Anonymity Online

Posted: November 23, 2012 in Uncategorized

Image

 

How to protect your identity online [Part 1st] [Extremely DETAILED]
—————————————-—————————————-————

The information I will provide might make you paranoid by the time you are done reading this, so if you don’t want to be informed and paranoid, please don’t read this.

I will be covering:

1) History – Hackers

2) Website owners

3) Your name

4) Your e-mail

5) What you sign up to

6) Information you expose unknowingly

7) Keeping you safe

You hear it on the news, you read it on the newspaper, you live with it everywhere without even acknowledging its existence.

“Hackers have stolen identities” I have heard that line so many times this year, it is ridiculous.

Companies promising to “defend” your identity, memberships giving their words to keep your information to themselves only, the government reassuring that they will only have access.

All this is a lie as information ALWAYS gets leaked or there is an inside worker providing information out into the black market.
Not only that, but securities on big companies are always exposed and hackers always find their way in.

1) History – Hackers

I will explain briefly on the type of hackers that there are out there for the sake of academical knowledge. These descriptions are not in dept, instead they are meant to slightly touch the subject and educate those are who are unaware of these titles on the cyber world.

1) Black Hat Hackers – These are the most infamous hackers there are. These are the guys you hear about it on the news due to committing crimes. These people are whose purpose is to gain information and use for their own need. They could be anyone.

-Black Hats tend to be professionals at what they do and are extremely well informed on everything related with the cyber world and crimes.
-Black Hats tend to be educated people who have worked many years to accumulate all the knowledge they hold. They are not your kid who uses “hacking tools” to scare their gaming buddies online.
-Black Hats is the image typically portrayed on movies.

2) White Hat Hackers – These are the lesser known hackers simply because they do the clean up work that goes behind the scenes cleaning up the messes from Black Hat Hackers.

-White Hats are the heroes of the cyber world. They fight crime using their hacking knowledge to patch exploits on system and assure that your information does not gets leaked out or easily acquired by any Black Hats.
-White Hats are professionals at what they do. They have as much knowledge as Black Hats, but use their skills to fight crime rather than aid it.

3) Gray Hat Hackers – These are the somewhat known hackers simply because they are unpredictable on what their actions might turn into. They are known as “Gray Hats” because it’s a mixture between the color White + Black = Creating: Gray

-Gray Hats are essentially neutrals on what they do. They might decide to do what’s right even if there’s some other entity telling them that it’s wrong or could be vice versa.

For example, Black Hat steals bank information and leaks out on the internet. Gray Hat could either decide to either use the information OR let the owners, authorities, or the companies know of the exposure.

2) Website owners

Websites, there are millions of them around the world in all languages. You can keep yourself entertained on them or you can become smarter reading potential useful information as you are reading now.

Do you ever wonder “Who owns this website?” or “How can I find out who owns it?”

I decided to include this topic on here since more and more people decide to pay for hosting services to have their very own website for either personal usage or some sort of business.

Well, unlike in the real world where you fill out papers and they get stacked or hidden in some compartment where not a random person could have access. Websites expose your information unknowingly. Maybe not the websites themselves, but the companies that provide hosting services.

I will use this website “HackForums.net” as an example to teach what I’m talking about.

There is something known as a “whois” that essentially tells you who registered the domain name.

You can easily Google “whois domain” and a huge list of websites that allow you to whois either a location or a domain to find its location.

My favorite website to do whois is:

http://whois.domaintools.com/

Now, if we do a whois on HackForums.net, here’s what we get.

Quote:Domain Name: HACKFORUMS.NET
Registrar: MONIKER

Registrant [2341726]:
Moniker Privacy Services
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US

Administrative Contact [2341726]:
Moniker Privacy Services
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155

Billing Contact [2341726]:
Moniker Privacy Services
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155

Technical Contact [2341726]:
Moniker Privacy Services
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155

Domain servers in listed order:

NS1.DALLAS-IDC.COM
NS2.DALLAS-IDC.COM
NS1.ZANMO.COM 69.162.82.250

Record created on: 2005-09-27 14:18:41.0
Database last updated on: 2010-11-29 02:16:59.78
Domain Expires on: 2011-09-27 14:18:41.0

As you can see it exposes a lot of information that you wouldn’t want strangers to get a hold of you and then use to sell for their own good.

Common Hacking Forums, Websites are registered as a “Private” domain, so no real information is shown of the real owner. Instead, it displays the information of the company providing the service for the domain or hosting.

This is also how you can contact a company if you want to report a website with disgusting content such as child pornography.

I’m not going to whois a person’s website since it would be against the rules to expose personal information about anyone, but I believe that you get the idea of what can be done to discover information such as address, name, phone number, fax number, and more using nothing but a website name.

Experienced website administrators always should use Private domains to avoid exposing information to the public as much as possible.

If you have a website, whois it yourself and find out whether if you are exposed or not. If you are, call the company you registered your domain and request your domain to be put as private. They might require a fee of around $7 extra a year, but it’s worth it knowing that you’re not exposed.

You could also find out the ISP or company by doing a ping on an IP.

Example,

Open Command Prompt and type “ping Hackforums.net” the response will be an IP. Once you have that IP, you can use:

http://iplocation.net/

To tell you where the servers are located and giving you a definite location for the company’s machines.

http://iplocation.net/ Can also be used to find the location of a person’s location with their IP.

3) Your name

Your name is as unique as you can be. Your parents/guardians named you and that’s what makes you, you.

Your name can be your worst enemy when you are online as it can be used to expose so much information about you to the point of where you could be blackmailed.

Where should you ever use your real name online? NEVER. Why? Because, using your name alone anyone can find out where you live within a matter of 5 seconds.

Websites such as:

http://com.lullar.com/

http://www.pipl.com/email/

http://www.spokeo.com/

http://www.emailfinder.com/

http://www.411.com/
http://www.ask.com/
http://www.bebo.com/
http://www.facebook.com/
http://www.flickr.com/
http://www.ip-adress.com/ipaddresstolocation/
http://www.myspace.com/
http://www.myyearbook.com/
http://www.searchenginez.com/findpeople.html
http://www.skipease.com/
http://www.sonico.com/
http://www.spock.com/
http://www.twitter.com/
http://www.usatrace.com/
http://www.whitepages.com/
http://www.whois.com/
http://www.whois.net/
http://www.wink.com/
http://www.youtube.com/
http://www.zabasearch.com/
http://www.zoominfo.com/

Make it extremely easy to search names, e-mails, etc to dig information about whoever you want. There are more websites in which I personally use to dig information about people, but I will not mention them since I do not want the news station going crazy on a new rage of identity exposers.

Here’s an example of a person I searched for the sake of showing.

Cliack here :

( http://img130.imageshack.us/img130/332/identity.png )

I have satellite pictures using Google Earth to pinpoint exactly where she lives and what her house looks like, but I will not expose that.

Where is this information normally exposed? Hmm…I’ll let you guess. Or maybe not…The answer is Social Networks. Ah, Facebook, Myspace, Orkut, and so many others…The list goes on and on.

I highly recommend that you NEVER use your real name, instead use an edited name or initials instead rather than exposing your real name to the real world. If your friends on social networks already know you, they should not need to see your complete name as they will already know you.

For example,

Bill Gates

My recommendation would be to use “Billy Gates” simply because a letter being off makes it so incredibly difficult to pinpoint someone.

You can use your imagination for what you should replace your name instead of your real name. That is, if you want to avoid being looked up.

Something I have found based on experience is that it’s much more difficult pinpointing teenagers on the internet since they are not normally registered with government database that eases finding them.

If you are a teenager, do not have your parents names exposed as the name of your parents can be used to pinpoint you or vice versa, if you are a parent. Ironically, it’s the teenagers that expose more information than adults and yet, they are the ones harder to pinpoint.

—————————————-—————————————-————

How to protect your identity online [Part 2nd] [Extremely DETAILED]

4) Your e-mail

Your e-mail, the one you use to check on your everyday business or activities online. The one you rely to deliver things to you safely.

Question is, are you delivering to it safely? Probably not, or at least I hope you are.

The e-mail problem is an easy fix since all it takes is common sense.

If you have various accounts such as Social networks, have an e-mail specifically for messing around. If you have accounts for serious business such as your Paypal, Bank, etc…

Have an e-mail that only you have access to and is different from your regular “messing around” e-mail.

If you work for any companies or have services with an ISP, avoid using their e-mail services to register on important websites where your money is dealt with such as Paypal, AlertMoney, banks, etc…

Why? Because they have been known to get hacked leaving all your information exposed for hackers to gorge in. Instead, I would recommend focusing on big companies such as Yahoo, Hotmail, or Gmail since these are much more secured companies and will always be up 24/7 any time of the year.

Not much to say on that, just have different e-mails for different activities for security measures. Not only that, but also have different passwords that require extensive typing with various complicating symbols such as:

you%(3cool

That above is a ridiculous example, but I believe you get the idea.

You know what hackers love the most? Not having to do much work and having everything set for them easily for the taking. For example, if you are infected with a keylogger, a hacker would love to have 1 e-mail to have access to everything. So, this gives you an idea why you should have a variety at all times with up-to-date information to assure that you could retrieve it, in case if it were to get stolen.

5) What you sign up to
Ever wondered why you get so much spam e-mails? Well, it’s simple. It’s because e-mail collectors acquire a list of e-mails in which they can mass e-mail to send spam.

Just as I mentioned earlier, have an e-mail for messing around and e-mails for serious business. Avoid using an e-mail for all activities as this will only clog your inbox with useless e-mails that will steal your valuable time.

There are many websites which sell their database of e-mails to E-mail spammers for a certain amount of money behind the scenes or the collectors themselves have set traps through the internet such as Phishing to acquire a list of e-mails to spam.

Avoid registering to websites such as products and random useless subjects that promise to pay you money for signing up or trying their products.

Seems to me like it’s common sense, but it’s good to know.

6) Information you expose unknowingly

Well, I hope that I have given you a good idea of easily information can be acquired using the internet.

Privacy does not exists anymore on the internet.

If you use Social Networks, try to have your information concealed as much as possible from the public and do not expose valuable information such as Birthday, location, or name to keep yourself as underground as possible.

You have to consider that information could be leaked physically or electronically as well.

Keep yourself up-to-date and informed to know if a company you might use has been breached or not.

http://en.wikipedia.org/wiki/Timeline_of…er_history

As they say, Google is your friend. Use it when you need it.

7) Keeping you safe

This is probably the most important part of the tutorial as this is where the most incidents occur due to infections or traps.

Infections or traps can range from:

-RATs (Remote Access Tool) which essentially give completely control of your computer.

-Keylogging which retains a log of all the keys you ever press on your keyboard.

-Phishing which retains a log when you manually input your information on a fake website emulating an original website.

-And more, but those above are the most common.

How can you protect yourself?

Around 90% of malware on the internet was coded to infect Windows Operating systems. I got that number from PC World about a year ago, forgive me if it’s incorrect now.

Anyway, assuming that you run on Windows you are the ones are the highest risk of getting targeted or infected.

You will want to always have your computer clean and secured having the proper tools. All these tools are the best of the best and are all free. They are probably better than paid security software.

How do I know this? Well, there are websites where you can scan malware after you crypt them (making them undetectable) to ensure that they are not detected by Anti-virus of any kind. Avira is the one that people always have a hard time bypassing, so I can safely say that it’s the best from my personal experience of crypting and scanning.

Download and install all these tools below and I can assure you that your computer will be protected 1000% better than what it might be as of now. Get the free versions.

http://www.malwarebytes.org/

http://personalfirewall.comodo.com/

Avira Anti-Virus – Follow the instructions on that link on how to get it free.

KeyScrambler Pro 2.7 – Follow the instructions on that link on how to get it for free. This software helps to encrypt everything you type on the internet.

If you use Google Chrome, get this:

https://chrome.google.com/extensions/det…ckof?hl=en

It encrypts all your website visits as https:// rather than http:// which makes you more secured.

If you use Firefox, get this:

http://www.eff.org/https-everywhere

It encrypts all your website visits as https:// rather than http:// which makes you more secured as well.

http://notendur.hi.is/~gas15/FireShepherd/

FireShepherd, a small console program that floods the nearby wireless network with packets designed to turn off FireSheep, effectively shutting down nearby FireSheep programs every 0.5 sec or so, making you and the people around you secure from most people using FireSheep.
The program kills the current version of FireSheep running nearby, but the user is still in danger of all other session hijacking mechanisms. Do not do anything over a untrusted network that you cannot share with everyone.
-Know that this is only a temporary solution to the FireSheep problem, created to give people the chance to secure themselves and the others around them from the current threat, while the security vulnerabilities revealed by FireSheep are being fixed.

The other option is using a different operating system which has a lower percentage of being targeted.

You don’t have to spend tons of money on Apple computers, instead you can get a free operating system from the Linux distributions.

The easiest to use and most similar to Windows looks is Ubuntu. You can install Ubuntu as a normal program on Windows and once it restarts, it shows you the option to choose Ubuntu over Windows.

You can watch this video:

http://www.youtube.com/watch?v=UdI8_92QTkQ

To learn more in dept. It’s very simple, so don’t be afraid to try.

The video focuses on completely replacing your current operating system Windows and replacing it or dual booting with Linux Ubuntu.

If you are a noobie, I would recommend you stop at the part where he goes to:

Wubi Installer – Ubuntu

It’s as simple as going Next, next, next on any normal installation and whenever you restart your computer, it will ask you to choose either Ubuntu or Windows.

Running under a Linux distribution will put you at around a 2-5% of getting infected with anything. Not only is Linux good, but you don’t have to worry much about installing anti-virus or anti-malware software to keep your computer clean and running.

I have been running on Backtrack 4 R2, a Linux Distribution and I can tell you that I have NEVER been infected.

Well, I believe this is all I have to say.

I hope you guys learn something from this new tutorial.

 
Image

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s