certificate issued by a certificate authority, which normally entails forking over personal details. |
- | * There might be a UDP “ping" | + | |
- | ** According to this leaked document, they’ll be easy to spot since they apparently look like cartoon animals dressed in intensely 90s regalia. | + | Credit/ |