[C99]

Ar trebui un sticky facut , oricum here s some tips :

First of all, this is not my post, I asked for permission if it would be ok to post this info here as im sure it would help a lot of people, like me, and the person that wrote the thread said it was fine, so here it is.

I decided to write this rough guide to try and explain the basics of internet security, ssl (what it does for you, and also what it doesnt do), and basically some good practices that we should all be using to remain as annonymous as possible when viewing sites like this. I'm sure that a lot of people here already have a fair idea what they should and shouldnt be doing, but likewise, there are probably some who have no idea, so this guide is mainly aimed at these people.

First off, I will start with SSL. What exactly is it?

SSL stands for secure sockets layer. It is an internet protocol just like http, but unlike http, all of your data is encrypted on your end before it is transmitted across the internet. It is then decrypted at the destination server so it can be understood. Likewise, all information transmitted from the server you are connected to is also encrypted and then decrypted by your computer before you view the page in your browser.

Why is this important, you say? Well, to answer that question, I will first explain how data is transmitted across the internet.

When you type the url of a website into your browser and hit go, your computer does a lot of work behind the scenes that few people understand. A url means nothing to your computer.. it first has to figure out the server that the website resides on. To do this, it makes a connection to your ISP's nameservers, and asks the nameserver what the IP of the url you are requesting is. The nameserver sends the IP back to you.

Once your browser knows the IP of the server you are trying to connect to, it can establish a connection with the server so you can send and receive information to/from it. But, becuase your computer does not have a direct cable connecting you to the destination server, it must go though several other servers on its way to its final destination. Lets say you are in the US and are trying to connect to a website located on a server in china. First, your data is sent to your ISPs servers to which you have a direct connection (your broadband connection). Your ISP then sends it through a high speed connection to another server which is closer to the destination server, and then another and another etc etc, until it finally gets to where it is going. Each server that your data has to go through is called a "hop". At each hop in the route, the information that is passing through it is freely viewable by anyone who may be interested. It is not encrypted and they can see exactly what you are sending/receiving. In many cases, these hops may keep logs of this data for use in the future. That includes usernames, passwords, emails and other sensitive data you may be sending. Likewise, any information coming back to you from the server can also be viewed at these "hops".

What ssl does, it encrypts your data before it is transmitted through the route, so even if someone tried to see what you were sending, they would be unable to read it, becuase only the server you are sending it to knows how to decrypt it. However, while ssl will protect the data you are transmitting, it is not a one way ticket to internet annonymity, becuase the name of the website you are sending the data to will still be clearly visible to your ISP and to the hops that it is passing through.

That may be a lot to digest, so take a break, read it again, have a toke, and we will continue in 5.....

So how do I protect my online identity you ask? Well.. that depends on how annonymous you really want to be, and how much inconvienience you are willing to tolerate. I could give you an extensive guide that would ensure that nobody but the top levels of government would be able to crack, but for the majority, it is pretty simple...

USE TOR and SSL!!

Tor (the onion router - torproject.com) is a system that takes your data, encrypts it, and sends it through several servers, before it begins the journey I described above. This hides your IP from the destination server, and prevents any snoppers from seeing where your data is going. TOR is a great solution, but it is not without its flaws, but for the majority here, I dont think I need to into that. And anyway, if you are using SSL, then this overcomes the only security hole in TOR.

If you want to learn more about how TOR works, you can read the wiki article, or you can read the overview on the tor website.. it has pictures!

To get TOR working, all you have to do is download it from here and install it. Once you have installed the bundle, you will have to configure your browser to use TOR instead of your actual internet connection. I will explain how to do this in firefox (using the privoxy proxy server). Simply click Tools|Options|Advanced|Network |Settings. Click the "Manual manual proxy configuration" option, and in the HTTP Proxy box, type 127.0.0.1, and in the port box type 8118. Then select "Use this proxy server for all protocols". Click ok, and you are done.

There is an easier way to switch tor on an off though, if you are using firefox (which you should be ). There is an extension called "Torbutton" that allows you to toggle it with a single click. You can find the torbutton extension here. I think it also comes with the installer on the TOR website, but for some reason it does not install properly for me that way.

Another thing that everyone should do is to change the nameservers that your computer uses to look up IP addresses. As I explained already, your computer queries your ISPs nameservers for the IP of the URL you are requesting, so even if you use tor, your ISP will still know the site you are trying to view. There is a simple solution for those who are using firefox... there is an option in the firefox configuration that allows you to change where you do these lookups...

In a new window, type "about:config" (without the quotes) and type "network.proxy.socks_remote_dn s" into the filter box. If it is set to false, double click it to set it to true. What this does is instead of using your ISPs nameservers, it reroutes the DNS lookup request through the proxy that you are using (i.e. TOR) so you ISP has no idea what website you are viewing.

Well, I think that covers most of the basics, but it is by no means a concise guide to annonimity.

This is where you can download tor from. www.torproject.org/download.html.en

to check to see if tor is working properly before I go onto any sites https://check.torproject.org/

Here's some good links to test your proxy, firewall and ports;

ShieldsUp!

https://www.grc.com/x/ne.dll?bh0bkyd2

This site will provide your current IP address and scan your ports. Test the site both with and without using a proxy.

[ProCan]

Iti multumesc ,Chiar aveam nevoie sa stiu .

[C99]

Sure , anything that helps. Ar fi fost nice sa putem face stickies ,dar tre un mod.
Macar avem buton de reputatie e ceva .

[Uncle77]

am incercat cu Tor si cu mozilla sa fac un proxy, am reusit dar merge destul de greu conexiunea..
as fi recunoscator daca m ati indruma spre un proxy ok

sanatate

[Ardeleanul]

^ cumpara unu, din cate stiu e vreo 5$ /luna

[piramidon]

Multam fain C99!

Si subscriu si eu la ce zice unchiu' ca si eu ma tarasc cu TOR si tot incet al dreaku' imi mergea si cu JonDoe

[wouldubreakfree]

ce-ai frate..eu merg blana pe IE

[Uncle77]

Quote:

Originally Posted by Ardeleanul

^ cumpara unu, din cate stiu e vreo 5$ /luna

daca dispuneam in momentul asta de un card si $ chiar nu mai puneam intreabarea aici ci imi cumparam direct unul..

[Uncle77]

navighezi doar cu IE simplu fara nimic?

[wouldubreakfree]

da ..