12

my friend and I are trying to make the most anonymous setup for a computer to do things across the internet without being known the location from which it came.

Our setup is as follows:

A windows machine, with linux running in virtualbox, with a spoofed mac address using tor to do internet things.

Will this setup provide anonymity on the internet?

Is any of it redundant, or useless?

What could we do better?

TestinginProd
  • 908
  • 3
  • 9
  • 14
  • 7
    I'm not fully understanding the point of a spoofed mac address. The mac address shouldn't make it through your router/Nat/modem. – WalterJ89 Dec 14 '11 at 03:49
  • The official TOR website lists a live-CD: https://tails.boum.org/ – CodesInChaos Feb 14 '12 at 23:26
  • I use [encrypted SSH tunnel and proxy](http://pirateray.com/proxy) to be anonymous on Linux, it works good with any browser , any Windows OS as well. The service changes your real IP and shows it from a different location. The traffic becomes non readable and secure. –  Oct 11 '12 at 18:23
  • How about tracking cookies. – Luc Oct 11 '12 at 19:14
  • 1
    You now need to trust a single party(the proxy) instead of just one of three with TOR. – CodesInChaos Oct 11 '12 at 22:06

8 Answers8

15

Tor does not always protect your ip fully when you need to interact with the end node. You can check your efforts with online checks like this.

What has worked for me on every check I've tried is JanusVM. It runs as a VM, which you use as a proxy for your hardened browser VM. Janus uses Tor, squid, dns-proxy-tor, and privoxy to cover your ip. It is very simple and easy to setup.

I use VirtualBox's 'Seamless mode' so that my browser (in a guest VM) looks and acts like a local app on the host. Very convenient as long as you still remember which window is in the protected environment. :)

schroeder
  • 125,553
  • 55
  • 289
  • 326
9

You should use a live CD like BackTrack. This comes with Tor and software for breaking WEP and WPA2-PSK. Then you can go war driving... are you old enough to drive?

Also brush up on your OSI model, the MAC address is only needed by the data link layer and is there for scrubbed off by whatever router you are behind. However, some routers log what MAC addresses they have communicated with.

forest
  • 65,613
  • 20
  • 208
  • 262
rook
  • 47,004
  • 10
  • 94
  • 182
  • 2
    But that would be illegal. – Safado Dec 14 '11 at 20:23
  • 1
    @RyanM. is right. Breaking someone's wifi security to piggy-back on their signal would be illegal in a lot of jurisdictions. It might be successful in making you 'anonymous' but there are other options. – schroeder Dec 14 '11 at 22:04
  • 4
    @Ryan M. yeah I think that goes without saying. But just look at this post, its shady as hell. My answer is based on what the op is looking for. – rook Dec 14 '11 at 22:56
  • I agree that it's shady as hell, I wasn't trying to criticize your answer. I think it's a good reminder before our shady-as-hell OP does something stupid. – Safado Dec 14 '11 at 23:43
  • **Backtrack is not an anonymous OS!** And neither is its successor, Kali Linux. – forest Jun 11 '22 at 07:36
9

Legalities and ethics aside, the following could theoretically provide a reasonable level of anonymity:

  • A Live CD, e.g. one of the Linux variants
  • An internet connection not owned or traceable to you, e.g. an unsecured WiFi connection
  • An SSL VPN with an exit point in a country with laws to protect your information and purchased anonymously e.g. by mail order
  • A browser appropriately configured and with extensions such as NoScript and SSLeverywhere, etc. Tor provide a reasonable pre-packaged browser you could use. Tor through the VPN wouldn't be a bad idea either.

Then it's just up to you to ensure you don't post or share information on the internet which could be used to identify you.

forest
  • 65,613
  • 20
  • 208
  • 262
lew
  • 1,536
  • 8
  • 11
7

You should consider how your browser profile looks to the web servers on the net. Check out https://panopticlick.eff.org/ for a test of just how unique your setup might be. If you turn out to be one in a million unique like many you will need to consider what you actually mean by anonymous in this case.

zedman9991
  • 3,377
  • 15
  • 22
2

with a spoofed mac address

This doesn't do anything for you. The IP address of your local gateway is what matters, which there's not much you can do about. Tor is better than nothing, but I wouldn't count on it for much.

So, how anonymous? Anonymous enough to counter your average passive monitoring, but certainly not a determined attacker.

pdubs
  • 1,113
  • 6
  • 13
  • 1
    Even your hardware clock can give a unique signature as it is embedded within the TCP packet. http://www.schneier.com/blog/archives/2005/03/remote_physical.html – logicalscope Dec 14 '11 at 23:02
1

You should think about footprint as well as thumbprint; i.e. one could change their browser user agent to disclose no info about browser build and so on, more anonymous but also more unique than the typical firefox or ie headers.

anon
  • 11
  • 1
1

Depending on who your trying to hide from...

Your currently using systems all developed by the G man.

Tor is far from anonymous but, it does however provide a very good method of scrambling traffic, for a little while longer.

Its relatively easy to distinguish a virtual machines traffic.

Encrypting said VM might help ;-)

I believe there is something called Tails you'd be interested in.

Good luck.

forest
  • 65,613
  • 20
  • 208
  • 262
OxiTruth
  • 19
  • 1
  • Note that none of these are actually developed by the government. The concept of onion routing was conceived by the Navy, but that does not taint the _concept_ itself anymore than the concept of the computer mouse was tainted by DARPA. Tor Project is a private non-profit organization, not a government entity. – forest Mar 03 '18 at 00:18
0

One big thing I see you missing is blocking of cookies. Either block them in the browser or use do not track plus extension for chrome.

You should also read this: http://nmap.org/book/osdetect.html There was a hak5 episode about modifying IP settings in Windows to make your Windows PC look like a linux box.

I'd also add a foreign private proxy before you enter Tor, this should obviously not be registered under your details so you should look into hosts which will set up the host on your behalf (some will even take bitcoins). This will help mitigate the fact that a lot of Tor exit nodes are run by law enforcement agencies (some as honey pots of sorts, some for their own internal use).

I think lastly is the issue of web habits. All of this is pretty useless if you use the box to look at all your friend's Facebook profiles. Use one box for your Blackhat persona and another for your IRL persona. If you can even try to write differently ie using txtspk on your Blackhat persona and proper English on your IRL persona, I've been on forums where people would detect duplicate accounts by just their grammar.

Inverted Llama
  • 563
  • 2
  • 10