Anonymous Browsing: Difference between revisions
From charlesreid1
(→Tools) |
No edit summary |
||
| Line 13: | Line 13: | ||
Whonix - another Linux distribution dedicated to keeping you anonymous. | Whonix - another Linux distribution dedicated to keeping you anonymous. | ||
[[Tor]] - Tor is a tool for anonymization. All it does is anonymize your traffic. | [[Tor]] - Tor is a tool for anonymization. All it does is anonymize your traffic. Tor is NOT an encryption tool - your traffic is not encrypted by Tor. Tor is NOT a content filter - it does not block cookies, Javascript, Flash, or any other nefarious elements in web pages that may be used to identify and track you. TOR ALONE IS NOT ENOUGH FOR TOTAL ANONYMITY. | ||
[[Privoxy]] - acts as a content firewall, parsing and filtering HTTP content, searching/replacing, blocking ads/images/scripts, etc. | [[Privoxy]] - acts as a content firewall, parsing and filtering HTTP content, searching/replacing, blocking ads/images/scripts, etc. Combined with Tor, this can provide you with powerful protection against cookies, Javascript, and other things that can identify and track you. | ||
[[Stunnel]] - stunnel is a way of building encrypted HTTPS tunnels to carry arbitrary traffic through arbitrary ports. Can't get SSH through that pesky firewall? Wrap the request in SSL, run it through port 443 (HTTPS port), and you're on your way! | [[Stunnel]] - stunnel is a way of building encrypted HTTPS tunnels to carry arbitrary traffic through arbitrary ports. Can't get SSH through that pesky firewall? Wrap the request in SSL, run it through port 443 (HTTPS port), and you're on your way! Stunnel works similarly to SSH, in that you need a command line at both machines for this to work. | ||
[[SSH]] - ah, yes, good ol' SSH. You can tunnel lots of stuff through SSH, which is protected with an SSL encryption layer. SSH tunnels are particularly versatile. | [[SSH]] - ah, yes, good ol' SSH. You can tunnel lots of stuff through SSH, which is protected with an SSL encryption layer. SSH tunnels are particularly versatile. For example, you can create an SSH tunnel to a local port, then run all of your browser traffic through that local port. All of your traffic will come out the other end, and all traffic will appear to come from the other end of the tunnel. | ||
[[OpenVPN]] - you can use OpenVPN to build VPN networks, but there can be some gotchas to watch out for. Example: DNS requests may not be sent through the VPN, by default, which would make the use of a VPN to mask your location useless. | [[OpenVPN]] - you can use OpenVPN to build VPN networks, but there can be some gotchas to watch out for. Example: DNS requests may not be sent through the VPN, by default, which would make the use of a VPN to mask your location useless. | ||
[[Proxychains]] - a program allowing you to run other programs through a proxy. This means you could, for example, run [[Nmap]] through a proxy server | [[Proxychains]] - a program allowing you to run other programs through a proxy. This means you could, for example, run [[Nmap]] through a proxy server | ||
Revision as of 23:11, 27 August 2015
Anonymous browsing requires a sandwich of tools to serve various purposes. This is because a computer does lots of different things that might give away its identity: perhaps through a bit of unencrypted traffic, or a native MAC address, or a nearby router, or a single login from an unobfuscated IP address, or a DNS request that wasn't sent through the right tunnel.
Think of anonymous browsing like launching a rocket. If you are successful, you can accomplish the (truly amazing) feat of being anonymous. You have the opportunity to step outside of your identity. But to successfully launch a rocket, you need to know all the different things that can go wrong (i.e., you've learned about all the other rockets that have exploded and figured out what they did wrong), and you have to take countermeasures, and make sure everything is secured properly, and all systems are go.
Cuz when you launchin a rocket, you ain't fuckin around.
Lists
Tools
Tails - a distribution of Linux dedicated to keeping you anonymous.
Whonix - another Linux distribution dedicated to keeping you anonymous.
Tor - Tor is a tool for anonymization. All it does is anonymize your traffic. Tor is NOT an encryption tool - your traffic is not encrypted by Tor. Tor is NOT a content filter - it does not block cookies, Javascript, Flash, or any other nefarious elements in web pages that may be used to identify and track you. TOR ALONE IS NOT ENOUGH FOR TOTAL ANONYMITY.
Privoxy - acts as a content firewall, parsing and filtering HTTP content, searching/replacing, blocking ads/images/scripts, etc. Combined with Tor, this can provide you with powerful protection against cookies, Javascript, and other things that can identify and track you.
Stunnel - stunnel is a way of building encrypted HTTPS tunnels to carry arbitrary traffic through arbitrary ports. Can't get SSH through that pesky firewall? Wrap the request in SSL, run it through port 443 (HTTPS port), and you're on your way! Stunnel works similarly to SSH, in that you need a command line at both machines for this to work.
SSH - ah, yes, good ol' SSH. You can tunnel lots of stuff through SSH, which is protected with an SSL encryption layer. SSH tunnels are particularly versatile. For example, you can create an SSH tunnel to a local port, then run all of your browser traffic through that local port. All of your traffic will come out the other end, and all traffic will appear to come from the other end of the tunnel.
OpenVPN - you can use OpenVPN to build VPN networks, but there can be some gotchas to watch out for. Example: DNS requests may not be sent through the VPN, by default, which would make the use of a VPN to mask your location useless.
Proxychains - a program allowing you to run other programs through a proxy. This means you could, for example, run Nmap through a proxy server