Anonymity on the Internet, however, is not. Information Security Laboratory. You need a separate SIM card to register accounts

Greetings, my “anonymous” reader. Do you often think about what the website you visit knows about you and for what purposes this information can be used? Or are you generally paranoid and you think that we are all under the hood of “special services” and now people in “white coats” in uniform will knock on your door?

Today we will look at the basic principles of anonymity on the Internet, and I will tell you what information about you is available on the global network and how to hide it.

Why be anonymous on the Internet?

Anonymity is a concept mainly considered in relation to cyber criminals of various stripes, but is it only they who need it? To answer this question, it’s worth remembering how often you receive “spam” by email or in what amazing way Yandex shows you exactly the topic in which you were recently interested.

If, after rummaging through your memory, you found matches with your experience of using the Internet, then this article is for you.

What do we know about you?

To begin with, you should turn to one wonderful site - 2ip.ru, which will clearly show only a small part of the information known about you, and this is the computer’s IP address, version operating system, browser version, location - and this is not a complete list.

When registering on any website, ICQ, Skype, etc., you often leave your email and even phone number.

Anonymity on the Internet - the basics

What is known about you, I listed above, now it’s time to figure it out - what to do with it? Let's start in order, without going into too much technical detail.

IP address

In simple words, the IP address of a computer is a unique identification address of a PC on the Internet. The IP address is assigned by the provider upon connection; accordingly, when you change the provider, the IP address changes.

The computer's IP address consists of four combinations of numbers - XXX.XXX.XXX.XXX. The number of digits in each combination varies from 1 to 3, and their value ranges from 0 to 256.

The provider can assign 2 types of IP addresses - static and dynamic.

A static IP address is permanent and does not change as long as you use the connection.
Dynamic IP address - changes every time the Internet connection is restarted.

You can hide your IP address in several ways - through Proxy or . Read more in the relevant articles via the links.

IP is only half the problem, there is other data - operating system version, browser version, screen resolution, OS language, etc.

Operating system information

We've sorted out your IP, now let's think about the rest of the data.

First of all, you need to find the place of the “leak”. You are reading this article through the browser, right? Accordingly, this same browser reports the previously listed data to the server on which the web resource is located. The transfer takes place using Http headers that look like this -

Host: site User-Agent: Mozilla/5.0 (Windows; U; Windows 8.1; ru; rv:2.8.3.7) Gecko/20170520 Firefox/43.7.1 (.NET CLR 8.1.30421) Accept: text/html,application/ xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: ru,en-us;q=0.7,en;q=0.3

Host: hyperione. com

User-Agent: Mozilla / 5.0 (Windows; U; Windows 8.1; ru; rv: 2.8.3.7) Gecko / 20170520 Firefox / 43.7.1 (. NET CLR 8.1.30421)

Accept: text/html, application/xhtml + xml, application/xml; q = 0.9, * / *; q = 0.8

Accept-Language: ru, en-us; q = 0.7, en; q = 0.3

This problem can be solved by “replacing” real http headers with “fake” ones.

The ideal solution for replacing “http” headers would be an appropriate browser plugin, for example - .

Cookies of your browser

After reading the article about, you will find out the purpose of these files, but now I would like to mention that Cookies are stored on your computer by the vast majority of sites, including Yandex and Google.

You can disable saving Cookies in your browser, thereby depriving yourself of some pleasant bonuses, such as saving passwords on websites, but on the other hand, you will stop giving away valuable information about yourself to strangers.

Let's sum it up

In the article we did not touch on two points.

Your phone numbers and email. Create one Mailbox, especially for registering on sites, if you need a phone number, use activation services.

Installing programs on PC. By installing any program on your PC (for example, an online toy client), third parties may become aware of information about you such as models and serial numbers your equipment (Processor, video card, etc.), MAC address, etc.

This article is not a call to action, but is purely informational. You are solely responsible for the use of this information.

Almost all of us from time to time face problems associated with anonymity on the Internet: when we need to take some action and remain completely unnoticed. For example, you want to hide your visit to social media from the all-seeing eye of administrators at work. networks and passwords to them (which are not so difficult to intercept). Or go somewhere under someone else’s account, but in such a way that you are 100% not identified. In other words, hide your activity on both sides: on your side and on the side with which you interact.

Yes, it’s even trivial that it’s necessary somehow bypass blocking of prohibited sites(at work or throughout Russia). The problem is popular now. We’ll talk about all these problems in today’s article.

I would like to note right away that these methods of ensuring anonymity on the Internet are not a panacea, nor are they a complete set of anonymization that is needed by someone who is going to break banks, the FSB and other structures of this kind. This article is intended to provide basic ways to solve the most common range of problems. The rest will be discussed in my next article.

Let's start with something simple...

How to bypass blocking of prohibited sites?

There are a whole lot of ways.

Method No. 1. Web anonymizers.

Perhaps the most accessible and simplest of all. They are also called web proxies (synonyms). These are sites that themselves are browsers, i.e. have an address line in which you enter the address of the blocked resource, after which the anonymizer site displays all its contents (in an iframe).

The most successful web anonymizers that I have used:

www.cameleo.ru
The simplest service in which everything is painfully obvious. Encrypts the site's URL, so you are protected from URL blocking. Allows you to bypass nationwide blocking.
www.hideme.ru
More serious service. Allows you to configure a number of parameters, including selecting the country from which you are allegedly accessing the site.
noblockme.ru
The main advantage of this service is its consistently high speed. Although the previous ones do not particularly slow things down.
www.proxypronto.com
An unremarkable foreign web-proxy. Not very popular in Russia, but reliable. It makes sense in case of blocking of the main Russian ones.

It is worth understanding that, in fact, the request to the site you are trying to access will be made on behalf of a completely foreign server, and it would seem that you are not only bypassing the blocking, but also remaining anonymous to the resource object, but that’s not the case.

Important points to remember when using any web anonymizers:

web anonymizers transfer almost all information about your system to a resource object (hence, the version of your OS, browser, cookies are not hidden!). Although in fairness it is worth noting that not everyone transmits cookies.
Web proxies often store the entire history of requests with users’ IP names (which is really sad).
Except for accessing a web resource via the http(s) protocol through a web anonymizer, you won’t be able to do anything else.
admins at your work will easily understand where you went and will even read your context (traffic) if you wish, if you used the http (not https) protocol. Please take this fact into account if you download warez software, hacking software or anything similar at your workplace. ;)

So it goes. In other words, web proxies are good when you need to quickly (without installing any software) bypass blocking on a not-so-secret resource.

Method number 2. Regular proxies (http/SOCKS).

For the most part, similar web proxies with the only difference being that you can use them to access not only websites, but also any other content (for example, play online games or go somewhere via ftp / ssh / RDP / something else).

Such proxies are either paid or die quickly, so I don’t provide a list here. And, to be honest, I haven’t used them for a long time.

Further methods allow you not only to bypass the blocking, but also to remain anonymous in terms of the resources you visit.

How to stay anonymous on the Internet?

Method No. 3. TOR browser/network.

The TOR network is a fairly well-known thing. This is a kind of network of voluntarily maintained nodes around the planet, which are some kind of analogue of a SOCKS proxy, but with important differences. Each TOR node:

Does not store or collect any logs.
It does not collect or transmit absolutely any information about you to the resource you are visiting.
They use two-way TLS connections to communicate with you (which makes it useless to listen to your traffic; it is also useless to implement Man-in-the-middle attacks against you).

And most importantly: when connecting via TOR, you always use a whole chain of TOR nodes! Each subsequent node is connected to the previous one with the same secure TLS connection, which ultimately makes your Internet activity almost untraceable.

How does it work and how to use the TOR network? There are two options.

The first - simplified - is the TOR browser. Download it from here (official project website).

After a simple installation, you launch the TOR browser, which is 99.9% identical to regular Firefox:

When you launch the browser, your TOR chain is automatically generated (consists of random nodes, each launch the chain is different) and connections are made in automatic mode. It's simple. However, only your running browser remains anonymous. No games, applications, RDP or other browsers will be anonymous.

And to have them, you need to download and use the full version called Expert Bundle (available at the link above). Download the archive, unpack and run the tor.exe file. Then in the console you observe the process of generating the chain and completing the connection to the TOR network. At the end you will see something like this:

Already from this screen it is clear that on port 9050 of your local computer(127.0.0.1) a SOCKS5 proxy has been raised, which you are free to use for any purpose, while remaining completely anonymous. :) What's next? It's simple: in the settings of your browser (or any other software that you want to run through TOR), set the proxy parameters: address - 127.0.0.1, port - 9050. That's it, the job is done.

But don't delude yourself too much. The TOR network itself is safe and has been tested many times; all proxy sources are open and can be easily viewed for various types of bookmarks. But this does not mean that users of this network are never identified. If you use the Tor network to hack the FSB, and at the same time log into your VKontakte account, then you should hardly be surprised when the door is knocked down with a sledgehammer a couple of hours later.

Important rules for using the TOR network:

When using TOR, do not log into personal accounts ( Google services/ Yandex, mail, social. networks, instant messengers (Skype, ICQ, Telegram, ...)). If necessary, use false accounts - where there is no real information about you.
Important: often many people log in Chrome browser under their account and forget about it. Don't forget to log out before using Tor!
All left accounts must be created using an anonymous connection (otherwise your location will be easily determined).
Make periodic reconnections to the TOR network (to generate a new chain).
Don’t forget about the proxy settings that you have/have not set in a particular browser, RDP, or something else.
Do not write openly where you are / your real name / other data by which you can be identified while in TOR.

Compliance with these simple rules guarantees you a very high degree of anonymity. And of course, it will allow you to bypass any restrictions. By the way, there are portable versions of Tor, including the TOR browser. In other words, you can carry it with you on a flash drive, which can be extremely convenient.

Method number 4. Anonymous VPN service.

Also not bad, but most importantly, a convenient way of anonymization and bypassing restrictions. If you don't know what a VPN is, go here. It is worth noting that in this method We are talking about encrypted and anonymous VPN services (i.e. pure L2TP and the like are no longer needed).

The good thing about this option is that it does not require you to make any settings or manipulate programs, browsers, or distortions for services that cannot work with proxies (and therefore using TOR will be difficult, although quite possible!). Just create a connection or install a program for your VPN service, and all problems are solved: your IP and system information are securely hidden, the channel is quite securely encrypted, restrictions / blocking of prohibited sites are removed.

In addition, a significant advantage of any adequate VPN service is the ability to choose the IP address (= country) of the server from a fairly large variety. It makes sense if you need the IP of a specific country in which some resource is allowed. Or, for example, you want to create a network of foreign contacts on Facebook or LinkedIn (they track your profile country and real IP, after which they easily distribute bans)

But anonymous VPNs also have their disadvantages:

Only one node between you and the Internet resource.
This node may well log traffic and requests.
In other words, he can betray you at any request (which definitely won’t happen with the TOR network). Although there are several resources that promise not to do this and do not keep any logs.
Reliable and truly anonymous VPN services are paid. By paying for the service, you risk being de-anomized. It makes sense to think about this if you are going to do something for which law enforcement agencies will look for you.
To install even a regular Windows VPN connection (not to mention individual programs for a number of services), you need local administrator rights. This can be a problem if you want to use this case at work, where such rights are usually not available. True, not so long ago I wrote an article about how to get local administrator rights on Windows.

In this regard, it is worth looking for VPN services that, according to their statements and a number of reviews, comply with the following rules:

Legally located abroad (in a foreign jurisdiction).
They do not store any logs.
They have a large selection of IP addresses in different countries.
They have in their arsenal such payment systems, like PayPal, or better yet BitCoin (this is just ideal).

And here is a list of such VPN services (tested either by me personally or by my colleagues):

PrivateInternetAccess: https://www.privateinternetaccess.com/
Complies with absolutely all the rules above, is almost ideal and is recommended by many pentesters;).
BTGuard: http://btguard.com/
Canadian jurisdiction. Also consistent with the principles above and even more. However, it does not have Russian in the interface, although this is a trifle. :)
TorGuard: https://torguard.net/
Jurisdiction of Western India, which is not bad at all. Everything on it is great, except for one thing: illegal actions such as spam using any protocol or DDoS (if there are complaints), they put rules on their firewall that blocks this activity. It was impossible to find out which of their users (since they do not store anything), but they are quite capable of blocking malicious activity (all of their users at once).
Privacy.io: https://privacy.io/
An analogue of the first two: simply ideal, Australian jurisdiction. They never block anything and obey no one. They put privacy at the forefront of their business, as a result of which the service is really very, very interesting.

Here are the main really interesting and useful options. It’s not worth looking among Russian ones, but if you’ve already set your sights on low prices and don’t intend to do anything illegal, then take a look at HideMyAss: the price tag is not bad, and the choice of IP providers is large and very convenient. For creating a network of fake accounts on LinkedIn (which many outsourcing companies in our country do, using this particular service :)) will be a great fit.

Conclusion

What should you choose in the end? What's the best way to become anonymous? It all depends on your goals. If you just want to bypass site blocking, a web anonymizer or a regular proxy can help you. Do you also want to hide your traffic from those who can listen to it? And at the same time from all the sites you visit? Then definitely TOR or anonymous VPN. Do you want to choose the IP of the country you need? The answer is clear: an anonymous VPN network.

In any case, it is worth remembering that there are no ideal means of ensuring anonymity, and before committing any illegal activity, you should think carefully about its feasibility and risks. And if you decide, then do not forget about the principle of echeloning your personal defense. ;)

Sincerely, Lysyak A.S.

Despite the fact that the Internet is formally considered a bastion of freedom of speech and anonymity, few people continue to believe that online we become invisible. In addition, not long ago, ex-CIA employee Edward Snowden released information about PRISM, a program for tracking Internet users developed by the US National Security Agency. But even without his revelations it was clear that The World Wide Web knows more about us than we think.

However, this is not only about the fact that seemingly harmless toys like Angry Birds help intelligence services collect information about potential terrorists. Most often, the desire to get to know users better arises directly from services such as Microsoft, Google, Yahoo!, Facebook, Apple, etc. They will not miss the opportunity to monitor your behavior on the World Wide Web and even analyze your mail for personal preferences, because the commercial success of these companies directly depends on the quality of the target audience for advertising promotion.

In this material we will offer you a number practical advice about how to maintain online anonymity. It should be said right away that no solution can guarantee absolute invisibility on the Internet. However, if you do not intend to exchange documents of national importance, you can provide yourself with a fairly high level of security. Most effective method protecting your data in information space is the use of anonymous networks.

Tor

The most famous anonymous network. Essentially, Tor is a proxy server system that allows you to establish anonymous network connection, protected from eavesdropping. The word Tor itself is an acronym that stands for The Onion Router. The comparison with an onion is not accidental - access to the system is carried out through free software that uses “onion routing” technology. With this approach, messages are protected by multiple “layers” of encryption and then sent through a chain of network nodes. You can download the program from the official website. Tor software is available for Windows platforms, Linux and Mac.

Tor participants gain access to Internet resources through other network users. Users can also create and publish anonymous web services on the network, which will be accessed through special pseudo-domains.onion. Note that using Tor, like any other anonymous network, leads to a significant loss of speed. The downloaded Tor software creates a chain of nodes through which encrypted data will be transferred. From time to time the chain is rebuilt and starts using new nodes. It should be understood that simply installing Tor will not make you invisible; for this you need to install additional components. The Tor program only manages the encryption process and determines the path that data takes through the relay network.

First you need to install a virtual proxy server on your computer and connect to it. Such a proxy is an intermediate link between user applications for working on the Internet and the Tor network. The most suitable proxy servers for working with Tor are Polipo. Polipo is included in all recent builds of the Tor suite. More advanced users may prefer Privoxy. In this case, when installing the Tor kit, you must uninstall Polipo. The Vidalia program is used to control the boot and operation of the system. Essentially, she is graphical shell Tor. With its help, you can start Tor and a filtering proxy server, as well as stop them at any time. In addition, Vidalia provides access to a network map, and also opens up a lot of other opportunities. When all the necessary software is installed, you can “torify” applications - that is, configure them to work with the Tor network.

For maximum user convenience, it is possible to download the Tor package, which includes Vidalia, Polipo and portable version Firefox with various addons that increase user security. In particular, we are talking about the Torbutton extension, which blocks browser plugins such as Java, Flash, ActiveX that can be used to reveal your IP address. In addition, it can be used to enable or disable Tor in the browser. Thus, in the first case, Firefox will work through Tor, and in the second, directly.

Add to list useful applications Tor includes TorChat, a decentralized anonymous messaging system. To securely redirect all TCP/IP and DNS traffic on the Tor network, use the Tortilla utility. This application allows you to anonymously run any software under Windows, even if it does not support SOCKS or HTTP proxies.
As noted, using Tor does not guarantee you complete security. It's no secret that the last node in the chain sees traffic in unencrypted form. Attackers use this to steal passwords and logins. However, even on the official website it is written that you should not count on complete anonymity when using Tor.

I2P

I2P (“Invisible Internet Project”) is open-source software created to organize a highly stable encrypted network and is used mostly for anonymous hosting (creating websites, forums, chats, file-sharing servers, etc.). As for web surfing, the possibilities here are limited. The fact is that only a small part of network clients decide to open their channels for mass use. The main task of I2P is anonymous hosting of services, and not providing secure access V Global network, as in Tor.

Another difference between I2P and Tor is the routing method. Thus, Tor uses “onion routing”, and I2P uses “garlic” routing. If Tor creates a chain of nodes through which traffic is transmitted, then I2P uses input and output tunnels. Thus, requests and responses go through different nodes. Every ten minutes these tunnels are reformed. “Garlic routing” implies that a data packet (“garlic”) can contain many “teeth”, that is, encrypted messages from both one’s own and others. Each with instructions for its delivery. Due to this, the recipient's server cannot accurately determine the sender, and vice versa.

To use I2P, make sure you have Java installed on your computer. On the official website of the project, in the “Installation from scratch” section, you need to select the operating system and download the installer. After installing the software, enter the address 127.0.0.1:7657 in the address bar of your browser to call the web interface. Within a few minutes, the I2P network will be configured and you will have anonymous access to all resources of the pseudo-domain.i2p. To access the Global Network, just enter the proxy server address 127.0.0.1:4444 in the browser settings. Since the exit from I2P to the Internet is carried out through certain gateways, you cannot count on high speed in this case.

Freenet

Another anonymous decentralized network designed for storing data. Freenet includes a group of so-called "freesites" (anonymous websites), file sharing and search. Files that the user wants to host for public access, are distributed among the computers of other network participants in encrypted form. To download a file, you need to know the key that will allow you to collect this file from the computers of other network users. This approach helps protect the user from tracking. Indeed, in this case, no one, not even the user himself, has any idea what pieces of files are stored on his hard drive. Such a data store cannot be detected and deleted. However, this same factor is also a disadvantage of Freenet - the search system is still imperfect.

To use Freenet, download the installer and run it. The Freenet program and other required components will be installed on your computer. When the installation process is completed, the Freenet user interface page will open in the browser. The program works with most routers. But if you have any questions, the answers can be found in our detailed FAQ. Subsequent access to Freenet can be done through the system tray menu, using the Browse Freenet shortcut on the desktop, or through the Start menu. You can also open the program by entering the combination 127.0.0.1:8888 in the address bar of your browser. For greater safety you should use separate browser for Freenet, preferably in privacy mode. IE does not work well with Freenet, so it is preferable to use Chrome, Firefox or Opera.

By default, the Freenet client will operate in neutral mode, automatically connecting to other nodes. However, if you know several people who are already using this network, you can add them as friends and then turn on the mode increased security. In this case, your Freenet client will only connect to friends, making it almost impossible to detect your presence on the network. At the same time, you will be able to use Freenet resources through your friends, as well as friends of your friends. In this mode, the network will not work very quickly. You can increase your work speed by adding more than ten users as friends with whom you will be online at the same time.

To add a friend, you and him need to exchange node links. You can send the file to another network participant, and also add your own node link using the form at the bottom of the page. When both parties exchange node links, your friend's node will appear in the Friends tab with a status of either Connected or Busy. You can set a name for your node on the configuration page to make it easier for your friends to know it's you. It is recommended to only add people you actually know as friends. If you're looking to set up third-party tools for use with Freenet, you'll find this guide helpful.

RestroShare

This is open cross-platform software for building a decentralized network based on the F2F (Friend-To-Friend) principle. File sharing and communication here occurs exclusively with trusted friends, and not with the entire network. After authentication and asymmetric key exchange, the connection is established via SSH. OpenSSL is used for encryption, you can open access to folders. Friends of friends will be able to see each other if users enable this option, but they will not be able to connect. It turns out to be a kind of analogue of a social network.

RestroShare has several services for communication: private chat, mail, forums, as well as voice chat using a VoIP plugin. When you first start it, you are prompted to create a profile and generate a PGP key for authentication. After creating an account, you need to open the settings by clicking on the gear icon. In the Server subsection, you should enable UPnP and select DarkNet or Private mode. A similar setup must be performed for another client.

Now you can add new contact by clicking on the plus sign and selecting Add friend. Next, you need to exchange PGP keys with a friend. Some time after entering the key, clients will find each other, and the new account. To exchange files, you must make at least one folder available. It's safest to only allow friends to view. To download files, go to the Files section, where, by selecting a friend, we can download the available content. IN context menu you can run the command to download the necessary data.

01/29/17 3.9K

In this article we will talk about all aspects related to anonymity on the Internet so you can maintain your privacy while browsing the Internet:

We are not saying that you can become completely anonymous, it is almost impossible. But what we can actually do is try to make online interactions more hidden.

Stay incognito

Private browsing mode or incognito mode is a feature that is the second most popular browsing option in browsers. It is quite suitable for those cases when you access the Internet from someone else's computer and want to check your Facebook, Twitter or email accounts.

Likewise, it is ideal for testing sites that are heavily loaded with cookies. And also for those cases when the computer you are working on has public access.

Private browsing does not completely erase your fingerprints. Certain items, such as DNS lookups and some cookies, may remain after the session. So it's better to consider programs for anonymity on the Internet as a temporary measure. The main thing I want to draw your attention to is do not save your browsing history on a public computer.

If you want the best example, then open a private browsing session and browse a few sites, then exit the session, go to command line and enter the following:

Ipconfig/displaydns and press Enter.

This will be a list of all cached DNS entries visited from your computer, regardless of whether you used a private browsing session or not.

To delete entries, enter the following command:

Ipconfig/flushdns and press Enter.

This will clear the list and prevent any attempts to access it. It's also a good idea to set up a batch file that will start the browser in private browsing mode and automatically flush the DNS records when closed. This method can be used to maintain a certain level of privacy.

False identity

Using a fake identity sounds more intriguing than it actually is, but in many cases it is quite effective for achieving anonymity on the Internet:

Consider this example: you use the address Email to login to Facebook, Twitter, eBay and online games. This may seem quite reasonable, but for the hacker the task is now much easier. He only needs to hack one account or track you. But if you had many aliases, it would take a hacker much more time and effort to track down all the fake identities and identify the real user.

It's a simple concept, but it can be used to great effect to disguise your online activity. There have been cases of people using over fifty fake names and email addresses to log into websites to avoid identifying their real identity.

There are few reasons to provide your real identity online. Most sites only collect and sell your information, or use it for advertising purposes, so never provide your real email address, home address or contact information on public sites:

If using fake identities is a hassle and you need something like a fake identity generator, you'll find it here.

How to maintain anonymity on the Internet? This site can completely create a fake identity with names, addresses, email addresses and phone numbers. He may even provide you with a number of fake credit cards, mother's maiden name, vehicle, blood type, height, weight and QR code, which can be used on not very reliable sites. Obviously, all data provided is fake and any resemblance to a real person is purely coincidental.

The fake name generator also creates a fake email address that is working and you can use it to receive one-time email verification links. However, you cannot be sure who is also using this service. Nobody knows who else has access to this system. So it's better to think of it as a tool for generating email addresses that can be used to fill out various online forms.

Tools that help you stay invisible

There are a number of programs that can be used to hide your activities, erase your digital fingerprints, or remain invisible on the Internet. The most famous of them is the Tor Network. But those who require a higher level of encryption and anonymity may want to consider using a VPN (Virtual Private Network).

Tor Network

Tor is program for anonymity on the Internet in Russian, through which your online connections are passed through connected networks, each of which is owned by volunteers from around the world. The essence of this concept is to block the ability to track a user and find out his location, and to provide you with the opportunity to visit blocked sites:

Tor Browser Bundle is a free package for Windows, Mac and Linux that, when launched, automatically connects you to the Tor Network and also launches a specially designed and modified version of Firefox.

Once the package is launched, when you start browsing sites through Tor, all content you connect to is transferred encrypted and passed through the network system mentioned above. Tor Browser Bundle works effectively with any TCP instant messaging, remote login, and other browser applications. However, this product does not guarantee 100% anonymity and should not be used to download illegal music or movies. This can cause congestion on the Tor network and cause problems for users who use the package for proper purposes.

The protocols used by P2P sites can often be used to scan an IP address, and will allow you to figure out your actual IP address, not the one generated by Tor.

However, Tor is a great product that you can use to stay anonymous. Built-in version of Firefox, based on the Extended Support Release ( ESR) Firefox by Mozilla, specially modified to optimize security and privacy features. To achieve this, access to the Components.interfaces element, which can be used to identify the user's computer platform, was blocked. With the exception of some Flash add-ons, caching of SSL sessions is prohibited and DNS information leakage via WebSockets is blocked.

By using the Tor Browser Bundle, you will be relatively protected from online snooping ( except for the most cunning attackers). Although ensure complete anonymity on the Internet you won't be able to:

If you look at the above screenshot, you will see that by navigating through Tor, your IP address is hidden. This is achieved by disabling JavaScript. In addition, the modified version of the browser successfully blocked the scripts necessary to collect information about your system.

If you'd like to try the Tor Browser Bundle and see how well it does at hiding your digital fingerprints, head over to the Tor website where you can download the bundle itself. And also get more information about how Tor helps you achieve anonymity and security when working on the Internet.

HMA VPN

This is an impressive VPN service from the UK that allows the user to hide their IP addresses, unblock some sites, geo-restricted channels and anonymously visit sites through one of the company's over 50 thousand private and anonymous IP addresses:

HMA's 934 VPN servers are located in 190 countries, using OpenVPN, PPTP and L2TP protocols. It is useful and easy to use software. All you have to do is subscribe to one of tariff plans: £7.99 for one month, £5.99 per month for six months or £4.99 per month for a year. After this, you need to install the software, enter your username and password and connect to the service.

All the hard work and configuration VPN for online anonymity Internet is provided automatically. In addition, a special built-in function “ Speed Guide" will automatically select the fastest VPN server based on your current location and connection.

The software is available for Windows, Mac and Linux. After you have registered an account and paid for the selected tariff plan, you can download the necessary software through the HMA control panel:

Manager software The VPN includes some interesting features, one of which is the connection speed review. You can also choose which VPN protocol you want to use. One of the most popular and fastest protocols is OpenVPN. In addition, you can set the parameters to change the IP address randomly every few minutes.

The program contains convenient function « Secure IP Bind", which prevents applications from connecting to the Internet when HMA VPN is not running. You can choose your own country-specific VPN server and adjust the load ratio to connect to the VPN server with the fewest users and get more resources at your disposal.

CyberGhost

VPN, which is rightfully considered one of the best methods of anonymity on the Internet. CyberGhost 5.5 was recently introduced, which includes a number of additional benefits available in the paid package. Hiding your IP address and encrypting your connection is the norm for the CyberGhost team, but they feel they can do even more for you:

New features include Ad-Blocker, anti-virus protection malware and viruses, data compression, tracking prevention, forced transition to HTTPS, as well as access through the fastest servers.

The data compression feature increases the speed of your mobile connection, and also identifies and actively removes any content that helps collect information about the resources you visit.

Forced transition to HTTPS is useful function which many VPNs don't implement. By forcing a secure connection, you increase security of your work on the Internet and reduce the risk of your data being stolen:

In addition to new features, CyberGhost 5.5 features a faster and more user-friendly interface. Connections to servers located outside the UK are faster and overall download speeds are faster. The service also provides handy graphs that show how many cases of blocking, tracking, and forced switching to HTTPS occurred while using CyberGhost.

For getting additional information About, how to maintain anonymity on the Internet and the cost of various plans, visit the CyberGhost website.

Browser Add-ons

If reducing traffic isn't a big concern for you and you're only concerned about snooping, then use one of the many free add-ons available for IE, Chrome, and Firefox.

They can help block certain scripts and pop-ups, as well as identify elements that track your location.

DoNotTrackMe/Blur

Recently released, but already widely known, improved version of DoNotTrackPlus. Compared with previous versions Over 300 advertising platforms have been added to its blacklist, as well as more than 650 tracking technologies:

The add-on is available for Chrome, IE, Safari and Firefox. Once you install the extension and restart your browser, the DNTMe icon will appear in your toolbar and DoNotTrackMe will begin logging attempts to track your activity.

DNTMe works great in parallel with already installed add-ons. Your browsing experience will not be slowed down, and you will see the same content as before, except for some of the ad elements that are being tracked. You will receive information about the number of attempts made and blocked.

Adblock Plus

Another free add-on for IE, Chrome and Firefox. It is considered one of the best for ensuring anonymity on the Internet, blocks phishing and tracking, and protects you from malware and unwanted advertising:

You can add ready-made filters or use custom ones. But be careful when using unknown filter lists, as they may miss something important.

NoScript

Extension for Firefox, Seamonkey and other browsers from Mozilla. It is a free and open source package and blocks all JavaScript, Java, Flash and other unsafe plugins unless they are trusted. NoScript can be installed either through the repository Firefox add-ons, or directly from the NoScript website:

NoScript does an excellent job of hiding information about your location and activity from scripts that request such data. The extension hides your digital " fingerprints» from the vast majority of sites on the Internet and provides decent level of anonymity and confidentiality.

Conclusion

Nowadays it is impossible to get complete anonymity on the Internet. This will require a secure VPN server. a large number of browser-based blocking methods and special operating system settings.

From month to month, topics pop up on underground forums - how to create maximum anonymity for yourself and become invulnerable, will VPN and pulled socks be enough, etc. heresy, which has become boring and which is already answered with memorized phrases like - They will find it if they want, there is no such thing as 100%.

We take shovels and stretchers.

No matter how sad it is to say this, we will still need a VPN, you can buy it, steal it, give birth to it, in short, how to get it is up to you. I wouldn’t bet on free ones, if you really don’t have any money, buy from kebrum, there are only 5-6 bucks per month tariffs, there are no restrictions, and there is a demo mode, if you don’t download torrents you can work in demo mode, it’s a no-brainer . Okay, somehow you got hold of the VPN, what next?

And then YES-YES-YES, that same TOR, download, install, everything works out of the box, although out of the box if you use Windows, you will have to fuck around a little under Linux, but your efforts will be rewarded, I personally built everything on Ubuntu 12, at first I spat, but now it’s just fucked up, I’ve got an erection. In general, the TOR that comes in the box has the same brake, so you need to configure it correctly, with this config, your TOR will fly faster than an airplane + countries that we don’t need will be excluded, that is, we will never get a Russian IP address as an option and we will constantly exit through American nodes, of course we will mow down under the Amer.

TOR Config

You can easily find out how and where to push it on Google.

ControlPort 9051

DirPort 9030

DirReqStatistics 0

ExitNodes (US)

StrictExitNodes 1

ExcludeNodes (RU), (UA), (BY), (LV), (LD), (MT), (GE), (SU)

ExitPolicy reject * : *

Log notice stdout

Nickname R1

ORPort 3055

RelayBandwidthBurst 10485760

RelayBandwidthRate 5242880

SocksListenAddress 127.0.0.1

StrictNodes 1

What we have is that we select Exit nodes only from the USA by explicitly specifying (US), all intermediate and input nodes will change by country except these: (RU),(UA),(BY),(LV),(LD),( MT),(GE),(SU), this list of countries was compiled by experienced carders, perhaps some other countries should be added to the list, if you know which ones, be sure to share. We don’t pay attention to all other values; if you want, you can read about each parameter separately on TOR’s offsite, provided that you know English language or using the translator from the giant.

This means that we have configured TOR, acquired a VPN, and the foundation is ready. As we know, all traffic on the Exit node in the tor is transparent and can easily be intercepted by an attacker, but we will not leave the bad guys a single chance. Let's build an SSH tunnel over this entire foundation. That is, this is what we get:

1. We connect to the network via VPN, accordingly we become an American, the IP changes to American (you can build your own chains and, if you wish, configure them as you like, the countries can be any).
2. Next, we launch our configured TOR; accordingly, TOR will work through the VPN channel we previously connected.
3. We stretch an SSH tunnel proxied through the TOR network on top of everything available.
4. At the output we have the IP address of the SSH tunnel. And encrypted traffic goes through the Exit node and not a single bad guy will decrypt it and burn your secrets.
5. PROFIT!

We have already discussed the first two points, I think everyone understands everything. But let's take a closer look at stretching the tunnel. Since I have Ubuntu (for these things I recommend Linux, because the SSH tunnel under the windows is fucking unstable, you’ll spit), I’ll tell you how to do all this on Nix systems. In order to create an SSH tunnel, we need to have an SSH shell on some server, I won’t tell you how to do this, you can again - buy, steal, give birth. In short, roughly speaking, we bought an SSH shell on an American server, what next, and then we need to build another wall. In the console we write the command:

sudo proxychains ssh –D 127.0.0.1 : 8181 username @ 142.98.11.21

The proxychains command means that we run ssh through our local TOR server on port 9050 (roughly speaking, we proxy our tunnel), then comes the –D parameter, which creates a socket on port 8181, and then the SSH server address itself, where first the login goes, and then through the dog itself is the IP address of the server. We press enter and see this bullshit:

| S-chain | -< > - 127.0.0.1 : 9050 - & lt ; > < > - 142.98.11.21 - & lt ; > < > - OK

If you see OK, then screw it, we connected to the server via the TOR network, then enter the password, press enter again and minimize the console, meanwhile on the local host 127.0.0.1 on port 8181 we have a socket hanging, through which we will now access Internet.
There are a lot of letters, I hope everyone understood everything, although this is a confusing topic, there is no other way to do this operation. Over time, get used to it and in a minute, you’ll be creating incredibly cool channels for yourself.

How will we be caught?

Let’s say you stole a million money and they announced a reward for your ass. Accordingly, I start looking for you. Let's look at how the chain will unwind.

1. Since the final IP address of the SSH shell, don’t feed it bread, all efforts will be thrown there.
2. Since our SSH shell goes through the TOR network, the chain changes accordingly every 10 minutes, Exit nodes, middle servers and incoming nodes change. It’s a hell of a mess here, I personally can’t even imagine how it will be possible to find anything in all this fucking. Our traffic is encrypted on all nodes, sniffing an Exit node will also not work, TOR chains can even be built across the whole world. So this is some kind of unreal, even if they find an Exit node, then they will have to look for a middle server. And all this requires funds, connections and a lot of other things, not every office will do this, it’s easier to forget.
3. Let's assume that a miracle happened, the TOR network let us down and told us our IP address to the VPN. Well, what can I say - it all depends on the VPN server, administration, weather conditions and many other factors. It depends on your luck, either the VPN will hand over all your logs or not.
4. Even if they determined your real IP address, they found out your country and city. This doesn't mean anything yet. Nobody canceled the left sim cards, the neighbor's Wi-Fi. Well, this is completely for paranoids like Bin Laden, according to some sources, his security was built exactly in the way that I am describing to you, although this is again a dead telephone. If you want to do it well, do it yourself! You can reinforce your invulnerability with the thought that if they want to find you, then they will need very good finances, because just imagine what an operative will have to do, at least to get logs from an SSH server, not to mention the TOR network.
5. In this example, I am not considering the i2p network, this is shit about nothing at all, firstly, you will never get real speed from it, secondly, you will not be able to log in to any site, because i2p is not friendly with cookies at all, thirdly, the output We will always have a German IP address. These are the main points that make you want to send i2p to a big juicy dick.

Safe surfing or digging in

You and I have successfully built 50 percent of our fortress; it’s better to spend one day on all this, but then in a few minutes bring the system into complete deflation. But what is this fortress to us if we inherit? Let's make it more difficult and set our browser to be completely fucked up. That is, we will not allow our browser to give us away completely. Of all the browsers available in the world, only Firefox can be successfully customized, and that is what we will choose. To do this, download the latest portable version, Google to help, unpack and launch.

This will allow us to disable all unnecessary crap that can burn us, like Java, Flash, etc. unknown shit. Next we install the following plugins:

You don’t need to install a screenshot, page hacker and hackbar, it’s not for everyone, everything else should be required. Then we set the checkboxes as in this screenshot, this will not allow us to burn on cookies, that is, after closing the browser, all cookies will be deleted and there will be no further problems if you accidentally forgot to build anonymous tunnels.

about< b > < / b >:config

and look for the line geo.enable - set this value to false, this will allow us not to tie the browser to our location. So, we’ve sorted out the basic settings, now let’s configure the installed plugins.

NoScript

First of all, we set up NoScript, you don’t need any special intelligence there, just check the box – Deny all JavaScript and that’s it, although I still dug around and turned off all unnecessary notifications. Please note that when NoScript is enabled, some sites that contain Java scripts will not work for you; one way or another, sometimes you will still have to disable this plugin, because there is no way, or use mobile versions site. With the plugin disabled, we will burn a lot of data about ourselves, for example, browser version, screen resolution, color depth, language, operating system and much more, including your real IP address. So, it’s either all or nothing!

ModifyHeader

With this wonderful plugin, we will filter some of the transmitted headers, not all of them, of course, but only those that can be filtered, look at the picture and repeat after me.

Once finished, click on the face with the inscription Start, the plugin will be activated and will filter headings that we do not like. Let's move on.

FoxyProxy

This plugin allows us to easily switch between proxies, for example, you want to access the Internet bypassing the ssh tunnel, or vice versa, use the entire existing chain, or you only need TOR, there are many examples. Let's create the following diagram:

I have only 3 points here: work through TOR, work through a tunnel and direct traffic without any proxies.

Work via TOR is configured as follows: 127.0.0.1 port 9050 + you need to check the box in Socks5
Working through a tunnel, set 127.0.0.1 port 8181 (we specified this port when creating the ssh tunnel, you can choose any other), and also check the box for Socks5. We save and close everything.

In the first case, we will be able to access the Internet through a VPN, and then launch the browser through the TOR network; accordingly, our traffic will not be encrypted on the Exit node.

In the second case, all our traffic goes through a VPN, then we proxy the ssh tunnel through the TOR network, at the output we receive encrypted traffic and the IP address of the ssh server we have chosen.

In the third case, we completely disable all proxification and go online with the IP address of our VPN server.

This whole thing can be easily and conveniently switched with the mouse and you should not have any difficulties.

We are done manipulating with plugins, I hope I have conveyed to you the basics of all this junk, but if you don’t understand something, ask in the comments. In principle, we made ourselves a secure browser. Now we can surf the Internet and not be afraid that we can be identified by some signs, in fact, we disguised ourselves as an ordinary ordinary American, nothing gives us away. Here is the report itself, how we look to others:

Conclusions e

In this article, I introduced you to the possible concept of anonymity on the Internet. In my opinion, this is the optimal scheme, of course you can add DoubleVPN, Socks and three more boxes to this entire chain, but the speed will not be the same, it all depends on desire and degree of paranoia. I described all the pros and cons of the scheme above, I hope you liked it and it gave you some good thoughts.

Cookies and strategy

In addition to all this, I want to remind you that you should not forget about other precautions, for example, installing an English-language operating system, using virtual machines for menial matters, change the Macaddresses to network cards, encrypt hard disks, with each new connection, be sure to check your IP address on specialized resources, that is, connected a VPN - checked the IP address, connected TOR, checked again, and so on, as usual, there are situations when the VPN seems to have risen, but the IP has not changed, here and burned, so we definitely take into account all the little things, it’s better to check it a hundred times than to regret it for a hundred years later. Also, when making transactions, do not use ICQ, exclusively jabber and exclusively connect it through created tunnels; in extreme cases, you can get by with just TOR. Store all the money you earn online in LR or in YaD, then buy Bitcoin with it, and then all funds are withdrawn anonymously by anyone in a convenient way. After each transaction, change your Bitcoin wallet (it’s done in a couple of clicks), then pour all your funds into one that doesn’t appear anywhere. Don’t forget to proxy all the applications we work with, you can generally configure the entire system so that absolutely all programs will access the Internet through your tunnels, again, I’ll direct you to Google, there’s plenty of information about this. If Windows is overly important to you and you cannot or cannot tolerate Nix-like systems, then the same can be done under the windows, but believe me that there will be more hemorrhoids and stability will drop significantly, so be patient and learn Linux if you have already chosen the dark one side. With this I hasten to say goodbye to you! If anything is not clear, ask, I’ll clear it up! Bye bye!

All the information I have provided in this topic is given for informational purposes only and is not a call to action, all responsibility lies on your shoulders.

Upd:

Another interesting thing has been discovered in Firefox, let me tell you!

Enter into the address bar of the browser: about:config
We are looking for the parameter: network.proxy.socks_remote_dns
We post it in: true

The browser is now configured to use the DNS servers of the SSH tunnel itself. For example, if you go to whoer.net with similar browser settings, you will see the DNS server of the country of the SSH tunnel, and not the DNS of your ISP or the OpenVPN server through which you access the Internet.

Last updated by at July 2, 2015.