How To Be Anonymous Online by ChintanGurjar

VIEWS: 928 PAGES: 27

More Info
									Digging Deep The
- A Perfect Solution For Being Anonymous

Chintan Gurjar
Vikas Roy

• Hack yourself before going outside for hacking
   •   Generally when you visit server or site, it has an ability to grab much
       information about you. In sometimes people do not want to leave their traces
       on the server or site. But before digging into the solution of anonymity lets have
       some information about the server that which type of information it collects
       from user.
• Which information can server grab from your system when you visit
   •   As I have said earlier that you have to check yourself that are you secure? Can
       anybody hack into your system? There are many ways of checking this, but here
       I am pointing out some of the basic but very effective ways of it.
       Picking The Right VPN & Proxy Servers

• Tracking Cookies
       • Now a day’s all websites are having TRACKABLE COOKIES.
       • What is that - They are the type of cookies which enable the website?
       • It is happening because they can obtain normal or sensitive information from
         visitors to the owner of the website.
• VPN & Proxy Servers
  1.      proXPN                    5.     Myths & Realities About TOR
  2.      JonDonym                  6.     OpenProxy
  3.      HIMACHI Setup             7.     PAC files
  4.      Ultasurf                  8.     Setting Proxy To Tools
   Use of Encrypted Emails and Chat Services

• Email Encryption
        1.   GPG
        2.   PGP
        3.   sbwave Email Encryption
        4.   hushmail Email Encryption
• Instant Chat Encryption
        1. X-IM Encrypted Instant Messaging
        2. PSST Encrypted Instant Messaging
                Find Your Real Time Trackers

• Introduction
          In this cut throat competition, the number of the advertisement companies
gone high. They are into money making policy this is the reason that you are being
targeted often and often by their advertisements. Whenever you visit any site, from
your HTTP request, the site on which you have visited is making other sites aware of
your coming. After that they will receive the HTTP request header and they will send
advertisement on you.
• What Is Collusion?
          There is one beautiful add-on for Firefox named Collusion. The reason that
   why I am giving so much importance to this add-on is that this add-on is created by
   Mozilla. It shows your real time trackers.
            Incognito Support of Browser For User

   • Truth About Incognito
               It doesn’t store Webpages’ information which you have surfed on the
internet as well as the cached files. It also doesn’t keep downloading history recorded if you
have downloaded something then. Cookies will be automatically deleted when you close
the browser.
   • Limitations of Incognito
              There is one beautiful add-on for Firefox named Collusion. The reason that
       why I am giving so much importance to this add-on is that this add-on is created by
       Mozilla. It shows your real time trackers.
       Is Google Tracking A Big Issue For You?

• Google Privacy Ethics Information
• Data We Give To Google Directly
• Data We Give To Google Indirectly
  1.   Logs
  2.   Geolocation
  3.   Device Information
  4.   Unique Application Number
• How To Stop Google Tracking
  1.   Use Of Plugings
  2.   List of the best plugins – DNT, AdBlock, Adsweep, Ghostery, Disconnect etc..
  3.   Do Not Track Plus – Brief Explanation
  4.   Disconnect – Brief Explanation
 Is Social Media Tracking A Big Issue For You?

• Not only the Facebook, but I am damn sure that every social media is tracking your each and
  every move online. The Plugin DNT+ ( Do Not Track Plus ) has identified that Facebook is has
  more than 200 trackers( Advertising Companies & Much More ) who are watching your activity
• These trackers can come to your browser in a manner of cookies, iFrames, Javascrit, flash and
  much more. Cookies are the elements which come to your browser and thus it comes to your
  system. It anonymously tacks your background and current interest and passes those signals to
  the advertisers who want to target you. This is all about social media as well as Facebook direct
  advertisement methodology.
• If you do not go to Facebook or other social media then you can be targeted with Facebook’s
  LIKE button, Google+ +1’s button, Twitter tweet’s button and much more.
• So this is really an issue that has to be solved for not only the Facebook but all the social
  networking sites.
                    Uniqueness Of The Browser

• Introduction
   •   Panopticlick is one project in which it identifies the uniqueness of client’s browser. It assures
       client that the data which will be collected will be in anonymous form. From the data it can be
       measured that how unique your browser is or how much your browser is predictable.
• Normal Data Collection - Computer Configuration, OS, Browser Information, Plugin
• Rough Data Collection - User agent string of browser, HTTP accept headers, Color Depth
   of screen, Screen resolution, Time zone set at the client side, Fonts installed to the computer
• Live Testing of The Uniqueness of the browser
• Purpose Of This Project - By testing the browser, we can identify that how much my
   system or browser is track able. Which information does my browser shares with the sites which I
   visit? So we can fix that.
                             Fake Identity Generators

    • Introduction
    • Why It Is Needed ?
                           Being anonymous is not an easy task. It won’t help you out in every forms of the
web. So in those cases you need to register on website or you need to create your Fake Identity. This is very
interesting and real world way to make fool web forums.

    • Also Do Book Reading Of Real Life Anonymity
      - Disappearing In Your Real Life

    • Websites For Generating Fake Identity
        • – For Advance Use
        • – For Basic Use
                     Alternate Device Connection

   • Introduction
                       Always use someone else’s connection of the internet. It is the best
way to hide your ass. Because logically it is more secure. When you are connected to your
nearest cafe’s, schools’ and library’s connection, you are login into the website using their
IP address. Not your own one. So it is completely anonymous.
        Removing Metadata From Your Media Files

   • Introduction
                      Some people post their videos and pictures online which they have
taken form their digital camera. Do not forget to remove metadata from your media files.
Metadata contains a lot of information of your system, OS, Username and much more.
Many cameras as well as new phones which are having digital camera inbuilt, they are
leaving their signatures in terms of data collection of their device info and pic info. When
you post those photos online anyone with some 3rd party tool can extract your Meta data.
And for that FOCA is very good tool, which you already know. Thus your identity can be
FOCA Metadata Extraction Demo
                 Using Temporary Email Service

•   Introduction
            There is lots of website who wants your email address for their spamming.
Avoid those kind of spam by implementing your free non-regular yahoo, Gmail or
Hotmail email address. But the real privacy you will only get by using Disposable Email
services. They are 100% complete anonymous.
• Advantages of them
    1.   No Authentication Required.
    2.   Provides freedom to choose any name.
    3.   No Protocols.
    4.   Easy access & maintain.                                   Websites
    5.   Hides your real identity.                       
    6.   Avoids Spam.                                    
    7.   Maintain Anonymity.                             
     Clearing Tracks From Your Physical Device

•   Introduction
•   Ways of Removing Traces From Your Storage Media
       1.   Use Peter Guttman’s Method
       2.   Tool – Eraser (Windows Platform)
       3.   US DOD Method
       4.   Dirks’ Boot And Nuke Method
       5.   Physical Destruction Method
•   Other Tools
            Windows: Microsoft SDelete, Wife File, Delete on Click
            Linux: Wipe Package from UBUNTU
            MAC OS X: SRM, Permanent Eraser.
                  Crypting Data Which You Have

•   Introduction
    There are ton of hard disk crypters available on the internet. Use them. Online hard disk crypters are
    also very handy and important.
•   Cryptography’s 3 parts
        1.   Communication Encryption
             • Network Encryption - Generic
             • Phone Encryption – Nautilus
             • Session Encryption – SSH
             •     Email Encryption - PGP
        2.   Database Encryption
        3.   File – Folder - Harddisk Encryption
                       7-Zip , AxCrypt , True Crypt, Sophos Free Encryption, Cryptext, Sofonica Folder
             Soldier, Disk Utility – For Mac Users, Safe Hous Explorer, dsCrypt, Rohos Mini Drive, Free
             TFE Explorer – For Windows and Unix Users, Remora USB File Guard, GNU Privacy Guard
                                 TrueCrypt - Explained

    •    Introduction
                 This tool is the ever best tool for encryption. It is for establishing as well as maintaining on
the air encrypted volume. On the air encryption means data is automatically encrypted when you save the
data and vice versa it is decrypted when you are loaded. There won’t be any data which can be readable and
which is encrypted. Without using the correct password it won’t be available for reading data.

    •    Future Of This Software
         •   Software developers of this company are thinking to implement such things which can encrypt
             whole hard disk drive.
         •   There will be command line options available for the volume creation.
      Things To Do With Your Real Account

• Never do any suspicious activity with your original account which you are
  given to your library, school, café or university.

• If you do any suspicious acts in terms of hacking, then it must be either
  deleted after done and encrypted while doing.

• Of course you are not permitted to leave you’re tut (Txt PDF DOC PPT),
  tools and web history on that account after your goal gets finished.
               Understanding And Clearing Logs

•   Introduction
    One must keep in mind before deleting the log files of the server. By deleting log files of server you
    are indirectly telling system administrator that you or someone has hacked into his or her system.
    It’s better to modify it rather to delete a complete log file. Text file on the server or .log files on the
    server are easily editable, but for the binary log files you will need to have an editor to modify it.
    Here is a list of something that should not be missed out by at the time of clearing your log files.

•   Identify & Analyze
        1.   UTMP
        2.   BTMP
        3.   WTMP
        4.   Lastlog
        5.   Linux Server Log Files
                 Using Best Firewall For Your System

    •   Introduction
                  Security should not be up to the Application layer. What about the network layer security?
If you are connected to the internet then there is always a risk factor of your data breach, system
compromised anything. As you are aware that, Now a days DDOS attack is very much widely used attack.
The hacker who generates auto spreading bot is not only the one who hacks the application, many thousands
of compromised systems who are acting as BOTS are also the part of attack. So these were all about the
attack. So here is all about those firewalls which can protect you on the internet. Indirectly it also helps to
keep you anonymous. So that, you cannot be affected by hackers.
    •   What Hacker Does?
                  He will try to “SPOOF” the IP address from the entry of the packets sent to your system.
Your system will allow it to execute to in your computer / Laptop without any further criteria. Thus hacker is
able to gain the whole session of your computer. He can breach the data and make your PC to do that what
he/she (hacker) likes. She/he does this through sending instruction to your computer.
          Using Best Firewall For Your System Cont..

    •   Here Comes Firewall
                  It protects your computer from being executing hostile instructions. In organizations many
systems are connected internally in LAN and they all are connected to the internet. Firewall enables the
system administrators to let him select the systems to be connected to the internet. It enables funneling –
Means keeping aside the non – valid users or the non – authorized users. It gives alert when suspicious
activity occurs. Thus if any hackers is going to install a RAT in your PC it gives alert, this is just a small
example, if you are being tracked then you can even identify that with the analysis of the packets, which is a
feature of major firewalls. It shows which services are working on which port and other Meta data.
                       Using Of Anonym.OS Live CD

    •   Introduction
                 This OS is the best OS ever I have seen developed by Kaos.Theory Security Research. This
OS is on Bootable CD. It has a many level of privacy which many security professionals and professional
hackers are using. But the impact of this Live CD is that it is provided with a good user interface. The name
‘Anonym’ itself giving the meaning of privacy, It is a perfect solution for using computer or your laptop
without touching or using your hard disk. So it doesn’t allow user to leave traces knowingly or unknowingly.
In openBSD operating system, researchers says that this OS the one of the best and advance security
operating system. The ambition of this project is to provide anonymous as well as secure web surfing.

Download Link -
                          Using Of OccupyOS Live CD

    •   Introduction
                  This OS is designed for those activists who wants to be anonymous, who wants to maintain
their privacy during the internet. By the use of this OS they can create, publish documents as well as they can
manage websites, their pages, blogs and all that stuff anonymously. Also it provides secure communication
    • Benefits Of This OS
        • Each and every connection of the internet is forced to pass though the TOR.
        • It doesn’t leave a single trace on your computer.
        • One can use cryptography for protecting their emails, documents and other stuffs like instant
        • With the help of use Mumble one can encrypt their voice chat and conference.
        • Xchat-OTR and Pidgin-OTR tools are used for encrypting instant messaging.
        • It has secure hard disk wiping tool.
                                             SSH Tunnel

    •    Introduction
                    It is the secure command line. It is
identical like encrypted telnet. Basically in this
system an attacker connects to the Remote server
and then they use encryption so there won’t be
anyone who will monitor their activity. There will
not be anyone who will able to sniff his username
passwords. The technology is built on Server =
Client system, in order to that it has an ability to
tunnel the whole network traffic. So from my
system the traffic will be directly tunneled and will
reach to the endpoint whichever the site I want to
open. As an impact or that, that site will assume
that the traffic is generated here at the endpoint (At
there on the website), not from my original system.
This is the excellence of this technology.
     Things to Do When You Are Under Suspect or Under

• If you have read completely up to this then firstly remove your technical traces.
• Do not do any suspicious activity, including even doxing or information gathering for 3-4
• Make a new email ID. Spread it to your friends and tell them to communicate with them
  on that id. Stop your all previous ID.
• Tell your hacker friends to not to do mail to you for initial 1-2 months. If something is
  more important than meet because call can be under tracing even.
• Stop using PGP encrypted mails, because if will work as an alert system for those who
  are monitoring you.
• Do not forget to encrypt your all data or to delete or overwrite your all data with the
  Peter Guttmann’s Method or any other which I have explained above.
• If you have breached something, then remove that all the Excel sheets or text files in
  which the sensitive data of the website or server is there which you have breached.
                               Contact Details

•   Chintan Gurjar
    •   Facebook :
    •   Skype : chintan.letsnurture
    •   Email : ;
    •   Twitter :

• Vikas Roy
    • Facebook :
    • Email :

To top