Results 1 to 10 of 10

Thread: The Quest For Anonmity [unfinished]

  1. #1
    Token drunken Irish guy
    Join Date
    Sep 2001

    The Quest For Anonmity [unfinished]

    The Quest For Anonymity

    · Note! - I’d just like to point out that this tutorial isn’t great, I haven’t written a tutorial in so long and I figure this will get me back on track. Many quotes such as Negative and I draw a lot of my sources from Ravens comprehensive tutorial on the subject. Anyway I’ll be back soon with a good tutorial, a great big feckin long one, like the good ol days.


    Section A - The proxy
    Section B - The tools
    Section C - Cookies
    Section D - What do they know?
    Section E - Links

    The Introduction

    The Internet has never been renowned for its conformity. In fact it is easier to bypass laws on the net than well anywhere else. I’m sure some of you know this… Now this affects anonymity, the authorities don’t want people running around causing trouble and not be able to trace them now. Its like the local police station not having the addresses of its main offenders. However this opens a door for marketing, yes those pesky people who make money from spam and pop up ads and such. They can simply gather your information without a second thought and load you full of crap.
    So you’d think in the whole of that vast space called the net that a few programmers or some company seeing a gap in the market would develop something to keep the large law abiding section of the net from being hassled from spammers. Well there are worthy tools out there. Of course not everyone has the money to spend, indeed most anonymity tools are truly expensive and maybe the spam is worth it.
    The marketers unhealthy attachment with personal information is the cause of this tutorial. I’ve gathered what info I could, all the old tutorials on the subject and spliced the best bits and created a hybrid of chunky knowledge for you all. Most people will probably know this all too well but then why would they be reading this tutorial? For the rest I offer the Quest for Anonymity.

    Section A:

    The Proxy

    Wherever you go and ask about privacy I can guarantee that the word proxy will appear at first. Now proxies were not developed to keep your IP address private, in fact they are used to increase the speed of your connection. Now some proxies are not anonymous and some are.

    To quote The Desperado:

    A proxy server acts as a gateway between you and the internet.
    Now the proxy server will be connecting to the site you are visiting. This means that the proxies IP address will be left in the logs. So in effect the proxy masks your IP address. This is extremely helpful for privacy reasons. I will get into the information that is available about you from your IP address later.

    What’s the catch?
    Well most proxy servers for obvious reasons will keep their own logs of the IP’s that have availed of their service! However the whole task of tracing the original IP is now harder and obtaining it becomes more difficult.

    So what the hell do I do now!
    Well you can of course chain proxies, I’ll show you how all this is done next.

    Using a Proxy
    With Internet Explorer simply go to Internet Options.
    Click on the Connections Tab.
    Click the little box that says Use Proxy Server.

    Stick in your proxy.
    If you wish to chain proxies here’s how.

    Simply enter as so

    In Netscape got to the Edit menu and select Preferences, option will appear, double click advanced.
    Click on Proxies, click the button beside Manual Proxy Configuration and work away.

    You’re probably wondering where the feck you get proxies. Well to be honest it is a lot harder these days to find a fast anonymous proxy with most simply settling for fast. Sacrificing anonymity is a very common thing these days.

    Well here’s a few links although luck plays a part. Try www.google.ie if you cant find one.

    Section B

    The tools

    Now I was planning on leaving this section till last but hell some tools are just too damn important.
    I was planning on rewriting this next part but hell I cant beat this for clarity.

    This is a piece by Negative posted a while back about a little proggy called The Proxymitron.
    The tool contains many features, possibly the most important the proxy abilities. Now this is a guide to using it to its fullest and at the end a little piece by somebody I can’t remember who but if its you let me know. It tells you a little about another program that is widely acclaimed MultiProxy. I suppose visiting the websites will give a better view of their uses and capabilities.

    Here’s Negative

    Use Remote Proxy

    First off, check the Use Remote Proxy-box under Active Filters if you want to use an external proxy-server. Now click Proxy under Edit Filters. Fill in the box (proxy.xxx.xxx:8080) and click OK. Safe this configuration by clicking File --> Save Config File. Safe it as Default.

    Web Page Filters

    Check the Web Page Filters-box to apply the Web Filters. You can change the filters by clicking Web Page under Edit Filters. To test this:
    UNcheck the Web Page Filters-box and go to this JavaScript Environment Variables checker I wrote. It should show most of your environment variables (that is, if your browser supports JavaScript). Now CHECK the Web Page Filters-box, and reload that page. It should not show your Browsers environment variables anymore. The standard settings should be more than enough for most users, but of course you're free to apply
    whatever filter you want, or even create your own filter.

    Some important Web Page Filters:

    Hide Browser's Referrer from JS: this is by far the most revealing the most revealing data sent out by your browser.
    This info is normally revealed in a HTTP header named "Referer" but JavaScript can be used to grab this information as well.
    This filter can be edited to send back any URL you want. With the filter highlighted, hit the Edit button and in the bottom "Replacement Text"section change the URL to whatever you like.

    Kill Nosey JavaScript: note that by applying this folder, you might not be able to access Hotmail anymore.

    Outgoing Header Filters

    Check the Outgoing Header Filters-box to apply the Header Filters. You can change the filters by clicking Headers under Edit Filters.

    Some quick tips:

    Go to iNet Police . Under HTTP_USER_AGENT it should show the browser you're using. Here's how to change that:

    In the HTTP Header Filters-menu, check the User-Agent: Netscape Mac 68k (out)-box (both in and out). Click OK, and refresh that page. This is what it should show now:

    code:--------------------------------------------------------------------------------HTTP_USER_AGENT Mozilla/3.01Gold (Macintosh; I; 68K)--------------------------------------------------------------------------------

    Want to fool that page so it thinks you're on a GameBoy?

    First, uncheck the User-Agent boxes you just checked.

    Now, click on New to create a new filter. In the HTTP Header-field, fill in 'User-agent: Gameboy' (The Proxomitron does not use the text after the ":", it's only used for comments). In the Replacement text-field, fill in Gameboy (or whatever you want). Click OK. Now check
    both the user-agent: gameboy boxes from the rule you just created. Click OK. Refresh that page again, and you should see something like this:

    code:--------------------------------------------------------------------------------HTTP_USER_AGENT Gameboy,powered by Nintendo.--------------------------------------------------------------------------------

    Now, let's that a look at that page:


    Don't even think about changing those values, because you can't... (using Proxomitron, that is).

    Why not?

    Well, Remote-addr is found by looking up the IP address used by the TCP/IP connection itself. This is required information: Without a real IP address the web server could never send the page back to you. Proxomitron alone cannot change your IP since it's running on your own computer and its IP address is the same as your IP address. The only way to change this is going through a remote proxy.

    REMOTE_HOST comes from doing a "Reverse DNS lookup" on your IP address: the web server takes the IP address of the connections and asks the DNS system what hostname is attached to it. Normally your ISP's DNS server will respond with the answer. It can't be filtered, unless you run the DNS server with authority over that IP, since the info doesn't come from your PC to begin with.

    HTTP_VIA, HTTP_FORWARDED, and HTTP_X_FORWARDED_FOR as the names indicate *are* in fact HTTP headers. The problem here is they're not ones normally added by your browser but instead by an intermediary proxy server. Normally the connection "chain" is a bit like so...

    +--------------------+ +--------------+ +------------+
    |Browser->Proxomitron|-->| Remote Proxy |-->| Web Server |
    +--------------------+ +--------------+ +------------+
    (Your PC) (Proxy host) (Web host)

    Since the headers are added by the remote proxy after leaving Proxomitron, you can't filter them out. You can however add headers of your own beforehand which may possibly confuse automated scripts. It should also be noted that, by default, these headers aren't stored in most web server logs anyway.

    Here's an example of a higly customized rule:

    Transform PDF to HTML on the fly (this uses a Google-service, so it may not work for all pages):

    In = FALSE
    Out = TRUE
    Key = "URL: Convert PDF to HTML thru Google (JarC)"
    URL = "(^**.pdf"
    Match = "http://\1"
    Replace = "$JUMP(\1&hl=en)"

    Web Log

    To see what exactly is send from your browser and what comes in, click Log Window. This pops up a HTTP Message Log, showing exactly what goes out and comes in.


    Go to Config --> Blockfile to customize the ad-blocker. Here's a list of ads you can use with Proxomitron

    Configure your browser to use proxy on port XXXX,
    then "Proxomitron's proxy port number" must be also XXXX (configure it from the CONFIG button, HTTP sheet-that's if you have 4b3 version of Proxomitron).
    Next turn on "use remote proxy" (in Proxomitron main screen), use the PROXY button and enter (YYYY and XXXX are port numbers) then press OK.
    Now in MP's OPTIONS enter yyyy in "accept connections on port"...
    For example use for XXXX 8523, and for YYYY 6987.
    Most people use for port numbers 8080,8088,80 etc. and that's not quite correct because the first ports someone scans (if he wants to enter your computer for example) are those one.
    Hope you understood my explanation, and now everything will be OK.

    end Negative.
    Ad-Aware is another excellent tool which will keep an eye on spyware for you.
    www.lavasoftusa.com although most freeware sites will have it. You can also get your hands on CookieKiller which guess what eats those damn cookies that store info on you. Once again try freeware sites, yes I am getting a little lazy these days. You will also find other tools which will suit you better and of course these are Windows tools so you may have to find an equivalent.

    Section C


    Ever noticed you were on AO and logged in. Left, did something else and came back and found out you were still logged in. Notice that on most sites these days. Well you have cookies to thank. Little nuggets of information. They might store your password or your name so it can welcome you. Well it also reveals what websites you have been to. This is no nice. Now cookies can be found with a little searching eg. Windows will have a cookies folder that you can access and delete. You can get cookie eating tools off the net to save you the hassle. You can configure your browser so you no longer have to accept cookies although this will get extremely annoying as it pops up a lot these days.

    I would say that it would be very hard to find a site these days that does not require cookies.

    I was just looking at R a v e N’s tutorial on anonymity { Ravens tutorials are by far the best to be found on the net regarding such matters, although not overly technical they are very clear }

    To quote his tutorial:
    ‘If you’re running Windows and you do a quick reboot…Windows generates a file called FILE0001.chk, FILE0002.chk’ (usually found on C:\) …delete them ASAP!
    While I’m talking about Raven I’ll just follow on with WinGates.
    Now I’m just gonna stick with his description…
    ‘The problem with Wingates is that they’re highly…well…they’re very…how should I say this .Stupid. Just plain stupid.

    So I’m not going to get into the whole Wingate thing because very few of you will take much of an interest. A simple google search will reveal the +’s and -‘s involved. Up to you…!

    Section D

    What do they know?

    Now why bother with all this crap? Jesus its not like you know these people, they don’t even know my first name, I call myself Lord_Feckhead on the net! Well you’d be wrong, very wrong.


    Just an example of the type of into a website can pick up about you. Now using that information you become known on the net. They can go to your ISP and find out more depending on what you’ve been up to. Now there are ways for websites to find out even more. So basically I hope you see how vulnerable our privacy is on the net.

    IRC is also a culprit. Somebody can easily gather information on you. In the header of your e-mail your ip addy can be revealed. Finger daemons are also a scourge. ICQ or any instant messenger really is the same. In fact the list could probably fill the General Chit Chat forum for a day…!

    So is the quest for complete anonymity a daydream? Will the corporations win or the governments? The last untouched soil of freedom is slowly becoming a tool of the forces we cant see…so I suppose it is up to ourselves to anonymise ourselves.

    Section E



  2. #2
    thx ennis.. ive been lookin for a good tut on Proxies fora while. This helped me out a bit to get on the right track! keep up the good work
    .::nataS is WaTchiNg::.

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Strangely I posted a little article 2 days ago about the same quest of anonymity with a p2p system called the Freenet project. It is here

    Was it favourable times for this subject?
    Life is boring. Play NetHack... --more--

  4. #4
    Token drunken Irish guy
    Join Date
    Sep 2001
    Perhaps so, anonymity is a subject close to many.

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Thanks for the tut of anonymity. I have read Negative's tut as well. I enjoy reading this tutorials as they are so much easier to understand from a newbie's point of view. I mean myself, that is, I may not be a newbie anymore to AO but sure as hell am a newbie to security and computers in general. Though hopefully not for too much longer, unless my eyes fall out from reading too much here.

  6. #6
    Join Date
    Jun 2002
    Nice work, Ennis! Not only do i love reading material pertaining to anonymity, but i also love learning about it. I can never learn too much.

    Over the years, i've read alot of tutorials and other material concerning anonymity...but this tutorial that you have written has to be on the top of my list. I like the fact that you have taken a comprehensive, yet in-depth look at anonymity. Plus, you provided some very good links for further reference.

    I think it's very important that all computer users learn as much as they can concerning this topic. Especially since it's everyone's right to stay anonymous, and keep their private lives 'private' from the outside world.

    KissCool> I enjoyed that Freenet project post of yours too, by the way.

  7. #7
    Senior Member The Old Man's Avatar
    Join Date
    Aug 2001
    Very nicely done, ...even easy for an *old* guy to understand, thanks!

  8. #8
    Join Date
    Aug 2002
    Great job. Really worked for me. Thanx.
    http://www.AntiOnline.com/sig.php?imageid=210 ۯ

    UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity. Dennis Ritchie.

  9. #9
    Join Date
    Feb 2002
    Nice tutorial. Nice to see something long.

  10. #10
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Seattle, WA
    I was under the impression that LockDown had some controversy regarding it's actual performance. Why is it linked in Section E?
    [HvC]Terr: L33T Technical Proficiency

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts