Surfing the V01D

Surfing the V01D

So, lately I’ve been thinking about making a post about Digital Security and Anonymity.
Before even getting started if you are just looking for steps to spoof your IP you can skip
ahead, if else you can read a little bit about my experience, so here goes.

First of, if you have no Idea why you need to protect your data you should definitely
read about PRISM – A Surveillance program that collect internet communication based
on demands made by Tech Giants.

You think you are using a free service don’t you?, sadly you are not a customer but
rather you are just a product among a billion products just like you. They care about you
and everything that you do so much so that they make a huge money of you it.

So, what do they know?
What can they possibly they do with that piece of information ?
What can you do to not let every one know everything about you ?

Its simple right, they just sell everything about you so that the buyer can sell you their
useless product by invoking your greed. Well that’s just one of many that they use your
data for. Lets say your Credit card details have been leaked, all you have to do is block
the card and get a new one. What if your Biometrics, Face ID, Medical Records and so
on, those are some of which you can’t change forever.

This article is going to explain you what you can do to maintain Digital Privacy, I am
not going to talk about Social media and the information that you wish to disclose to the
world through various platforms, but why post a picture or a video to the rest of the
world, while hiding from your parents and loved once ?. It all depends on your stupidity
and the hunger for fame + 3rd party’s peoples opinion and approval, ill leave that up to
you.

How do you protect data that flows in and out of your Machine ?

Whenever some piece of data leaves your machine to the internet, it actually goes to
another machine which could be read by your ISP and other 3rd party. A lot of people
talk about VPN, Which is a Virtual Private network that is going to route your traffic
through a different machine which could be located in a different region.

If its too hard for you to understand assume this scenario, lets say your friend wants to
bunk a class in college and lagging in attendance, he asks you to disguise as him and get
his attendance. We call this a proxy, the exact same thing happens with the machines,
you simply ask some other machine located in a different region to send your requests.

Well, VPN is a great choice since it is reliable and provides a fast connection. Although
the integrity of VPN is still questionable, but in the end you have to trust some one.
There are a ton of VPN providers out there you can choose from. Few are listed below

OPEN VPN
CYBER GHOST
HIDE .ME

VPN’s are expensive right, there is a simple solution the TOR Routing aka The Onion
Routing, TOR is a open source software that routs your internet traffic through multiple
TOR nodes to stay anonymous. You can download TOR browser and access the internet
through them which is very simple. But the I’ve been asked a lot about how to route all
of your device traffic through TOR Network. Follow the instructions below

I am doing this on my Linux machine, if you use windows you can try using a VM for
this process.

STEP 1: Install TOR
sudo pacman -S tor

This should install TOR in your Machine.

STEP 2: Check the status of TOR
systemctl status tor.service

step 2

You can see that the service is not active.

STEP 3: Enable TOR.
systemctl start tor.service

step 3

STEP 4: Check for the port that the TOR service is using.

step 4

STEP 5: Open your Network Manager in settings, Set Proxy as Manual and set the
SOCKS Proxy as 127.0.0.1 & The Prot Number as 9050. Remember these were the
results we got from the previous command. Sometimes tor uses different port like 9151
or 9150 etc.

step 5

Once that is done, you can take a DNS Leak test to look at your traffic.
https://2ip.io/privacy/
https://www.dnsleaktest.com/results.html

Below is the result of my DNS Leak test, you can clearly see that all my traffic is being
routed through a different region. I am not using a TOR browser here, its just that every
application uses TOR relay in my Machine.

step 6

This should help you stay anonymous, with that being said TOR can be compromised so
you need to be careful on what files you are downloading & what files you are executing
in your machine.

I2P:

While TOR is a great choice there are certain limitations and few alternatives like VPN,
I2P is a anonymous network overlay within a network to protect communication from
dragnet surveillance by 3rd party.
While i2P is really good, I am not hear to make a step by step walk through about how
to do it, That is for another day. For now just letting you know that such exists.

Operating systems:

There are several distributions of Linux operating systems that could come in handy to
protect your digital data, a few of them are listed below.

Tails : https://tails.boum.org/ (something from TOR)
Whonix: https://www.whonix.org/ (if you are lazy)
Kali: https://www.kali.org/ (for the hacker wannabe)
Arch: https://www.archlinux.org/ (if you are really good at Linux go for this)

BlackArch: https://blackarch.org/ (if you are really obsessed)

https://www.privacytools.io/ (Something to look at)

IP is not the only information leaked from your machine, you can also spoof your MAC
ID – but then ill come up with that on another post. Hope you find this useful.

PS: Ignore any typo or grammatical errors – too lazy to correct them.

Stay safe, Stay secure !
-blankdash

SHARE THIS:

7 Likes

Forgot Gentoo. :wink:

Great tutorial! Lots of people don’t know that you can proxy all kinds of traffic through Tor. Running a VPN underneath helps as well.

@pry0cc 0x00 hidden service when?

1 Like

Hi!

Good introduction.

Here is a little guide to improve some privacy with Firefox, just to extend the thread -> https://12bytes.org/articles/tech/firefox/firefoxgecko-configuration-guide-for-privacy-and-performance-buffs

1 Like

We had a tor hidden service, unfortunately it was abused and our site was knocked offline multiple times because of bots and scrapers.

I’m yet to find a good way to restrict abuse and filter traffic from tor as apposed to just buying a bigger server.

2 Likes

Great write up.

But black Arch > Kali? I find Kali to be the most stable and robust, granted backbox, black arch and parrot have more tools but who uses all of those tools anyway!

Happy to be corrected as always.

3 Likes

Thank you Prasanna! Neat write up from your perspective. I do things a little different, but nice to know how other people do things. I appreciate it!

1 Like

Wow. That’s intense. Thanks for the response anyhow!

2 Likes

Its just a personal preference, Kali is much better in a lot of scenarios, but then iam unable to switch from a arch based distro since its highly addictive. Moreover, a lot of tools in kali seem to be outdated and few are missing … I.E : Airgeddon , binwalk , steghide and a lot more are installed by default in Blackarch and also its super comfortable to install from the AUR repo, while in kali its a little different. But then again its just a personal preference, if you are super obsessed with Linux, you can go for a custom build from either gentoo or Arch, ese kali or parrot seems like an obviuos choice.

1 Like