| Woodmann | 
|---|
| Staying Anonymous in 2002 | 
| Woodmann | 
|  | 
|   Tools:  | 
This is intended to help you protect your identity and your hard drive. Every few months "they" devise a new way to try to obtain information from you. Stop giving it away!
| I am a person who desires to be somewhat anonymous. Sometime ago I decided to find out
what information I was unknowingly giving away on the internet. As you all know (or should),
just about every program on your computer has the ability to upload information without 
your knowledge. "They" will try anything to get your information. Who are "they"? Advertisers, software
makers, just about every entity wants information from you. With this information each will
custom tailor what you see on your screen. We don't all see the same things all the time.
 The first thing you need is a personal firewall. I use Zonealarm. It is a free download,
go get it and install it. Set security to medium. Now If you have something like Winamp, run
the program and watch what happens. A box should have popped and is asking
for permission to let xxx(your prog goes here) have access to the internet. You might be 
wondering why does xxx want access to the internet? Why do you think? To upload information
from your computer. Try all your programs. How many wanted access that did not need it? On my
home pc Quickbooks wants access, why? There is no reason that anyone needs to know what I
doing with my Quickbooks. Why let them see it? Maybe they are checking reg numbers, who knows.
The bottom line is the only programs that need access to the internet are the ones that
NEED to exchange information. Winamp is playing an mp3 on your hard drive, it doesn't need
access to the internet to operate. How do you set Zonealarm up? 'Tis an easy task :-) After you have installed it, open it and
take a look around. As I said, I set my security levels to medium. If you set them to high
you will have troubles with some file transfers and chat/voice programs. I have never seen 
anything escape with it set to medium. All the settings under the "programs" heading should 
have a green question mark . Check them all and make sure they are set this way. Red X's
will block a program from access. Your computer will not even ask you, it will just disregard
it. Alerts is where all your "intrusions attempts" are kept. Sometimes people or other entity's
desire to get INTO your computer from the OUTSIDE. With your security set to at least medium,
when "they"
attempt to get in it will pop a box that says: The internet firewall has blocked access to your
computer from :111.1.1.11:5555(something like this). Zonealarm keeps these in a log file so you
can peruse them at your leisure. If you are like me and just have to know who/what is trying
to get in, fire up your favorite tool suite(finger,traceroute,whois, blah blah blah) And have
a look at who it is. You should also note the different ports these people want. Why is someone
trying to get SSH access? Why are they trying high port numbers? These bastards will do 
whatever it takes to get in. After you have the zonealarm the way you like it, go and find an online port scanner that
will scan YOUR ports for you. I should tell you to first look at your own computer. At a command
prompt,(remember what that is?) type netstat -a or just plain netstat. It will show you what
ports are open and what type they are, TCP, UDP, FTP etc. It will show you what you are 
connected to (established) or what is idle (listening). Unless you are currently in the middle
of an FTP session, FTP better not be active, same goes for the others. Close those damn
ports!! There are a lot of ways information is "leeched" off of you. Safe ports is just plain common
sense. A personal firewall should be required. The next issue is browsers. I will bet that at least 85% of you dont use a proxy. Do you know
what is contained in your browser header? It contains all kinds of nifty information about
your computer and it gives the "cookie man" a free pass to your hard drive.
There are plenty places to check your browser to see what information
it is giving out. Go and check your header
 here  Well, does it bother you to  know what you are giving away to every page you ever visit?
Every single page you have been to knows this information and you didn't even know that it
is happening. It is hidden behind the theory that if you give up this information it will
make your browsing time easier. Thats bullshit. Why do you think they call it a cookie?
Because it sounds nice and warm and is supposed to make you think safe thoughts. It is 
actually an internet eavesdropping device. Do you like it when the boss looks over your 
shoulder? No, so we need to put a stop to all this free information that is contained in
your browser header. When you get your new and improved browser that "will make your internet time better"
You need to go in and change some of the settings that they kindly turned on for you.
Go and poke around "preferences" or "options" and see what is set "on". All the things
that you don't need on, unless you like your internet warm and fuzzy and full of Java scripts
and other flashing lights and scroll bars with witty messages on them. This is where things
start to get interesting. Lots of options that you may not quite understand what they do.
The easiest thing is to just set them all to "prompt". The better way is to try and learn
what they all do. That will take a bit of effort so I will try to make it a little easier for
you. If you are on the internet for information then shut off all that crap like gifs and java
and animation and audio. Shut it all off or at least set it to "prompt". That stuff is the 
number 1 reason why websites take to long to load(especially for you dial-up peeps.) What about cookies? Shut them off. Now watch who is trying to set them on your computer.
Guess what? You don't need cookies to cruise the internet. Even if you do need to set cookies
"on" you have settings that can discard them when you close your browser. You can even "fake'
them ;) Let me try to give you a brief idea about what is going on with your browser.
IE first. I have IE 5.0. Up top of your toolbar open tools then internet options. This is where
most of your settings are. You will set your browser settings to whatever you need, not the
defaults. They "kindly" set your defaults for you when you install/buy new. They do this
because they can take advantage of YOUR laziness. After all, you only want the thing to
show you all that is wonderful right? Security then custom settings is where you will find
some of the important stuff. See how you can set it to "prompt"? Set them to prompt. You
should take the time to experiment with each of the settings to find out how they effect your
"browsing" I can't take the time to explain every setting, you have to figure some of this
out on your own. I want you to learn how to use an anonymous proxy.
One of the easiest programs to help you browse anonymously is Proxomitron. It has a ton of
options to play with and you can set your header message to whatever you want. I will skip
through this part quickly. Set the proxy server settings in you browser to localhost:8080.
In IE 5.0, up top, tools then internet options then connections then lan settings.
Now we need to find an anonymous proxy address. There are
a few resources available. Search anonymous proxy lists in Google. (without the localhost
set to 8080. just uncheck the box)
Once you find a place that
has a list, open the Proxomnitron, open the log window and open the proxy check box. Type in an
address and watch the log box. If it returns your IP address then its not anonymous. What is
your ip address? Remember the command prompt?  ipconfig should show you your IP address.
there are different ways to obtain this for different OS. Unless you are using Win95, ipconfig
should do the trick on all Win boxes. Write down the number. Not the 255.255 one. Not the 
default gateway, the one that says IP address. I can write a whole chapter on IP address but
Not today. Just know that some of you will have IP address that will change daily, weekly,
monthly or whenever your provider wants to change it. Always check your IP before you check
your header against an online header checker, You need to know if it has changed and what it 
is. OK, Despite
the fact that the site you are using says the proxy's are anon, most times they are not. Keep 
checking addresses until you find one that comes back clean. Your IP address should be NOWHERE
in the results the Proxomitron has returned. Next you need to check it against an online 
header checker. I use 2 different ones to verify that it's anonymous. Once you have
found one or 5 anon proxy's, click on the save disk on the proxomitron.Go back and check the
header again to make sure. One thing you need to know about proxy's is they are not stable. That is why I say get at 
least 3 to 5 of them if you can. I consider it a victory if I can find an anon proxy that lasts
more then a week. Most of them only last a day or 2 or, they just get so overloaded they slow
wayyyyyyy down. For people on a dial-up, this will be your most trying time, enduring a slow
proxy on top of a slow dial-up. It may become too unbareable for some of you but, you must
decide if you want the world to know all your "stuff" or if you want to be anonymous. Open your Proxomitron and click on headers. This is where we can change some info or just
stick with the defaults. The defaults will give you adequate protection. Open web pages.
Here is another place where you can control how you browser displays websites. Open it up
and poke around. Yes I want to kill blinking text. Yes I want to kill midi(shit awful stuff)
You have control now, use it. If you doulbe click on a particular line, in headers click on
x-forwarded. You can chage what your browser displays for that particular line. There will also be times where a website needs to see some information to let you in.
Think about what it is they want to see. Micro sometimes wants to see that you are using their
browser. I dont use IE but I put in the header that I do. Along with some other tweaking I made
M sites think I was using their browser and they let me in. Opera while using Proxomitron will
take some setting up to get it the way you want it. Do people still use Netscape? I shall write
an addendum if neccesary for Netscape users. For Opera users, I figured if you are using Opera
then you are familiar with "tweaking" settings to make things work. Now what you have done is stripped away all the chances they have to collect information. It won't
always be easy browsing but if you need full browser power then you can just check the bypass
box on the Proxomitron while you gather the information that you need. Or, uncheck the 
localhost box in your IE settings. Hotmail, for example, Needs to see that your browser is
IE 4.0 or better. Even though I use Opera, I put in the header that I am using MSIE 5.0,
Now it works ;) M$ mail programs are of course full of bugs. Almost all the viri, trojans and worms are
written for M$. Java exploits are another thing you should be aware of. ActiveX is another.
If you are willing to learn something new as opposed to using what is easy, the internet
will be a much safer place for you. No one said it would be easy, proxy's change everyday, so don't shitty malwares designed
to infiltrate your computer. Stop making their job easier. Protect yourself. Questions,comments send them here. |