TUCoPS :: Privacy :: anonym~1.txt

The Anonymity Tutorial, by RaveN

The Anonymity Tutorial / written by yours truly, R a v e N (blacksun.box.sk)
<=============================================================================> version 1.4, 24/9/99

Note: whenever you see something like this: blah(1) it means that if you
don't understand the meaning of the word blah there's an explanation for
it just for you, located on the newbies corner on section 1.

Note 2: if you're having a hard time reading this page because you have
to scroll to the right whenever a long line comes, it's probably because
you're not using "word wrapping".

Most UNIX text editors and advanced Windows editors (and some less
advanced ones like Wordpad) do this by themselves.

To do word wrapping on Microsoft Notepad, simply go to Edit and then
click on "Word wrapping".

Author's notes
==============
If you have any comments or questions regarding this tutorial (no
flames(10) or spam, please) Email me at barakirs@netvision.net.il.

Visit blacksun.box.sk for more tutorials, free hacking/programming/unix
books to download and much more.

Disclaimer
==========
We do not encourage any kinds of illegal activities. If you believe that
breaking the law is a good way to impress someone, please stop reading
now and grow up. There is nothing impressive or cool in being a
criminal.

Contents
========
Anonymity?
* You mean I have absolutely zero anonymity on the web?
* So what? Why would I wanna be anonymous anyway?
* Okay, I see your point. Anonymize me.
Proxies?
* What are proxies?
* What are public proxies?
* Where can I find lists of public proxies?
* Are they good for anything besides anonymity?
* Okay, so how do I use them?
Wingates?
* What are Wingates?
* How can I use them to anonymize myself?
* Wingates sound useful. I wanna run one on my own computer. How do I do it without turning it into an "anonymity hive"?
* How can I tell IRC clients, instant messangers such as ICQ, etc', to use them?
Anonymous Remailers?
* What is an anonymous remailer?
* How can I use them to be more anonymous?
* Why would a person start an anonymous remailing service? Where's the catch?
Encryption?
* Why should I encrypt my Email?
* How can I encrypt my Email?
Cookies?
* What are cookies?
* Can they risk my privacy?
.chk files?
* What are they?
* How can they risk my privacy?
The Anonymizer?
* What is the anonymizer?
* How can I sign up?
Where can I learn more about anonymity?
* Useful URLs.
* Other useful tutorials by Black Sun.
Appendix A: Using Altavista as a "proxy"
* How can I use Altavista's web translation service to anonymize myself?
Appendix B: Spoofing browser history
* How can I spoof my browser's history?
Appendix C: the +x mode
Bibliography
* http://www.theargon.com
* Anonymizer.com
* Various tutorials
Other Tutorials By Black Sun
* FTP Hacking.
* Overclocking.
* Ad and Spam Blocking.
* Sendmail.
* Phreaking.
* Advanced Phreaking.
* Phreaking II.
* IRC Warfare.
* Windows Registry.
* Info Gathering.
* Proxy/Wingate/SOCKS.
* Offline Windows Security.
* ICQ Security.

Anonymity?
==========
Whether you realize it or not, the Internet is not as anonymous as you
might think. Here are a few examples:

1) You enter a website. Once you hit any one of the files on the
webserver, the website owners can find out these pieces of information
about you, and much more:

1. Your IP Address.
2. Your hostname.
3. Your continent.
4. Your country.
5. Your city.
6. Your web browser.
7. Your Operating System.
8. Your screen resolution.
9. Your screen colors.
10. The previous URL you've been to.
11. Your ISP.

And this is just the tip of the iceberg. Go to our homepage at
blacksun.box.sk and find the web statistics button (later addition: we
have terminated our account on our webstats provider because they were
quite buggy, and we've decided to use a php3-based text counter). There
you will be able to see how much we can tell about our visitors

2) Another example: you're connected to an IRC network and you are
chatting with your friends. Right now all a person needs to find
information on you is nothing but your nickname. He doesn't even have to
know you, or be in the same channel/channels you are. Here are a few
examples of what you can find by simply knowing a person's nickname (in
the most optimal conditions):

1. Your real name.
2. Your Email address.
3. Your IP address.
4. Your hostname.
5. Your ISP.
6. Your continent.
7. Your country.
8. Your city.

And much much more.

The same goes for online games that allow players to view the other
players' IP addresses.

3) Suppose my name is Paul Matthews, and my Email address is
pmatthews@boring.ISP.net. It is extremely easy to figure out that the
first letter of my first name is P and that my last name is Matthews,
but that's not all.

Some ISPs give their entire listings to web directories. Meaning, people
can go to, say... whowhere.com, punch in the words Paul Matthews or
search for people with Matthews as their last name on boring.ISP.net and
find out that pmatthews@boring.ISP.net does actually belong to Paul
Matthews, hence discovering your real name.

But it is also possible to use these web directories for 1,001 uses.
Therefore you should go to whowhere.com as soon as possible, try to
track down yourself and then tell whowhere.com to delete your listing.

4) Some ISPs also run finger daemons.
A daemon is a program that waits for incoming connections on a specific
or several ports.

The finger daemon is a daemon that waits for open connections on port
79. Once you get in, you need to punch in a username on the system the
daemon runs on and you will get tons of information about him.

For example: a while ago my ISP was running a finger daemon on their
servers (until I forced them to take it off because it was a privacy
invasion). Now, suppose you know nothing about me besides my Email
address, which is barakirs@netvision.net.il. The first thing you should
do is to go to netvision.net.il on port 79 and hope there's somebody
there. If there is, you can find the following information by typing in
my username, barakirs:

1. My real name.
2. When was the last time I was online.
3. If I'm online right now, since when have I been online.
4. Whether I have new mail or not.

And much much more (some finger daemons might give out any pieces of
information, such as my home address and phone number).

Besides the obvious uses (finding a person's real name and other private
information), you can use this information for various purposes, such
as:

1. Most instant messangers, such as ICQ, AIM, YAHOO Instant Messanger
and MSN Instant Messanger, allow you to add people in or outside your
contact list to an "invisible list", so they won't be able to know
whether you're online or not and you'll appear to be offline to them. If
they have your Email address, and your ISP is running a finger daemon,
they are able to know whether you're really offline or just trying to
fool them.

2. Your friend promised you to do something for you on the net, but when
you finally go online to ask him if he's done it he says that he just
got back from work and that he just got online. Using finger, you can
test this and see when he really got online.

These were just a little out of many examples.
During this tutorial I will explain to you how to prevent people from
finding out information about you (there will always be new tricks, but
blocking the most basic / common ones will hold off most attackers and
make it harder for the more experienced ones). If you really wanna learn
how to do these things, as well as some really cool and advanced tricks,
then read the 'Info-Gathering' tutorial.

Proxies?
========
Proxies were first invented in order to speed up Internet connections.
Here's how they work:

You are trying to connect to a server on the other side of the planet.
Your HTTP requests are sent to your proxy server, which is located at
your ISP's headquarters, which are a lot closer to you than that
far-away server. The proxy first checks if one of it's users has
accessed this website lately. If so, it should have a copy of it
somewhere on it's servers. Then the proxy server starts the connection
only to check if his version is not outdated, which only requires him to
look at the file size. If it has the latest version, it will send the
file to you, instead of having the far server send it to you, thus
speeding up the connection. If not, it will download the requested files
by itself and then send them to you.

But proxies can also be used to anonymize yourself while surfing the
web, because they handle all the HTTP requests for you.

Most chances are that your ISP has a proxy. Call tech support and ask
them about it. But the problems with proxy access given to you by your
ISP is:

1. Some ISPs don't even have proxies.
2. The website owner would still be able to know what ISP you are using
and where do you live, since this kind of proxies are not public and
they can only be accessed by users of that ISP. For such cases, there is
a solution - public proxies.

You can find a list of public proxies everywhere. Here are two good URLs
to start from:

1. http://www.theargon.com
2. http://www.cyberarmy.com/lists

To configure your web browser to use a proxy server, find the
appropriate dialog box in your settings dialog box (it varies from
different browsers).

Note: some proxy servers will also handle FTP sessions (some might
handle FTP only).

Wingates?
=========
Wingate is a program that is used to turn a PC running Windows 9x or NT
into a proxy server. Here are several reasons for why a person would
want to run such an application and turn his computer into a proxy:

1. If he owns an ISP and he wants to set up a proxy for it.
2. If he wants to turn his computer into a public proxy.
3. If he wants to give Internet access to a whole bunch of computers
that are connected by a Local Area Network, but he can provide Internet
access for only one computer. In that case, he would turn his computer
into a proxy server and set all the other computers on the network to
use him as a proxy. That way all the rest of the computers on the
network will relay their HTTP and FTP requests through a single
computer, a single modem and a single Internet account.

The problem with Wingates is that they're highly... well... they're
very... how should I say this? Stupid. Just plain stupid. Why is that?

EVERYONE can connect to your little proxy by simply connecting to port
1080 on your computer and typing 'target-ip-address-or-hostname port'
(no quotes) and replace target-ip-address-or-hostname with the IP
address or the hostname they want to connect to, and replace port with
the destination port. The "wingated" mahcine will then relay your input
through it, but it will seem like the wingated machine is connecting to
the target computer, not you.

Sure, the sysadmin of the wingated machine can change that port to a
different one, but this is the default, and if you're stupid enough to
use Wingate you probably won't want to play with the defaults.

First of all, if you need to use Wingate for some reason, use SyGate
instead. It does exactly what Wingate does, only it won't serve EVERYONE
like Wingate does.

Now, these Wingates can be used to anonymize practically anything. Also,
every program that can be set to run behind a SOCKS firewall (most IRC
clients, most instant messangers and most web browsers) will
automatically do the dirty work of routing your stuff through it if
you'll give them the IP/hostname and the appropriate port for the
wingated machine.

Wingates can also be used to get into IRC channels you got banned from
(by faking your IP).

WARNING: some IRC networks run bots that will kick out people using
Wingates. These bots try to connect to random people on port 1080. If
they succeed, they kick you out. This works because the IRC network, as
well as everyone on it, thinks that your IP is the wingated machine's
IP. If the bot tries to connect to your IP on port 1080, it will
actually go to the wingated machine. The bot will then detect that your
IP is actually a wingate and kick you off (since it's being run by the
IRC network and given enough priviledges to kick out anyone).

You can find lists of Wingates at http://www.cyberarmy.com/lists. There
are also tons of Wingate scanners out there that can scan whole subnets
and look for Wingates, but this might take some time (and make your ISP
get suspicious), so you'd just better go for CyberArmy's lists.

Anonymous Remailers?
====================
Previously I have demonstrated to you what a person with very little
knowledge can find out about you just by knowing your Email address. Now
it is obvious that to keep your privacy, you need to sign up for a free
Email account (such as Hotmail [hotmail.com], Yahoo mail
[mail.yahoo.com], ZDNet Mail [zdnetmail.com], Net @ddress
[netaddress.com], Bigfoot [bigfoot.com] etc'). But what if you had a
special Email address on a free server that automatically forwards all
incoming Email to your real mailbox and keeps all the information
discreet?

These are called Anonymous Remailers. Most of them are free and live out
of contributions and/or sponsor banners they place on their website.

You can find many many Anonymous Remailers at http://www.theargon.com.

Here's a good example for an Anonymous Remailer:
First, head to http://anon.isp.ee (by the way, the extension .ee stands
for Estonia) and sign up your free account. Once you're a registered
user, send an Email to robot@anon.isp.ee with no subject and the
following content:
user: your username
pass: your password
realaddr: your recipient's Email address.
realsubj: the subject of your mail.
Example: if I want to send an anonymous mail containing the following:

Subject: ANONYMITY RULEZ!!
Hi.
This is an anonymous Email message.
Let's see you trace me now!

to bgates@microsoft.com, and your username is user and your pass is
pass, send the following Email to robot@anon.isp.ee (remember not to
enter a subject):

user: user
pass: pass
realaddr: bgates@microsoft.com
realsubj: ANONYMITY RULEZ!!
Hi.
This is an anonymous Email message.
Let's see you trace me now!

You'll receive an Email notification from anon.isp.ee once your message
has been delivered.

Once your recipient will reply to this Email, the message will return to
you.

You can also use web-based anonymous remailers such as Replay Associates
(replay.com/remailer/anon.html), but it won't let you receive replies.

Encryption?
===========
Everyone can read your Email. Whether it's some script kiddie who hacked
your Hotmail account, a skilled cracker (or a script kiddie with a lot
of free time) that hacked your POP3 mailbox or a person who got your
Email by mistake. If you don't want other people to read your Email, use
PGP.

Everyone who uses PGP can have their own PGP key. A key consists of tons
of characters, whether they are lowercase or uppercase letters, number
or symbols. After you make your key, you need to transfer it to everyone
you want to send encrypted mail to. Once they have it, you can start
sending encrypted mail to them and they'll be able to use your key to
decrypt it.

More info on www.pgpi.com.

Note: PGP is very strong and can only be broken with giant
supercomputers. The longer your key is, the harder it is to break the
encryption.

Cookies?
========
Have you noticed how all those websites on the net are getting "smarter"
all of a sudden? You know, like the way message boards remember your
nickname, some sites remember your password so you won't have to retype
it every time, electronic malls remember what you last put in your
virtual shopping cart etc'.

This is all because of cookies. Cookies are small files which a website
can request your browser to create and then retrieve information from
them. Websites can put your password or any other information in these
files.

If you don't want your co-workers or other people to sniff around and
see where you've been visiting, what items you've been buying etc', you
should delete them when you don't need them.

On Unix, your cookies would usually be stored somewhere in your home
directory (usually /home/your-login, /usr/your-login or
/usr/local/your-login if you're a regular user and /root if you're root,
but anyone with write access to /etc/passwd can change that).

On Windows and Mac, cookies are stored on a sub-directory at your
browser's directory called cookies.

Note 1: you can tell your browser to ask you before accepting a cookie.
Just play around with it's preferences menu, you'll find it (there are
so many browsers out there so I can't give a detailed explanation for
every single one).

Note 2: if you're browsing from a public computer, do not save any
cookies, or other people will be able to snoop around and look at your
cookies or even enter various websites with your passwords, your credit
card number etc'.

A reader called Stone Cold Lyin Skunk has pointed out to me that the
cookies.txt file may be found in the netscape\users\default directory.
This happens when you register your user (Netscape let's you have
multiple users for the same program, each user with his own settings
etc') without giving it a username.

He also pointed out to me that some websites will require you to accept
cookies in order to enter them.

Also, he recommended to beware of your browser's history file
(information on removing it can be found on the "Where Can I Learn More
About Anonymity?" chapter), as well as your cache and your
preferences.js files, because they may reveal your browsing habits
(where have you been, etc').

.chk files?
===========
Stone Cold Lyin Skunk has pointed out that if you're running Windows and
you do a quick reboot (hold down shift while telling Windows to reset)
Windows generates a file called FILE0001.chk, FILE0002.chk etc' (usually
found on c:\). You will be amazed to see how much information you could
find in these files! Delete them ASAP!

The Anonymizer?
===============
The Anonymizer is an Internet service that helps you anonymize yourself
better. The Anonymizer's homepage is www.anonymizer.com. Here's a
snapshot from anonymizer.com:

+++++

Company Overview
----------------
Anonymizer.com is a pioneer in Internet privacy technologies, and the
most popular and trusted name in delivering online privacy services.
Anonymizer.com, today, has many thousand subscribers to its paid
services and makes anonymous over 7.5 million pages a month. Lance
Cottrell, founder and President of Anonymizer.com, authored the world's
most secure anonymous remailer, Mixmaster and has been active for many
years in promoting free speech. Lance received his undergraduate degree
in physics from The University of California, Santa Cruz and a masters
in Physics from The University of California, San Diego.

Justin Boyan, while a Computer Science Ph.D. student at Carnegie Mellon
University, designed and implemented Anonymizer surfing. Anonymizer
Surfing is now in its 4th generation under development by the Anonymizer
engineering team.

Our Mission
-----------
Our mission is to ensure that an individual's right to privacy is not
compromised once they are online. We began this company as a means to
protect this right as embodied in the United Nations' Universal
Declaration of Human Rights:

"No one shall be subjected to arbitrary interference with his privacy,
family, home or correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to the protection of the law against
such interference or attacks."

While written 50 years ago, article 19 of this document is now more than
ever applicable with the advent of the recent growth of the Internet:

"Everyone has the right to freedom of opinion and expression; this right
includes freedom to hold opinions without interference and to seek,
receive and impart information and ideas through any media and
regardless of frontiers."

You can read the full Universal Declaration of Human Rights on the
following URL: http://www.unhchr.ch/udhr/lang/eng.htm.

+++++

You can use The Anonymizer to surf the web with anonymity for free by
going to anonymizer.com and typing in the target URL where asked, or buy
an Anonymizer package, which will give you more benefits. If you want
some of the money you pay to go to Black Sun, subscribe through the
following URL:
http://www.anonymizer.com/3.0/affiliate/door.cgi?CMid=12437.

If you want, you too can join their affiltrates program. Simply go to
http://www.anonymizer.com/3.0/affiliate/afdoor.cgi?CMid=12437 for more
information. If you will subscribe through this URL, you will still
receive all the cash you deserve, but we at Black Sun will also receive
some benefits.

Where Can I Learn More About Anonymity?
=======================================
Useful URLs: http://www.theargon.com.
             http://www.pgpi.com (for learning about PGP encryption and how to use it to encrypt your Emails)
             IP Spoofing Demystified - a long article from Phrack magazine on IP spoofing (faking your IP). You can download it from our books section.
             http://www.cyberarmy.com/lists - for lists of Wingates, Proxies and free shell accounts you can surf from to anonymize yourself.
             http://2waymedia.hypermart.net/hh/browsers/index.htm - how to completely clear your browser's history

Other useful Tutorials by Black Sun: IRC Warfare by The Cyber God (for learning more on Anonymizing yourself on IRC), Proxy/WinGate/SOCKS tutorial by Jatt and Sendmail by me, R a v e N.

Appendix A: Using Altavista as a proxy
======================================
If you go to altavista.com, and under their tools section choose
translation (or go directly to the following URL:
http://babelfish.altavista.com/cgi-bin/translate?), you can ask
Altavista to translate web pages for you.

But you can also use this as a proxy, since when you tell Altavista to
translate a web page, Altavista's CGI translation script retrieves the
page for you.

Thanks to Yoink for this information.

Appendix B: Spoofing browser history
====================================
Here is something I got by Email from a reader called Stone Cold Lyin Skunk:


set up a V3 redirect (http://www.v3.com or something like that)
then build a quick webpage with a link to the site you want to
   view discretely
then go to your webpage via the V3 redirect

all I know is that the URL indicatoer at the top of th e borwser
will not show the URL you visit even your own .index page
it will only show the URL name

so if there is URL logging at your job or school or whatever,
they can always surf to your homepage via the V3, which they will
have. But, by then, you will have erased or. Or maybe it has
"hidden" links (links the same color as the background)...

in any case, they will not have your URLs and they certainly
won't have proof you surfed there...

for instance, you may not want, say, your local library sysop to
know about Black Sun...so you set up say, a Homestead homepage (these are 
great because they feature password protected pages) ...you then
set up a V3 redirect to that page. Bingo- you can now surf to the
page via V3, log in with your password, hit all those cool hidden
links to Black Sun, CYberArmy, peacefire.org what wahtever, and the
URL snoop software will only record the original http://surf.to/fakeoutname 
... and don't forget, make the V3 URl as
innocuous-sounding as possible...eg. http://surf.to.backetweaving ...

Appendix C: the +x mode
-----------------------
In IRC, it is possible to put yourself into mode x by typing '/mode
yournick +x' (do not include the quotes and replace yournick with your
own nick. For example: /mode raven +x).

This tells the IRC server to hide your IP, so when others try to /whois
you or /dns you, they won't be able to get your IP (they will get a
partial IP instead).

This will only work on some servers, but when you're on IRC, it is
recommended to use this option.

Also, there is a way to bypass this. By simply creating a DCC connection
with someone else (either a DCC chat or a DCC file transfer), you could
then type 'netstat' (without the quotes) on either Unix or Windows/DOS
and see what connections your computer is currently handling. One of
them will be the DCC connection to that other guy.

Why is that? Because DCC stands for Direct Client Communication, which
means that DCC actions are not done through the server, but directly
(think - why would the owners of the IRC server want people to transfer
files through their servers and initiate private chats through their
servers? It'll just chew up some bandwidth). The netstat command shows
all current connections (local or remote), and one of them will be your
DCC connection with that other guy. You will then be able to see his/her
IP or hostname.

Bibliography
============
1) The Argon - http://www.theargon.com
2) The Anonymizer - http://www.anonymizer.com
3) Hacker.co.il - http://www.hacker.co.il
4) Various tutorials.

Other Tutorials By Black Sun
============================
* FTP Hacking.
* Overclocking.
* Ad and Spam Blocking.
* Sendmail.
* Phreaking.
* Advanced Phreaking.
* Phreaking II.
* IRC Warfare.
* Windows Registry.
* Info Gathering.
* Proxy/Wingate/SOCKS.
* Offline Windows Security.
* ICQ Security.
* Hardware.
* Cracking.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH