Published @ http://www.searchlores.org in Mid June 2006 |
Version 0.05
(part of the anonyweb section)
A guide to relative anonymity when accessing the web
or
"No need to be 'too' paranoid"
by Fravia, Mordred, art20(iv) and other authors and contributors
Ah... anonymity the ethernal dream of all seekers. Complete anonymity is very
hard to obtain, since your provider, a gazillion servers and the clowns at echelon
are recording everything you do for the -probably not so interested- posterity.
But in order to obtain a mild, relative, for sure not "paranoid_resistent" anonymity, you may try chaining
proxies, you may
try TOR
tunneling, or you may try the following simple wardriving approaches...
A relative guide to anonymity (02/06/05 14:13:27)
A relative guide to anonymity
or
no need to be 'too' paranoid imho
-----------------------------------------
RULES
1) buy pc cash elsewhere (not with credit cards and not where they know you)
2) wardrive in another part of the town, not the one you live in
3) download only, or if you upload, upload only anonymous things or PGP encrypted stuff
4) rotate your wifi card mac address at every access point: I use "Macmakeup"
5) use wardriving laptop ONLY FOR THAT, no personal data whatsoever on it
TECHNIQUES
1) Find speedy, beefy first wifi accesspoint with netstumbler. There are so many unprotected at
all, that you don't even need to fire a wep-packets-analyzer.
2) connect, browse, download, all shields down, javascript, java, the whole bazaar: who cares?
3) ISP "A" will register everything "he" does.
4) work half an hour, download the helluja out of it, upload with care
5) walk ten meters change access point
ISP "B" will register everything "another he does".
work half an hour, download the helluja out of it
walk ten meters change access point
...repeat at leisure
(reformat hard disk every week just in case)
next day another part of the town, or another town :-)
and so on
fravia+
As staying anonymous is the better part of common sense, being paranoid is the better part of staying anonymous (02/06/05 13:53:08)
"Use a proxy" is common sense, but it will not make you anonymous.
"Turn off javascript" is common sense, but it will not make you anonymous.
"Turn off flash" ....
(Rinse. Repeat.)
In order to be anonymous you have to get paranoid.
Turn off everything. You're not anonymous yet. Does your browser allow you
to stop loading *ALL* page requisites? Are you sure? How about the .css? In fact the only
secure way to load a bare page I can think of is to do it with raw http and telnet.
I wish somebody would stop writing 'anonymity complete' stuff, and just concentrate
on being paranoid. Then, a regular user with less need for anonymity paranoia can choose
a subset and have clear understanding in what ways exactly is he non-anonymous.
----------
If you're behind NAT, try this:
http://www.auditmypc.com/internal-ip.html
Mordred
some ideas about fravia+īs guide (20/06/06 09:58:39)
some ideas
first I apologize for my English since Bavarian is my mother tongue. I write down these ideas since
I recently watched fravia+īs video of the Montreal(Canada - 16 June 2006)Recon 2006 conference.
RULES
1) buy pc cash elsewhere (not with credit cards and not where they know you)
first of all, use linux. Why? Well you can buy old laptops for almost
nothing and of course they are still usefull since linux does not need that much of hardware.
What is important it need to have a CD and a USB port the rest is less important.
But it is true donīt use credit cards or buy at the reseller you trust, gg*. BTW use a linux liveCD
and boot it "toram" so that you can use your CD drive!
2) wardrive in another part of the town, not the one you live in
It depends on what your target is. Lets see. First "explore" your city and there is no need to go
elsewhere as long as you take care of some "rules". Another idea share *.cap/*.dump/*.ivs
files with others,
spares time to crack the key or lets say distributet knowledge share! There are plenty of people who do the same.
Just search for it. Plenty of URLīs and forums where you will find those in your area! You will have a map of your
city/district/country with all the hotspots and wether they encrpyt or not and with your own
*.cap/*.dump/*.ivs files
and the shared you will get the WEP key pretty quick anyhow. You can stay passive or hide yourself pretty long while
gathering usefull information.
Remember we are not yet at the point to USE the hotspot. I try to give you some ideas on using it later
since there are plenty of possibilities NOT to spoil a hotspot but use it more often.
4) rotate your wifi card mac address at every access point: I use "Macmakeup"
Defenitely. Funny is if you use a MAC address of a user which is logged in to the hotspot!
Often enough they limit the access to certain MAC addresses. So then if you draw a map of your city you will have access
to them too! There are plenty of tools for that. BTW this is under certain circumstances not enough!!!
5) use wardriving laptop ONLY FOR THAT, no personal data whatsoever on it
Still a good idea but may be there are other good ideas too. Use a live LinuxCD and a USB stick! Boot it "toram" with
no access to your harddrive and you are "pretty save".
TECHNIQUES
1) Find speedy, beefy first wifi accesspoint with netstumbler. There are so many unprotected at all, that
you don't even need to fire a wep-packets-analyzer
Times have changed a bit, sic transit gloria mundi. My idea is to use a range of tools. Of course kismet,
aircrack, wellenreiter and airsnort which for the beginning are good enough. The advantage of kismet
and the others is that you can use it together with gpsmap and draw your own hotspot card of your area.
Again you may want to use them more often or even better share them with others!
2) connect, browse, download, all shields down, javascript, java, the whole bazaar: who cares?
to my point never a good idea but it is more or less a philosophical question. It is like asking one
to scale the north col of the Matterhorn wearing a bikini and carpet slippers.
I myslef e.g. I like it when people try to get access to my hotspot. I let them but I also in reverse
try to get access to their computer and then ... Often enough they do exactly what you mentioned before, they have all
their shields down! Trust me it is worth to let them in (nemo me impune lacessit)!!!
3) ISP "A" will register everything "he" does.
True BUT often enough they got their own log files on the router. Still not a problem
since most of the people do not change the password of the router so that "admin" and "password"|"passwd"
is always worth of a try to get admin access to the hotspot router and delete the logfile.
You may want to use this one again! I am not that much in favour of these hit and run techniques.
"Was du ererbt von deinem Vater hast,
Erwirb es, um es zu besitzen." (Goethe, Faust part 1)
4) work half an hour, download the helluja out of it, upload with care
5) walk ten meters change access point
ISP "B" will register everything "another he does".
work half an hour, download the helluja out of it
walk ten meters change access point
...repeat at leisure
One can do so but as I mentioned before I want to use them more often!
(reformat hard disk every week just in case)
less need if you work with a linux liveCD with the correct boot options
next day another part of the town, or another town :-)
If you use them carefully no need for that.
Conclusion
My ideas are far away from a HOWTO for wardriving. It is just a summary for "relativly anonomity"
combined with less costs and long term use. It is far away from being intentioned by paranoia.
what f+ pointed out is a good basic idea of a hit and run strategie. I also agree
that there is no reason to be paranoid. All I wanted to point out is that I want to use others hotspots more often
and also I dont want them to get in trouble of my activities. Even if using others hotspots there should be
some sort of honesty.
Do so if you are on visit in another city ore more in common not at home if you want to.
To my point of view a better idea is to visit these forums I mentioned before and get a "city card".
There are good arguments not to do so at home. It is spring all the nice girls around paying tribute
with their clothing to high tempratures. Why sit at home doing work in a room? So map the hotspots in
your city carefully. Try to get as much information as possible and use them "honestly".
You will see you will have fun with them a much longer time!
Some more ideas
Often enough people use only WEP keys for their hotspots. Well we know not that much
of a good idea and easy to crack. Also and these are the really interesting ones theiy
plug their DSL/WLan router in and use the default settings. I love them! The thing with
them is often enough that if you are attached to their net and you try go get access to
their router it is as simple as buying a beer. I mentioned it before admin and password|passwd
is a good way (search for the default settings of the manufactures). I am not talking about hacking a network!
This is another thing even interesting enough itself.
What I am trying here in my city is to find as much people as possible to built up a "distributed free WLan network"
I pay for my DSL fine, but I am not greedy enough not to share. So if there is someone else with a WLan hotspot
who will share his with me so I will share mine with him! So I get the most value out of mine. And of course the
more join this "dfWn" we can cover the whole city/district/country/world.
art20(iv)
Re: A relative guide to anonymity (20/06/06 11:06:10)
>(reformat hard disk every week just in case)
I think there's a better way. As you have bought the computer you just
create an image of the clean system, store it somewhere (like DVD).
Every now and then you erase (3-7 pass) the hard disk and copy your clean
system partition back :) Shouldn't take much longer than formatting but is much
more secure.
agras
Re: A relative guide to anonymity (22/06/06 23:01:22)
> 2) connect, browse, download, all shields down, javascript, java,
> the whole bazaar: who cares?
not quite agree with this, you might get spyware for instance.
and even though this laptop is supposed to contain only non-personal stuff,
still on another accesspoint it's the same laptop with the same spyware and the same cookies etc.
reformatting will help you of course.
but just using the same seeker common sense of medium-low paranoia,
use opera, proxo, etc.. will save yourself a lot of browsing annoyances as well :)
forget the paranoia but why make it hard on yourself ? :)
- ritz
(c) III Millennium: [fravia+], all rights reserved, reversed, reviled and revealed