12.12.2017, 23:56 UhrDeutsch | English
Hallo Gast [ Registrierung | Anmelden ]

Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
Autor Nachricht
trs12
Titel: Anonymizing software for kanotix?  BeitragVerfasst am: 04.10.2006, 22:20 Uhr



Anmeldung: 03. Jul 2006
Beiträge: 32
Wohnort: North America?
I was just hoping someone might know something about this type of software,possibly something that is licenced under the gnu, anyhow thanks in advance.
 
 Benutzer-Profile anzeigen Private Nachricht senden Yahoo Messenger  
Antworten mit Zitat Nach oben
piper
Titel: RE: Anonymizing software for kanotix?  BeitragVerfasst am: 05.10.2006, 02:08 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
To be totally honest

There is no such software in linux, windows, or any other operating system and is impossible (unless no internet connection). You cannot hide on the internet, yes, you can make things difficult, but you cannot be invisible, I really don't understand all the hype in people trying to be "invisible"

You can use Tor to live up to the myth (your isp will know who you are, I used to work for one)

http://kanotix.com/PNphpBB2-viewtopic-t-21320.html

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
John
Titel: RE: Anonymizing software for kanotix?  BeitragVerfasst am: 05.10.2006, 06:40 Uhr



Anmeldung: 10. Dez 2004
Beiträge: 489
Wohnort: Stuttgart / Kulmbach
and take a look at privoxy
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
trs12
Titel: Thanks  BeitragVerfasst am: 05.10.2006, 23:46 Uhr



Anmeldung: 03. Jul 2006
Beiträge: 32
Wohnort: North America?
I understand with your ISP needing to know where you are, but I just think that personal privacy is important with all the goons running around these days but thanks very much I don't know very much about these things.
 
 Benutzer-Profile anzeigen Private Nachricht senden Yahoo Messenger  
Antworten mit Zitat Nach oben
tinker
Titel: Re: Thanks  BeitragVerfasst am: 06.10.2006, 17:42 Uhr



Anmeldung: 09. Sep 2006
Beiträge: 13

trs12 hat folgendes geschrieben::
I understand with your ISP needing to know where you are, but I just think that personal privacy is important with all the goons running around these days but thanks very much I don't know very much about these things.


I am not an expert on these things so someone else may want to comment but it seems to me that when you are surfing, the other end needs to know an IP address (you) to send information back to but, unless you have a static address or a broadband connection that never changes a dynamic address, the other end is only going to know where you "were" at that time, not necessarily where you "are" now and they aren't going to know "who" you are. Of course, they could have some general idea of location by the IP range and who it is registered to. I hope my firewall and security upgrades protect me from outside "black hats" during the time I retain an IP address. As long as I can trust my ISP to not divulge information about me, I'm only in danger if someone is able to convince me to give out personal information, or if they sniff it from a wireless connection.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel: Re: Thanks  BeitragVerfasst am: 06.10.2006, 20:41 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
tinker hat folgendes geschrieben::
trs12 hat folgendes geschrieben::
I understand with your ISP needing to know where you are, but I just think that personal privacy is important with all the goons running around these days but thanks very much I don't know very much about these things.


I am not an expert on these things so someone else may want to comment but it seems to me that when you are surfing, the other end needs to know an IP address (you) to send information back to but, unless you have a static address or a broadband connection that never changes a dynamic address, the other end is only going to know where you "were" at that time, not necessarily where you "are" now and they aren't going to know "who" you are. Of course, they could have some general idea of location by the IP range and who it is registered to. I hope my firewall and security upgrades protect me from outside "black hats" during the time I retain an IP address. As long as I can trust my ISP to not divulge information about me, I'm only in danger if someone is able to convince me to give out personal information, or if they sniff it from a wireless connection.


The only way you are safe is not to be connected to the internet. "black hats" won't even show up in your routers logs. Yes, They are that good. Try going to a (black-hat) convention sometime. Google is your friend.

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
Swynndla
Titel: Re: Thanks  BeitragVerfasst am: 06.10.2006, 21:29 Uhr



Anmeldung: 05. Dez 2005
Beiträge: 414
Wohnort: Auckland, New Zealand
tinker hat folgendes geschrieben::
I'm only in danger if someone is able to ...

It depends what you mean by danger. If someone in an oppressive country speaks out against their govt on a forum etc, then their govt may be able to grab the ip address of the person who did it. This is even more easy on IRC. The IP address is easily traced back to a specific ISP. A court order could ask an ISP for the records showing who had that IP address at the time. People have be thrown into prison in this way.

Places like China are named as doing this sort of stuff to their people. But even in the USA, where free speech is allowed, the govt listens into internet traffic at will.

Some large corporations are doing the same thing now. They get free market research. They spy on their own employees. Knowledge is power.

Now the way tor works is that you make an encrypted link to the tor network of computers (many 1000's of servers all around the world) and get automatically bounced around (still using encryption). You pop out of one of them, and you assume the ip address of that pc (ie the last tor pc you touched), and so that pc is acting as a proxy for you. So when you finally reach the destination web site or irc site etc (unencrypted), the ip they see isn't yours, but it's the ip address of the proxy (the last tor pc you touched). When the web page (or whatever) sends back the packets to the proxy, the proxy sends the data back though the tor network to your pc, and each tor server pc deletes any records on the way. Note that each tor pc doesn't know who you are, but only how to get to the next tor pc. That way, if one of the tor servers is actually a govt owned pc, and if they keep records, then they still don't know who you are.

Well that's my understanding of it anyway. This means that if blackhats (including governments) try to get information from your pc using a vulnerability, then it's much harder for them to do so, as they are actually attacking a proxy server, not your pc. Governments love m$ for this very reason btw, because of the many vulnerabilities. It also makes it much harder to trace the traffic to you.

Am I sounding paranoid yet?

Well, I think for most things like web surfing, people don't need that level of anonymity. But it'd still be worth having the "noscript" firefox extension (or better still, run a web browser in a virtual server), and maybe it's a good idea to install an extension to block some of the info that your browser gives out.

_________________
Linux is evolution, not intelligent design - Linus Torvalds
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
slam
Titel: Re: Thanks  BeitragVerfasst am: 06.10.2006, 21:49 Uhr



Anmeldung: 05. Okt 2004
Beiträge: 2069
Wohnort: w3
Zitat:
Well, I think for most things like web surfing, people don't need that level of anonymity. But it'd still be worth having the "noscript" firefox extension (or better still, run a web browser in a virtual server), and maybe it's a good idea to install an extension to block some of the info that your browser gives out.

Without knowing I obviously changed my avatar fitting to this topic! Winken

Your description of how tor works is correct, and you're also right telling us that it makes it much harder (actually very, very hard) to follow your traces through this encrypted proxy network. Actually in most cases you are simply not worth the money and time to be followed though Tor.

However, I don't agree with you on the quoted last paragraph at all. No "Noscript" or similar extension for Firefox really protects your privacy, it simply makes surfing less annoying without most of the flashing and blinking stuff. Running your web browser via a virtual server sounds interesting, but I still have to understand the reason to add such complication to it. Blocking the information your browser gives out also does not protect you in any way, it just makes many web sites look more ugly for you.

If your privacy is of real concern,

1) limit your online time to the absolute necessary;
2) never go online from a place which has any relation to you;
3) don't use standard operating systems and browsers;
4) make use of all encryption and proxies, and change methods & keys often;
5) control the information you pass over the net;
6) keep your data off the net wherever you can;
7) don't trust me! Winken

Greetings,
Chris

_________________
"An operating system must operate."
 
 Benutzer-Profile anzeigen Private Nachricht senden E-Mail senden Website dieses Benutzers besuchen AIM-Name Yahoo Messenger MSN Messenger ICQ-Nummer 
Antworten mit Zitat Nach oben
tinker
Titel:   BeitragVerfasst am: 07.10.2006, 15:34 Uhr



Anmeldung: 09. Sep 2006
Beiträge: 13

Excellent!

Now this is a very good thread with lots of information for a person who wants to make choices and consider what they need depending on their situation. There are certainly points that I had not considered although I did realise that the only way to be totally safe is to not connect to the Internet at all.

And, hey, I'm not paranoid if they really are after me. Winken
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
hey_ian
Titel:   BeitragVerfasst am: 07.10.2006, 18:30 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 448
Wohnort: Dresden
OK if you are searching for anonimizer, you can use JAP.
http://anon.inf.tu-dresden.de/index_en.html
This is a multiplattform Java program. I prevents other people to spy out your computer, but it does NOT make you invisible. You will become connected to the TU Dresden server, were other people who use JAP are connected and surf using the ANON server.
I thing you know how to start Java progs, if not I will help you!
Post here.

_________________
Scanmetender[Soft] - Tender security solutions for your computer.
Scanmetender Standard - It is free! For GNU/Linux and Windows(R).
http://www.scanmetender.com
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
phen
Titel:   BeitragVerfasst am: 07.10.2006, 19:18 Uhr



Anmeldung: 10. Nov 2004
Beiträge: 519
Wohnort: Berlin
hey_ian,

would like to try out this JAP. now, the app is started and i'm connected.
but the leader.ru-site still gives me unchanged information.
i think i have to configure the proxy-settings in my firefox - can you tell me, what i exactly have to do here?

regards=)
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
tinker
Titel:   BeitragVerfasst am: 08.10.2006, 13:24 Uhr



Anmeldung: 09. Sep 2006
Beiträge: 13

I can't help but think about what slam's point #7 suggests. Be careful who you trust.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
hey_ian
Titel:   BeitragVerfasst am: 08.10.2006, 15:46 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 448
Wohnort: Dresden
phen hat folgendes geschrieben::
hey_ian,

would like to try out this JAP. now, the app is started and i'm connected.
but the leader.ru-site still gives me unchanged information.
i think i have to configure the proxy-settings in my firefox - can you tell me, what i exactly have to do here?

regards=)


You can trust JAP, I am also using it.

_________________
Scanmetender[Soft] - Tender security solutions for your computer.
Scanmetender Standard - It is free! For GNU/Linux and Windows(R).
http://www.scanmetender.com
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
slam
Titel:   BeitragVerfasst am: 08.10.2006, 15:52 Uhr



Anmeldung: 05. Okt 2004
Beiträge: 2069
Wohnort: w3
Zitat:
$ whois leader.ru
% By submitting a query to RIPN's Whois Service
% you agree to abide by the following terms of use:
% http://www.ripn.net/about/servpol.html#3.2 (in Russian)
% http://www.ripn.net/about/en/servpol.html#3.2 (in English).

domain: LEADER.RU
type: CORPORATE
nserver: dns1.zenon.net.
nserver: dns2.zenon.net.
state: REGISTERED, DELEGATED
person: ALEXANDER K. YEZHOV
phone: +7 095 7104406
e-mail: admin@leader.ru
registrar: NAUNET-REG-RIPN
created: 1998.05.15
paid-till: 2007.06.01
source: TC-RIPN


Last updated on 2006.10.08 18:46:04 MSK/MSD

Well, do you know him personally and recommend him therefore? Why should I trust him?
Greetings,
Chris

_________________
"An operating system must operate."
 
 Benutzer-Profile anzeigen Private Nachricht senden E-Mail senden Website dieses Benutzers besuchen AIM-Name Yahoo Messenger MSN Messenger ICQ-Nummer 
Antworten mit Zitat Nach oben
hey_ian
Titel:   BeitragVerfasst am: 08.10.2006, 15:58 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 448
Wohnort: Dresden
OK in Firefox zou go first to EDIT -> PREFERENCES -> Connection settings.

In the Settings window you should choose option "manual proxy configuration". Then enter in the HTTP proxy "127.0.0.1" and as Port "4001". Check the options use this proxy settings for all protocols. Then you can connect and use JAP.

Note: If you want to make other browser use JAP, you have to adjust this proxy settings in every browser.

If you do not want to use JAP for a session, you have only to choose the option for Automatic Proxy config or direct connection. You do not have to be connected to the ANON server while surfing the internet wthout anonmity, but when the proxy settings are set to use JAP, the program must be at least running unconnected.

_________________
Scanmetender[Soft] - Tender security solutions for your computer.
Scanmetender Standard - It is free! For GNU/Linux and Windows(R).
http://www.scanmetender.com
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
slam
Titel:   BeitragVerfasst am: 08.10.2006, 16:00 Uhr



Anmeldung: 05. Okt 2004
Beiträge: 2069
Wohnort: w3
Or should I trust him because he is hiding well?
Zitat:
$ traceroute leader.ru
traceroute to leader.ru (195.2.91.125), 30 hops max, 40 byte packets
1 - 9 hidden.for.privacy.reasons.com
10 213.46.183.50 (213.46.183.50) 33.016 ms 29.662 ms 31.733 ms
11 adm-bb2-pos0-0-0.telia.net (213.248.64.189) 34.595 ms 30.963 ms 31.753 ms
12 hbg-bb2-pos7-0-0.telia.net (213.248.65.162) 37.962 ms 37.522 ms 35.765 ms
13 s-bb2-pos7-3-0.telia.net (213.248.64.37) 50.953 ms 50.666 ms 47.825 ms
14 mow-b2-link.telia.net (80.91.249.99) 76.563 ms 73.386 ms 74.157 ms
15 zenon-103945-mow-b2.c.telia.net (213.248.78.178) 80.367 ms 74.041 ms 73.6 30 ms
16 jam-l3sw-2-vlan404.msk.zenon.net (62.113.112.6Cool 371.677 ms 145.480 ms 35 5.581 ms
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

_________________
"An operating system must operate."
 
 Benutzer-Profile anzeigen Private Nachricht senden E-Mail senden Website dieses Benutzers besuchen AIM-Name Yahoo Messenger MSN Messenger ICQ-Nummer 
Antworten mit Zitat Nach oben
hey_ian
Titel:   BeitragVerfasst am: 08.10.2006, 16:09 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 448
Wohnort: Dresden
slam hat folgendes geschrieben::
Or should I trust him because he is hiding well?
Zitat:
$ traceroute leader.ru
traceroute to leader.ru (195.2.91.125), 30 hops max, 40 byte packets
1 - 9 hidden.for.privacy.reasons.com
10 213.46.183.50 (213.46.183.50) 33.016 ms 29.662 ms 31.733 ms
11 adm-bb2-pos0-0-0.telia.net (213.248.64.189) 34.595 ms 30.963 ms 31.753 ms
12 hbg-bb2-pos7-0-0.telia.net (213.248.65.162) 37.962 ms 37.522 ms 35.765 ms
13 s-bb2-pos7-3-0.telia.net (213.248.64.37) 50.953 ms 50.666 ms 47.825 ms
14 mow-b2-link.telia.net (80.91.249.99) 76.563 ms 73.386 ms 74.157 ms
15 zenon-103945-mow-b2.c.telia.net (213.248.78.178) 80.367 ms 74.041 ms 73.6 30 ms
16 jam-l3sw-2-vlan404.msk.zenon.net (62.113.112.6Cool 371.677 ms 145.480 ms 35 5.581 ms
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *


leader.ru is not JAP!!!

_________________
Scanmetender[Soft] - Tender security solutions for your computer.
Scanmetender Standard - It is free! For GNU/Linux and Windows(R).
http://www.scanmetender.com
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 08.10.2006, 16:29 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
For privacy I will blank it out

id=1 fl=xxxxx an=x ns=x ar=0 rc=0 server=xxxxxx hostname= err= k=1 gr=1

Step 0 You entered: xxxxxxxxx
Step 1 Extract username/password xxxxxxxxxxxxxxxxxxxx
Step 2 Remove port (":80")xxxxxxxxxxxxxx
Step 3 Decode octets ("%25")xxxxxxxxxxx xxxxx xxxxxxxx
Step 4 Convert decimal to IP xxxxxxxxxxx

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
slam
Titel:   BeitragVerfasst am: 08.10.2006, 17:29 Uhr



Anmeldung: 05. Okt 2004
Beiträge: 2069
Wohnort: w3
hey_jan: Ok, I recognized that and reviewed the JAP page in more detail. Here is what I found:

Zitat:
The current version of the mix software contains a crime prevention function that allows this method. The surveillance of a connection requires the cooperation of all mix operators in a mix cascade and their activation of this function.


So, the trigger is there and can be (ab-)used any time.

Zitat:
Agreement for Mix Operators

Version: 24. September 2003

This agreement aims at ensuring resp. increasing the trustworthiness of the anonymity service. To reach this goal, the operators have to take technical and organisational precautions for a high degree of privacy and security.

The signatory operates an anonymity host (in the following: mix). Together with other mixes, it forms a sequence called mix cascade. A cascade consists of a first mix, a last mix, and optionally several middle mixes. In particular, the nature of cascades implies that each mix has at most one predecessor-mix and one successor-mix. Mixes are connected, e.g., over the Internet.


So, if I sign this document, I become a "trusted operator". Well, I told you - don't trust me.

Zitat:
For this reason, we especially point out that the "Dresden-Dresden" mix cascade is for test purposes and is run solely by us. Whoever uses this mix is protected from external observation, but we (in Dresden) could theoretically observe.


See? They are clever - they don't trust anyone except themselves. Winken

Please be also aware of Java in general not being suited by design for high security applications.

All that said, JAP is an interesting academic approach at encrypted proxies and I will definitely have an eye onto their developments.

Greetings,
Chris

_________________
"An operating system must operate."
 
 Benutzer-Profile anzeigen Private Nachricht senden E-Mail senden Website dieses Benutzers besuchen AIM-Name Yahoo Messenger MSN Messenger ICQ-Nummer 
Antworten mit Zitat Nach oben
hey_ian
Titel:   BeitragVerfasst am: 08.10.2006, 18:03 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 448
Wohnort: Dresden
I trust the developers because they are from the TU Dresden and I am also from Dresden and know them.
JAP cannont give a warranty, that you are 100% anonym in the Inet, it is not rather ready, but in high development. I am using JAP for years, especially on WinDOS and I am very satisfied. Although it costs a bit connection speed sometimes Winken

_________________
Scanmetender[Soft] - Tender security solutions for your computer.
Scanmetender Standard - It is free! For GNU/Linux and Windows(R).
http://www.scanmetender.com
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
slh
Titel:   BeitragVerfasst am: 08.10.2006, 19:21 Uhr



Anmeldung: 16. Aug 2004
Beiträge: 1905

That much to the security of JAP http://www.heise.de/english/newsticker/news/61985 (the german news is more comprehensive http://www.heise.de/newsticker/meldung/39508, yes I am aware of the legal results from that, but that doesn't change the technical background), it can be sniffed and it already has been under observation.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
hey_ian
Titel:   BeitragVerfasst am: 08.10.2006, 22:16 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 448
Wohnort: Dresden
Law is law, if the police wants the data to be protocoled, we cannot do anything against it.

_________________
Scanmetender[Soft] - Tender security solutions for your computer.
Scanmetender Standard - It is free! For GNU/Linux and Windows(R).
http://www.scanmetender.com
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
slh
Titel:   BeitragVerfasst am: 09.10.2006, 15:13 Uhr



Anmeldung: 16. Aug 2004
Beiträge: 1905

It just shows that anonymity isn't technically warranted, which somehow voids the purpose and raises concerns regarding the admins and the project's trustworthyness (yes, I know all depends on the mix structure, but this doesn't change anything).
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Cathbard
Titel:   BeitragVerfasst am: 09.10.2006, 18:26 Uhr
Artist
Artist


Anmeldung: 11. Aug 2005
Beiträge: 451
Wohnort: Australia
Anonymous browsing does have its benefits but it won't protect that much.
My ISP states uncategorically that they will not disclose my identity to anybody not in possesion of a Federal search warrant. All they do is warn the customer that somebody is looking. Another ISP over here (the first private telco) will threaten to turn you in if you start to use some of the bandwidth you paid for.
A fellow Kanotix user I know got hassled by them for bittorrenting. They didn't know what to say when he said it was linuxtracker, not illegal and he hadn't gone near passing his limit. They had already started to mention limewire and were stopped dead in their tracks when told what it actually was. They directed him to the terms and conditions that state that they will enforce the rulings and laws of foreign governments. I doubt that is legal but the threat is clear.
In a nutshell .... choose your ISP carefully and don't make cost the only factor.
In cases like this I usually direct people to Jebba's rant over at BLAG. He used to work at AT&T so it's well worth reading.

_________________
Cathbard.com
The real pirates by Courtney Love
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Beiträge vom vorherigen Thema anzeigen:     
Gehe zu:  
Alle Zeiten sind GMT + 1 Stunde
Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
PNphpBB2 © 2003-2007 
 
Deutsch | English
Logos and trademarks are the property of their respective owners, comments are property of their posters, the rest is © 2004 - 2006 by Jörg Schirottke (Kano).
Consult Impressum and Legal Terms for details. Kanotix is Free Software released under the GNU/GPL license.
This CMS is powered by PostNuke, all themes used at this site are released under the GNU/GPL license. designed and hosted by w3you. Our web server is running on Kanotix64-2006.