ATS Computer Security and Data Integrity Bible - ANOTHER MUST READ

page: 1
25
<<   2 >>

log in

join
+2 more 
posted on Jan, 27 2012 @ 02:48 AM
link   
Hello everyone! Since I received such overwhelming support for the last text I'm keeping my promise to make it a series. I decided instead of breaking this one up into ten different tutorials I would just go nuts and cram a ton of stuff in at once. This is version 1, there will be regular updates anytime a topic is requested. I'm here to provide support for any topic covered in the text, if you have any questions or you just read the text please comment! If you enjoyed the text, give me some love (F/S). Thanks guys! You can view the file as a .pdf in it's original formatting (much easier to read in my opinion). I hope you enjoy!

CLICK HERE TO DOWNLOAD THIS FILE AS A .PDF

ATS Computer Security and Data Integrity Bible

Table Of Contents
1. Introduction
2. Terminology and Basics
* What is an IP Address?
* What is a Packet?
* What is a Port?
* What is Steganography?
* What is a MAC Address?
* What is Encryption?
* What is Hashing?
* What is Anonymity?
3. Computer Security
* Types of Attacks
* Firewalls
** Zone Alarm – An Example
* Antivirus Software
* Antispyware
* Password Strength
** Method 1: L33t Speak
** Method 2: Combining Words
4. Network Security
* Securing your router
** Changing Default Password
** Updating Firmware and Software
* Intrusion Detection
5. Wireless Security
* Wireless Encryption Types and Overview
* Channels
* SSIDs
* MAC address filtering
* Best Practices and Minimum Standards
6. Data Confidentiality
* What Is It And Why Is It Important
* Internet Data Confidentiality: A Practical Demonstration
* Ways to Achieve Internet Data Confidentiality
** VPNs – CyberGhost VPN
** Proxies
* Ways To Achieve Local Data Confidentiality
** Whole Disk Encryption
** Data Shredding
* Using Proxies to Download Torrents
* Steganography – God’s Gift to ManKind
** Creating Hidden, Encrypted Operating Systems
** Hiding files inside of other files
7. Purchasing Anonymously On the Internet
8. References
9. Conclusion


Introduction

Welcome to the ATS Computer Security and Data Integrity Bible. What you are about to read is not only my best attempt at getting on ATS Recap (common Brian!) but also a complete crash course on computer security, LAN security, data confidentiality, and internet anonymity. First we’ll go over the basics and then we’ll try to fry your brain with an in-depth look and practical examples. If I reach my goal, after reading this you will rest easily at night knowing your sensitive data is secure, your computer is free of viruses and spyware, no one can break into your wireless or LAN, your connections to the internet are government-spy-proof, and there are no records of the poka-dot panties you just bought on Amazon. If you find yourself overwhelmed just keep going and return to the areas you weren’t sure about. If you get stuck with any of the methods used just remember help is available in the forum.
If you have read the original ATS Guide to Data Confidentiality you are going to see a little bit of repeat information. Instead of making a “version 2” or releasing ten individual tutorials I decided it would be best to conserve posts and just make an all-encompassing “Bible”. If you are one who read the original guide I encourage you not to skip through the Data Confidentiality section since a lot has been added and elaborated on.


About the Author

I’ve been a terror since the public school era. At a young age (13) I founded what turned out to be a very popular forum: HackerLounge. Further and related endeavors lead to TGS-Security, a penetration testing and security (hacking) group. I released over 500 pages of security related material from the perspective of the hacker (hacking tutorials) and helped train a young generation of rebels. Later HRG, the Hackerlounge Research Group was formed and we were responsible for releasing many vulnerabilities and fixes (primarily web based applications). After a long break I’ve returned to the networking world from the professional perspective, working to fight the people I once helped.


Terminology and Basics

What is an IP Address?
An IP Address is a 32-bit address used to identify your computer on a network. Simply put, it's the mailing address for your computer. When you access outside networks like the internet you use a public address which is unique to your computer or organization (depending on your network setup). Webservers you access need to have an address to reach you and almost always this information is stored in the log files. Websites you access can usually very easily tell what your IP Address is, your ISP, the region you're connecting from, and the pages you accessed on the server. If you need proof, visit www.whatismyip.com... to see your current IP.

What is a Packet?
A packet, found in the Network layer of the OSI model, is a set of data. When you visit a website, the entire site isn't sent to you in one big string of 1's and 0's, but rather is segmented into similar sized packets and sent to a destination (technically segmentation is L4). It's like if you had a hundred books to send to somebody. You wouldn't throw all of the books into one cardboard box and ship it out you'd separate it into many smaller shipments and then take it to UPS, Otherwise the package (packet) could be lost or damaged on the way to its destination. We'll take a deeper look into packets later.

What is a Port?
We know now computers segment traffic into packets to communicate. Now, how does a router tell the difference between your web browser traffic and your Call Of Duty traffic? Simple, Ports. Ports are used to differentiate between different types of traffic. There’s a huge number of ports and generally speaking they determine whether a computer can accept a certain type of traffic, and if so, what application belongs to that traffic.

What Is a MAC Address?
A MAC address is a hardware address used to identify devices at Layer 2 (switches use MAC addresses). This is a static hexadecimal address assigned by the vendor of the device. Every network card, any device that is meant to communicate with other devices has a MAC address which is unique to that device only.

What is Steganography?
Steganography is the act of concealing an encrypted file inside of a completely innocent looking file. Used for extremely secure data, steganography combined with the tools of full disk encryption provide maximum data confidentiality.
edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)




posted on Jan, 27 2012 @ 02:49 AM
link   
What Is Encryption?
Encryption is the process of inputting data through a complex reversible algorithm in an attempt to make the data unreadable to unauthenticated users. Commonly, when one clicks on an encrypted file a dialog box will pop up requesting a password, if that password is correct the program decrypts the file and lets the user view it. The issue here is that generally a decrypted version of the file is stored deep in the harddrive space and is waiting to be retrieved by anyone who knows how to do it. This can be avoided by using whole disk encryption, which we will discuss later.
An important thing to mention is the way to treat an encounter with authorities requesting your encryption passwords. A woman in Colorado was court ordered to give up her password and she did, releasing damning evidence in a case of mortgage fraud. I forget passwords all the time, don’t you? What if you simply can’t remember the password, are you expected to be held in contempt until your memory starts working again? No way! “I smoke way too much marijuana to remember a password from last week your honor”.

For an example of encryption look at the demonstration in figure 1. In this picture I have connected to a router and saved two versions of the same password. One is in clear text, the other is in encrypted form. By viewing the configuration file we can see the two values.





In the lower box of Figure 1 we can see the encrypted version of “ABOVETOPSECRET” and the clear-text version. Obviously unless decrypted the password cannot be read.

What is Hashing?
Hashing is the process of running a one way algorithm on data. Hashing is becoming way more popular in today's world. When you visit a website and you input your password, you generally don't want that password transmitting over the internet in clear text. We avoid this by running a powerful encryption scheme on the password before it leaves the computer and we send the hashed version to the server. Since the hashes cannot be decrypted the server runs the same algorithm on the actual passwords and then compares the two hashes. Hashing is generally as secure as it gets.

What is Anonymity?
Anonymity is defined as the “state or quality of being anonymous”, and it is different than but still includes Data Confidentiality. To be truly anonymous on the internet, we want both data confidentiality and source suppression. In other words, we want to hide who we are from the remote server and we want to hide who we're talking to from our ISP (and the government). Ideally the ISP shouldn't be able to tell we're browsing the web, just that we have some activity on the internet.


Computer Security

Types of Attacks
There are many methods hackers have to gain access to your computer and network.
1. Viruses – Malicious code meant to cause harm to your computer or network
2. Port Scans/Service Access – Scanning available services on a device in an attempt to determine more information about the target. These are classified as “informational attacks”.
3. DoS Attacks – Denial Of Service attacks deny legitimate traffic to a device by flooding it with illegitimate traffic. This is one way the hacking group “Anonymous” attacks high profile targets like the government. There is very little defense from a well planned DoS attack.
4. Man In The Middle Attacks – The practice of intercepting data meant for a specific host, changing it, and then forwarding it to the intended recipient. For instance, John wants to send a co-worker, Mary, an email offering to buy her lunch. John presses send and an attacker using a man in the middle attack changes the contents of the email to an obscene comment about Mary’s nose. John is then fired.
5. Keyloggers – Keyloggers simply record your keystrokes and then forward the dumps to an awaiting server. These can come in the form of software backdoors and even physical devices that can be put in-between the keyboard connection and the computer and then retrieved later.
6. Trojans – Much like the name implies, Trojans are usually hidden inside of files and allow the attacker to take control of the target’s computer. The effects are gruesome.
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 02:50 AM
link   
7. Known Vulnerability Exploitation – Every day new vulnerabilities are discovered in software. Consequentially companies release patches or new versions of the software that address the vulnerability and offer it for download to the users as soon as possible. Since only a certain percent of people even know why they should update their software many people access the internet with known vulnerabilities just waiting to be exploited. It is important to note: just because you update windows regularly it doesn’t give you an excuse to not update all of the software on your computer. This includes applications like Word, Internet Explorer, ect. If it has a “check for updates” button it should be used every time you open the program.

8. Social Engineering Attacks – This is an attack based on deception and actually uses no computer at all. An attacker simply calls the target, delivers her a story about who he is and then requests information from the target (such as “what’s your password” or “what’s the ip address of your computer”). A huge amount of hacks are the result of successful social engineering attacks and the risk should not be taken lightly.

Obviously there are a number of other attacks but these are some of the most common. I’m going to teach you how to protect against all of these attacks and more. Let’s start by taking a look at the first important tool in our box, Firewalls.


Firewalls
Ok, so we know computers use packets to communicate and ports to differentiate between different types of traffic. So how do we know which ports are open and more importantly determine which hosts are allowed to access those ports? We may have ports open on our computers but do we really want everyone in the world able to connect to those ports? Obviously not, and we use firewalls to filter this traffic based on source and protocol type. Firewalls will also let you know (and block) traffic leaving your computer. For instance, if you accidently open a Trojan, when the Trojan tries to connect to it’s host it will be blocked at the firewall as soon as the port opens. By hitting the link below you can see a list and comparison of different firewalls. Personally I like Zone Alarm, they’ve been around forever and make a good product.
en.wikipedia.org...

Zone Alarm – An Example
For this example we will be using Zone Alarm. I have attached two computers to a switch and installed Zone Alarm on one. To start, let’s issue a Ping from our outside computer to our target computer.





As you can see, the ping is successful which means we are able to send data to our target computer. Now we boot up Zone Alarm and get the screen below:




After enabling the firewall, lets try to send data from the outside computer again:




As we can see, the data is not reaching the target PC now that the firewall is enabled. This means the firewall is doing it’s job and filtering traffic before it even gets to the computer.

Antivirus Software
Chances are if you have a pulse you’ve heard of an antivirus, so we aren’t going to go in depth about antivirus software. There are a few things to mention about antivirus software:

1. HAVE ONE
2. Update your virus definitions every day. Just like we’re discovering new vulnerabilities every day, hackers are making new viruses every day. It is extremely important to update your definitions regularly (preferably by an automated process), otherwise you’re just defending against last week’s or month’s attacks.
3. Do a full system scan once a day, preferably by an automated process.
4. An antivirus is no excuse for reckless behavior.
That being said, a strong security protocol is the most important tool you have against viruses. Antiviruses won’t discover non-public or undiscovered viruses. Hackers don’t always make malicious software public so your antivirus isn’t going to pick it up. Use common sense: don’t download files from untrusted vendors, don’t install software from untrusted vendors, never open attachments (ever). I ran an antivirus on two machines recently (non-important ones that I just use for web browsing) that haven’t been scanned for over a year – neither had a single malicious program or virus. That’s not to say I’d allow those computers on a production network! Below is a link to a list of antivirus programs.
en.wikipedia.org...


edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 02:51 AM
link   
Anti-Spyware
Anti-spyware preforms a similar duty to antiviruses and many high end antiviruses will spot spyware. However, Anti-Spyware is more attune to catching informational attacks and shouldn’t be overlooked. By using both software we’re better protected against browser hijacks and other nasty stuff.
My favorite anti-spyware is called Adaware, there’s a free version and it’s widely available in cracked form (though I would never suggest stealing software). It will scan your system (Figure 3) and then show you what it detects and offer you solutions (usually quarantine and remove) (Figure 4).







Password Strength
One of the most important aspects of computer security is the strength of your passwords. If you have easily crackable passwords you have fully undermined all efforts at securing your devices. We’re going to discuss two methods of making a secure password that you can easily remember.

Method 1: L33t Sp34k
The first method for secure passwords is known at Leet Speak (or L337 Sp34k – a word used to describe how “elite hackers” and how they once typed. Moreso it’s a joke). This method is very simple. You start with a word or phrase and then replace the letters with numbers. Below is a few examples, each person’s leet speak is a representation of themselves. It all depends on how creative you want to get in regards to which numbers look like which letters. I like to then tag on a couple of numbers at the end just for the bonus, you can use consecutive numbers for this.

Example: “I like to eat pudding”
Translates: 1-11k3-t0-e47-pudd168888

Example: “Crack is wack like smack”
Translates: cr4ck-15-w4ck-11k3-5m4ck8888

This way you just have to remember what the phrase is and which numbers are for what letters. It will take the governments super computers a really, really long time to crack a password like the examples and it’s safe to say a hacker never will.


Example 2: Combining words

Don’t like using numbers for letters? Ok, then how about this. Take two words (preferably long ones), write them down and them combine them then add consecutive numbers. For instance:
Example: “combining” “words”
Translates: cwoomrbdisning8888

Example: “love” “hotpockets”
Translates: lhoovtepockets8888

Not nearly as secure and takes a lot more time to write, but whatever floats your boat. At least it’s not clean English and it will take a random generator and some serious time. Personally, I’m a leet speak kinda guy.



Network (LAN) Security

Securing Your Router: Changing Default Passwords
For these examples are assuming you are using a cheap router/modem for connection to your ISP. The first thing to do when locking down your router is change the default password. First we look at the router and determine the default IP address of the router (in decimal form, located somewhere on the router. Example: “192.168.0.1”). We also check the default password for the router. Next we open up a web browser and point it to the IP address on the router (remember to put http:// in front). In our example the IP address is 172.16.96.25, but yours are likely to be 192.168.0.1 or 192.168.1.1.




Next we find the utility to change the password. Depending on your router it could be under “basic settings”, mine is under “set password”. I simply click that link, enter the current and new passwords and I’m all set.

Securing your router: Upgrading your Firmware
Another important step towards securing our network is to upgrade the firmware on the router. Remember when we were talking about updating your software and operating systems? The same method here applies, vulnerabilities become known for specific routers and patches are released. You need to continuously update your firmware to keep that piece of the puzzle secure. In our example you can see it’s under “Router Upgrade” on the left, but yours might be under “Router Status”, “Router Firmware”, or “Updates”. Just hit the check utility and it will handle itself.




Intrusion Detection
If you have several computers in your home you ought to consider running an Intrusion Detection System. An IDS will scan for traffic that appears to be malicious, much like a packet sniffer with an alarm on it. It will alert you if it notices any traffic from Trojans, viruses, or anything out of the ordinary. My favorite is Snort, it’s been around forever and is proven to be one of the best. snort.org...





Of the programs mentioned thus far, Snort is one of the harder to install and maintain. It’s a must have for larger networks or networks with more than a couple devices, but for the home users it may not be practical.
edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 02:52 AM
link   
Wireless Security

Types of Wireless Encryption
Ok so you’ve looked at your router’s security settings and you see a bunch of acronyms, get confused about “passkeys” and just close the box, leaving your wireless network insecure. Since traffic travels in clear text and open for packet sniffing what you’ve done is opened up all of the traffic on your network to anybody who decides to walk by with a cell phone. The screen will look like the screen in Figure 8.




So we see a lot of options here when it comes to security options. Let’s go over them:
1) None – DO NOT USE THIS OPTION
2) WEP – WEP was the first security protocol, invented by IEEE. It is the least secure option because it uses static authentication and a weak encryption algorithm that literally takes seconds to break. This should never be used.
3) WPA-PSK [TKIP] – This is WPA version 1, the next step up from WEP. The [TKIP] indicates it uses the temporal key integrity protocol and has a better initialization vector. The next step up, but not the best.
4) WPA2-PSK[AES] – This is the best option we have. AES is military standard encryption and has yet to be broken (until another 12 year old girl from Sweden comes along). AES is the standard now adays and should be used as often as possible. The last option indicates you will allow both WPAv1 and 2 (to allow older devices)
Channels

Do you see the box in Figure 9 labeled “channel”? Wireless routers use different frequencies depending on what their settings and versions are. Often times we find in heavily occupied areas our wireless signal isn’t as reliable as we want it to do. This can be caused by a neighbor who has a router set to the same signal your router is set to. The clear channels for many 802.11 deployments are 1, 6, and 11. Start with those options and which channel is more clear (maybe you’re in an overlapping area for all of them but one overlapping signal is less strong than the others).

SSIDs
An SSID is the identifier you use for your specific network. There is a (slight) added protection by not broadcasting SSID and just inputing it in the connecting computer. However, since when a device connects to the network the SSID is sent in clear text, an attacker can easily find it with a little investigation. If you would like to turn off your SSID, find a screen like the one used in Figure 9 (in my router it was found under “Advanced Wireless Settings”, however I have seen routers where it’s just in the basic wireless settings). Just disable SSID Broadcast.




MAC Address Filtering
Remember a MAC address is a hardware address burned in by the manufacturer? Since it’s not changeable (or supposed to be), there is an added security feature by filtering connecting devices by MAC addresses. However, since MACs can be spoofed if the attacker knows which MAC the device wants, it is not an end all be all. To enable this feature find a box like the one in Figure 9, “Wireless Card Access List”. The router should be smart enough to do the rest.

Best Practices and Minimum Standards
There are many things one must do to keep their network secure. Below is a list of best practices:
1) Use password that are at least 13 characters long
2) Run and update antivirus and antispyware once a day
3) Update Operating System once a day
4) Do not open email attachments of any kind
5) Do not download files from untrusted sources
6) Never use anything short of AES encryption for your wireless
7) Change default passwords and change the default IP address of the router.

Data Confidentiality
What is Data Confidentiality?
Data Confidentiality can simply be defined as “keeping what's private, private”. This can include emails and documents as well as content browsed on the web. A simple concept to understand, it can be relatively difficult to achieve. For instance: sure, Bob knows that if he has a particularly sensitive document on his computer he can use a popular program (or even his operating system in some cases) to encrypt that document on his hard drive. However, does he know that the original data from before the file was encrypted is still hiding on his hard drive? Does he know that every time he decrypts that document for viewing it's stored in clear text? What if he's not just concerned about his local documents? Perhaps Bob knows he has radical views of his government and he wants to cover his tracks on his favorite forum, Above Top Secret. How could this be achieved?

Why Should I Care?
You should care about your internet footprint because it can be used for a multitude of reasons. Hackers can obtain personal information including bank account information and your ISP can tell that you've got a weird foot fetish. Not to mention the use of trackers on websites, it's likely Facebook not only knows how long you've had that foot fetish but exactly when you acquired it. Notice the ads for women's socks on your FB? That's not a coincidence.

edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 02:53 AM
link   
On a more serious note, the American government has been trying to restrict our access to a free internet for years. There is a conspiracy that says the government is already logging all information at our main connecting points to other countries under the patriot act (and I am one who believes it). HR 1981 is an attempt to force your ISPs to track your traffic for 18 months (if they aren't already), and it's brought to you by the same people who brought you SOPA. If you don’t care about your privacy no one will. In this document we discuss the tools necessary to counter the government's attack on your privacy.

Internet Data Confidentiality: A Practical Demonstration

As we discussed earlier, there are two types of data integrity we're concerned with. We're worried about the files on our computer and our transmissions on the internet.
But just how much can an ISP tell from the packets that transmit over their networks? To answer that question, let's open our favorite packet sniffer, WireShark. It is important to note that this isn't just information that our ISP can see, this is information (unless protected against) anyone in our network can see. On company networks, administrators will generally use vlans to segment broadcast domains... But that's a different conversation.

So for this demonstration, let's just turn the packet sniffer on and visit our favorite website, Above Top Secret. By opening up the packet sniffer and clicking reload on ATS, we immediately see the sniffer burst into action.




Here we can see that Brian's face and the page around it was segmented into 548 separate packets. Contained in these packets is everything you see on the site and more. Your ISP can see you were visiting above top secret, your login name, your mac address, and so much more. An attacker can usually see all of this as well. Everything you do is transferred in clear text and split into a packet like what you see here.

Ways to Achieve Internet Confidentiality

In this article we are not only concerned with internet confidentiality but also anonymity. We want to hide who we are from the remote server and what we're doing from our ISP and government. So how do we achieve this?
One thing to consider in regards to government spying is VOIP phones. If you have a VOIP phone such as vonage all data sent over the wire can be reassembled as a .mp3 file very easily. This applies to attackers and ISP spying. That means if the bill passes the government will be able to hear your phone calls for 18 months. Scary right?

The first gun in our arsenal is called a VPN, which stands for Virtual Private Network. A VPN is a private, encrypted connection between your computer and a remote network. This technology was originally developed for applications like providing traveling salesmen secure access to the private network from abroad. It has now mutated into a powerful tool to protect your privacy.

For our uses the VPN will create an encrypted logical connection to a remote server (usually in a non-extradition country). We will then use this encrypted session to transfer all internet data through the remote connection before out to the internet. By doing this we are essentially browsing the internet securely from a remote country. Web servers think you're in Guatemala and your ISP just sees an intense amount of encrypted traffic with a remote server.
The next tool we have is a Proxy. Proxies are a good option because they provide some anonymity on the internet from remote servers, but certainly not from your ISP or the government. By combining the use of proxies with our VPNs we can make it even harder for people to even trace the data back to the VPN connection.


VPNs – Cyberghost VPN
List of Pay VPNS: pastehtml.com...
cyberghostvpn.com...

The first thing that needs to be mentioned here is that ”if you aren’t paying for a product, you are the product”. That being said, CyberGhost is the only VPN I’m sure to recommend someone who still wants a free VPN. A google search for “free vpn” will yield a lot of results, but few from companies as trustworthy and professional as CyberGhost. These guys have a ton of servers in obscure countries and offer a free service. You get 1GB for free a month which is plenty (I've never gone over 1gb a month, though I only use the vpn for internet browsing). To get started simply sign up for an account and download their client. Fire it up and you’ll see the screen below.


edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 02:54 AM
link   
Simply navigate through by clicking “next" I usually select the most secure server rather than letting cyberghost decide. Once you’re connected, verify the IP address change by going to whatismyip.com... or ipchicken.com.... You are likely to lose some speed while on a VPN so it’s beneficial to use it when doing things you want to be anonymous and then turning it off when you’re playing Farmville. It is also important to mention that some countries restrict their internet. If you find a problem accessing certain webpages try a VPN in a different country than the one you’re connected to.


Proxies
anonymiser.com...
www.proxy4free.com...
If you would like to add the benefit of proxies to your secure connection, I would recommend making it easy and using a simple free public proxy. You can find these on google or you can find a link to two of my favorites above. Be sure to connect to your VPN and then go to their site and proxy from there. I don't recommend using proxy programs as they're usually pretty bunk and they are likely to not be compatible with your VPN. When it comes to it, screw the proxy – you want encrypted packets.

How to Download Torrents Anonymously
Not all torrents are illegal copyright infringement, some are just shady. Protect your identity while downloading torrents by finding an active torrent from the list linked below. Within the options of your torrent application you will see an option for “proxy address”, input the proxy you find from the list below and you’re good to go. You can use VPNs for this data but it will cause unnecessary delay, unless you want to hide the activity from your ISP.

hidemyass.com...

Ways to Achieve Local Data Confidentiality
Just as important as covering your traces on the internet, you want to make sure your data is secure. Some of you might think you've secured your sensitive files by encrypting them but as we discussed early it is very likely you did not since those files are still on your hardrive in clear text. Even if you put everything on a USP stick and buried it next to the tree, evidence could still be on your computer.

So how do we keep our files secure and cover our traces locally? Simple: whole disk encryption. We want the disk our operating system is on to be fully encrypted and we want to have a password authentication when we turn on our computer or access sensitive files. Below is a list of programs that will help you achieve this. Some are free, some are not. Personally I've been usingPGP Enterprise for the past five years, it is my favorite by far. If you are not opposed to stealing software, isohunt.com is your answer. I also have personal experience with Best Crypt which is a wonderful software. Below is a photo of what it looks like when I turn on a computer.
en.wikipedia.org...




Data Shredding
As we discussed with encryption, the same process which leaves a clear text version of your encrypted files also leaves a copy of your deleted files easily accessible on the computer. Since data isn't actually overwritten, just disassociated, the files are still accessible with a simple program. We combat that with the use of a data shredder. You can find these utilities usually within your whole disk encryption programs, but if not there's a list below and a picture of what the PGP shredder looks like. These utilities will usually encrypt the file and overwrite it several times, securely deleting the file.
www.makeuseof.com...





Steganography – God’s Gift To Mankind

Creating Hidden, Encrypted Operating Systems
Remember earlier with our example of the lady who was forced to give up her encrypted drive password? If she would have been using Steganography they wouldn’t have even been able to prove the operating system even existed, much less have asked for the passwords. By using my favorite tool, TrueCrypt, we can achieve just this. This amazing open source software creates a dummy partition which has a bootable operating system and an encrypted hidden partition inside. This really is the top of the line when it comes to data confidentiality




As you can tell from the above text, it’s more complicated to put together then it sounds. At worst you will have to install operating systems, it will take a little bit of time… But depending on how shady of a character you are it could also save you years of your life. I recommend doing this even if you’re a nunn, it’s none of the governments #ing business what’s on your hard drive.


edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 02:55 AM
link   
Hiding Files Inside Other Files

Another thing we can do with Steganography is hide files inside of other files in it’s simplest form. We can do this with any type of file, we just want to keep in mind the total file size (for example, you don’t want a short word document that’s 100MB, that’s what videos are for). For this I recommend a software called OpenPuff, which can be found at the link below. Figure 15 has a screen shot of it in action. It’s a simple but extremely powerful concept. Consider taking a 1GB USB drive, doing a full disk encryption and then putting a hidden file on the disk and burying it in the back yard. Secure enough for you yet?

www.snapfiles.com...





Purchasing Anonymously Over The Internet
One bridge people have found tough to cross in recent days is how to purchase anonymously over the internet. Fortunately I’m here to help. First, try anonymous gift cards at your local gas station. Note that Visa Vanilla requires “activation” (your name) to use over the internet. In some areas you can find truly anonymous cards. Consider where you plan to buy from, places like Amazon have gift cards you can buy at the gas station and use anonymously. The next option we have is prepaid and offshore anonymous credit cards. Below are a few links to ones that I have found. Note that you will usually have a max purchase of 500 on the card due to Patriot Act requirements.

www.capitalconservator.com...
www.ultimate-anonymity.com...

Another option is BitCoin, a form of digital currency.
bitcoin.org...

References
Just my swollen brain.

Conclusion
If you got to this point then I commend you. If you have any questions please feel free to ask in the thread, I will provide support for any technology mentioned in the tutorial. If you enjoyed the read please feel free to comment (and of course S/F). I love you all, even the guy who claims my only purpose is to advertise CyberGhost.

P.S. I understand it's a little arrogant to call this size of text a "bible". I'm an arrogant person, deal with it.

edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 02:55 AM
link   
reply to post by badfish420
 


This is AWESOME! (once again
)
Thank you SO much- PLEASE KEEP 'EM COMIN!

Much love



posted on Jan, 27 2012 @ 03:07 AM
link   
HAHA You caught me before I even got halfway done inserting the pictures. Thanks for the love



posted on Jan, 27 2012 @ 09:31 AM
link   
reply to post by badfish420
 


Was this written by you? This covers my final year dissertation for uni, the research is based on whether or not routers are secure enough by their default settings, could really use some of this, any objections to me referencing some of it?



posted on Jan, 27 2012 @ 12:04 PM
link   
Yep this was written by me. Reference it all you want, you're welcome to plagiarize as well. If you need it in any other formats let me know.



posted on Jan, 27 2012 @ 12:30 PM
link   
reply to post by badfish420
 


Excellent!, I have been looking for a reliable VPN service that didnt want a credit card.



posted on Jan, 27 2012 @ 12:55 PM
link   
Hi badfish


Hope your ok fella, Once again i will say thank you for another great post. I havnt yet read it through as i was just popping on to ask a question in computers myself lol,

I think you maybe the man, We had a engineer out today to look at my router and connection, He changed my router for a newer version and tryed to download a SG TCP Optimizer, Reason being is i get 49mb out of 50mb and just recently it's being between 10mb and 25mb. Apperently on his laptop he got it as 49mb which my partner did witness, So he suggested downloading this program,

He did download it but couldnt get it to work so left it for me to do. So i've come to doing it but it say's that you need to be a administrator to change some things, and tells me to right click ect, But i am admin on the laptop there is no other profile? He thinks it could be a "something card" my partner said... and that explains why its fluxing all the time?

I have no clue lol, I wish i was able to deal with the engineer myself now. Anyway any advice or comments will go a long way,

i look forward to reading you bible once again, thank you,all the best.



posted on Jan, 27 2012 @ 01:21 PM
link   

Originally posted by intuitive
Hi badfish


Hope your ok fella, Once again i will say thank you for another great post. I havnt yet read it through as i was just popping on to ask a question in computers myself lol,

I think you maybe the man, We had a engineer out today to look at my router and connection, He changed my router for a newer version and tryed to download a SG TCP Optimizer, Reason being is i get 49mb out of 50mb and just recently it's being between 10mb and 25mb. Apperently on his laptop he got it as 49mb which my partner did witness, So he suggested downloading this program,

He did download it but couldnt get it to work so left it for me to do. So i've come to doing it but it say's that you need to be a administrator to change some things, and tells me to right click ect, But i am admin on the laptop there is no other profile? He thinks it could be a "something card" my partner said... and that explains why its fluxing all the time?

I have no clue lol, I wish i was able to deal with the engineer myself now. Anyway any advice or comments will go a long way,

i look forward to reading you bible once again, thank you,all the best.



Ok so I've glanced through SG TCP Optimizer, it appears to just be a fine-tuner for your NIC (network interface card). If he is able to obtain the desired speed it's obviously local to your computer so he was right about that. Problem is, it doesn't appear this program is going to help you without some understanding of TCP/IP and if you've only suddenly started seeing this appear I would doubt it's your NIC.

I guess there are a few questions to be had:
1) What type of router is it? Manufacturer and model number?
2) I hope you didn't pay this administrator much? He doesn't seem to have any clue.
3) You're connecting physically? Not wirelessly?
4) Were any programs installed just before this started happening? Usually the first step of troubleshooting is to determine what has changed from the time it was working to the time it wasn't.
5) If connecting physically, have you attempted swapping out the ports and cables you're using?
6) What's your version of windows.

It seems natural the program would ask for admin privs, it has to do some pretty deep configuration to your machine. When you see a box that pops up asking for admin privs it simply means you have a program attempting to access sensitive areas of your computer, it's like the final catch for hidden programs you didn't mean to run. We can fine tune the NIC but I'd be surprised if that's the issue.

Thanks for the kind words. We'll figure out your bandwidth issue.
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 01:21 PM
link   
ACCIDENTAL DUPLICATE POST
edit on 27-1-2012 by badfish420 because: (no reason given)



posted on Jan, 27 2012 @ 01:53 PM
link   
hi

Im using a virginmedia super hub made by NETGEAR VMDG480

I almost always use wireless as my cable is broken at the min, so wired is a no go at the min im afraid.

I have windows 7 on a acer aspire 5750z

nplify 802 .11b/g/n if this helps.

I only got my laptop in december and i havnt downloaded anything adnormal as such...
Upon checking my dowloaded file, I see i downloaded a java 64-bit on december 17th other than that thers nothing really, anything else is from this month

I think my laptop has broadcom and my router has atheros could they be conflicting?

if not, Im wondering if its my bitdefender security perhaps?



posted on Jan, 27 2012 @ 02:00 PM
link   
I'm going to put my money on bitdefender, this is a known issue according to their forums. Run a speed test (speedtest.net) and then uninstall bitdefender and run the test again. If there is no change you are safe to reinstall and we'll look elsewhere, otherwise we'll figure out if there's a fix for it.



posted on Jan, 27 2012 @ 03:11 PM
link   
reply to post by badfish420
 


Ok well i uninstalled bitdefender and done my test and you was right, it went straight upto 47mb, I reinstalled it and done the test again and back down to 20mb ish, I now seem to have issues on bitdefender that its not fixing itself lol but ill try and sort that out.



posted on Jan, 27 2012 @ 03:51 PM
link   
Supposedly the reinstall should fix it, perhaps don't update it to the newest version... If you can't get it to work we'll get you an alternative.

Glad I could help.

Edit: haha, 64 downloads and 9 flags.
edit on 27-1-2012 by badfish420 because: (no reason given)





top topics
 
25
<<   2 >>

log in

join