|
Anonymous #1
|
Re: Nerotik's Network Security and Anonymity Guide. [Re: decaf]
#26173895 - 09/07/19 09:03 AM (4 years, 8 months ago) |
|
|
Please don't distribute this as a PDF. The format is horribly insecure for everyone.
From the reader's perspective, PDFs can run scripts and connect to the internet. What's the point of publishing a PDF about Tor when the document itself can connect to a server and bypass Tor's IP address obfuscation? Besides the inherent risk of the document being able to run arbitrary programs. The Tor Browser is dead simple to use, being a hardened Firefox fork that automagically establishes a secure network connection.
From the writer's perspective, there's too much damn metadata. It sounds like your guide has embedded screenshots. Did you strip the metadata from these images before adding them to the PDF? What about the metadata of the PDF itself? The only way to make a clean PDF is to copy its contents into a fresh document without metadata.
On Tor itself, please know your use case! It's not an invisibility cloak for the internet, rather a highly visible anomaly on the network. Tor traffic glows on the wire, but all Tor traffic looks the same. You should use Tor at a public access point with a spoofed MAC address. Otherwise you're pointing a neon arrow at your workstation that says, "I have something to hide."
That's actually how they caught the Harvard bomb threat guy: check the logs to see who on campus used Tor when the bomb threat was sent. All he had to do was walk across the street to a cafe and spoof his MAC address before connecting.
Edit: Sorry, I didn't realize this thread is 10+ years old. Oh well, it's already bumped.
Edited by Anonymous (09/07/19 09:06 AM)
|
LateForTheFuture
Old Hand



Registered: 02/24/03
Posts: 845
|
Re: Nerotik's Network Security and Anonymity Guide. [Re: YuriKalevra17]
#26181634 - 09/11/19 11:02 AM (4 years, 8 months ago) |
|
|
Quote:
YuriKalevra17 said: From what I understand, it takes a lot of resources, like federal-level resources, to identify tor users. I read a book about how they tracked and caught Silk Road creator Ross Ulbricht (spell check?) by identifying a unique tor traffic pattern that could be matched to his network use. This was a multi-agency federal task force though that involved the FBI, IRS, and several other big-budget federal agencies, so I don't think it's within the means of local or regional PD.
I think tor is relatively safe but, for maximum operational security, using Tails OS (which includes Tor Browser) on public WiFi is one of the most secure, in my opinion.
They caught him from a simple google search that lead to his account here on the shroomery.
|
FungiMaster
Entrepreneur



Registered: 10/31/19
Posts: 998
Loc: Bay Area, CA, USA
Last seen: 4 years, 5 months
|
Re: Nerotik's Network Security and Anonymity Guide. [Re: LateForTheFuture]
#26294153 - 11/02/19 12:55 PM (4 years, 6 months ago) |
|
|
just read a ceh book for network security.
|
FungiMaster
Entrepreneur


Registered: 10/31/19
Posts: 998
Loc: Bay Area, CA, USA
Last seen: 4 years, 5 months
|
Re: Nerotik's Network Security and Anonymity Guide. [Re: FungiMaster]
#26352815 - 11/29/19 08:46 PM (4 years, 5 months ago) |
|
|
Dude, that's a pretty geeky self help guide.
|
catalog99
Stranger

Registered: 06/12/23
Posts: 18
Last seen: 1 month, 18 days
|
Re: Nerotik's Network Security and Anonymity Guide. [Re: Nerotik]
#28476223 - 09/20/23 10:46 AM (7 months, 24 days ago) |
|
|
The instructions in this tutorial are outdated. Is there an updated tutorial?
|
cidero
Stranger

Registered: 10/15/22
Posts: 50
Last seen: 27 days, 9 hours
|
Re: Nerotik's Network Security and Anonymity Guide. [Re: catalog99]
#28523411 - 10/30/23 01:14 PM (6 months, 15 days ago) |
|
|
Yes, this is really outdated and nowadays plain wrong information, please do no rely on any of this! Vidalia was discontinued almost 10 years ago. Use Tails.
|
|