X
Settings
Language

Country

Framework language
Choose the country,language and framework settings
Privacy
HTTPS + POST : An encrypted SSL(HTTPS) connection ensuring your privacy. The search variables like keywords, etc. are encrypted and masked.
HTTPS + GET : The data transfer is enrypted but search variables displayed in the URL.
HTTP + GET : Non encrypted datatransfer
SSL key exchange / Cipher
Chromium based browsers might not work with the STRONG+ cipher set! You need to delete your settings cookie if you cannot build up an SSL connection. Try the STRONG cipher set instead.
The FAST cipher set is only recommended for outdated browser which are still using SSL3 or do only support weak ciphers for the key exchange. Do not use this cipher set if you are using software which is up to date!
Session key extension

Bind Session to IP
These two settings will improve the security of your session. By giving an additional session salt and/or binding your session to your current IP address your new session will be secured individually making it almost 100% unbreakable for any random hacking attempt and man in the middle attacks! If you change one of those values your current session will be reinitiated! This means you will be logged out if you are logged in right now. Check your session security settings (user details), if you want to kill remaining sessions. It is not recommended to bind your IP to your session if you are using a VPN/PROXY/ISP Network with altering outbound IPs since you will be logged out everytime your IP changes.
World Wide Web:
primary
secondary
Images:
primary
secondary
Thumbnails
Show external thumbnails and images.
Count of search results per page
Content filter

Violence
Filter adult material


Parental lock: with setting a password you are activating the parental lock. You are able to reset it by typing in the correct password clicking reset and saving the settings. To use the child protection properly you need to create a separate system account for your child with no write access to cookies

Length of descriptions
Activate social platform plugins
With activating this option social plugins embed to this website will get loaded automatically. You will automatically accept all terms of used social plugin hosters by setting activated. Please reconsider our terms and links to related terms and datasecurity for more information
Advertisements
Color style
MENU:
INPUT/SELECT BG:
INPUT/SELECT TEXT-COLOR:
HEADINGS:
LINK TEXT-COLOR:
CONTENT TEXT-COLOR:
Background Image
Save Settings
Close Settings
🗙

Blog

  • Whussup.net
  • Blog
Staying anonymous using Proxy/VPN Servers
Translations: de

If you want to use the internet anonymously, you need to pay attention to a few simple rules to protect your identity and your system.

 

System Security:

- Securing your system against malicious scripts, rats, and so on:

    - Windows/Mac/Android/iOS Users:

        - Use an antivirus software. There are several free AVS which are well known to be reliable: Kaspersky Rescue ISO(Any PC system, ISO which will boot as DVD/on USB an independent system based  upon Gentoo which will detect and remove any kind of virus even any kind of Bundestrojaner and comparable), BitDefender(Windows/Mac), PandaAntivirus(Windows),  Qihoo 360 Total Security Essential(Windows/Android/Mac), Avira Antivirus(Windows/Mac/Android/iOS), Avast Antivirus(Windows/Mac/Android/iOS), Malwarebytes Anti-Malware (Windows/Android), AVG Antivirus(Windows/Mac/Android/iOS), Comodo Antivirus(Windows),  Ad-Aware Antivirus(Windows), Forticlient(Windows/Mac/Andorid/iOS), ZoneAlarm Antivirus(Windows), Kaspersky Security Scan(Windows/Mac/Android/iOS)

        - Use a script blocker plugin for your browser like NoScript: you will get rid of adds, prohibit malicious scripts etc.       

        - Use firewall software. Mac users should use the integrated firewall. The following software firewalls are for free: ZoneAlarm Firewall(Windows), Comodo Firewall(Windows), Ashampoo Firewall (Windows,Android), NoRoot Firewall(Android), DroidWall(Android), AFWall(Android), Little Snitch(Mac)

        - Or use a hardware firewall(Most Routers/Modems should have a software firewall integrated. You can build your own hardware firewall/router in our Ultra Low Budget Router Tutorial)

    - Linux Users:

    - IMA/EVM (Trusted Computing, Signing of files, core, modules, etc. | hindering any manipulation)

    - Iptables (Firewall; anyways you have to write the rules by your own ;) )

    - GrSec/Pax Kernel Patches (According actual kernel versions you need a license. There were a few jurisdictional disputes, since a few kernel devs were of the opinion that the GNU licenses were harmed by the GrSec patches. Other kernel devs like Linus Torwalds did not like that most plug and play functionalities might get constricted. Anyways this is not correct since all of those issues depend on the configuration of GrSec's patches; the GNU licenses are not harmed in any way.)

    | - alternatively/additionally: Firejail which creates a sandbox/jail for Firefox for example to minimize the use of exploits by Flash/Javascript  (Firejail exists for most Linux distributions, Parrot OS for example has it integrated natively)

    - SELinux (System directives/rules/multi user security (e.g. netboot pool pcs, etc.))

    - RKH(Lynis) or other Root Kit Hunter scripts (scanning for rootkits and comparables)

 

Using Proxy Services:

    - Leviathan Security demonstrated how to inject binary files on the fly by code caves as containers using a TOR Network proxy node. Therefor, you should have a virus scanner and process checking av/firewall/security software to spot injected threads. Comparing MD5 Sums is also crucial to identify any manipulation of the downloaded file.A simple SSL download will not ensure the validity of your download when weak ciphers are used for key exchange. There are possibilities of MITM attacks by non-visual SSL proxies, which then open up the possibility of manipulation of a binary file when it is transferred.

   - Proxy services do not use (strong) encryption! This results in easy readable data transfer packages. The better choice is an encrypted VPN connection.

   

Staying anonymous using VPN/Proxy:

Logging into a social network account by Facebook,Google,Yahoo,Twitter,etc. will create tracking cookies used to track users actions. If you log into a Facebook account, for instance and then open up pages having a Facebook plugin implemented, Facebook will register that you have visited this page + exact URL + time and date of access, and so on . If you are using a Google account, any page with Google Analytics plugins, etc. tracks your visit/actions. By tracking, you could be specified as a malware user or similar using VPN services which were abused in the past. Using TOR you will maybe have a higher possibility of being labeled as a consumer of child porn material or similar. A different case is identity theft according to social networking: If your account got hacked, the attacker could use the same VPN service you were using to cover his tracks.

You should be aware that it is important to delete those tracking cookies if you want to stay anonymous using VPNs/proxies. You could also prohibit the script execution of the JavaScript plugins hosted by Facebook,Google,Yahoo,Twitter,etc. with browser add-ons like NoScript to ensure your anonymity.

It is not recommend using Proxy or VPN Servers for accessing important accounts like online banking, social networking and similar. Even though the connection is encrypted  there could be security flaws with your browser or the online banking server. You can check the SSL security of HTTPS servers with online tools like this: https://www.ssllabs.com/ssltest/analyze.html

 

Preventing DNS Leaks/Eaves Drop using VPN:

- If your connection is dropped client/server-sided, there might be a so-called eaves drop(revealment) of your current connections which will take place by the default route of your system (e.g. your service provider) -> this can be prevented easily if you are using no default route and/or a blackhole(Linux) for any other traffic which is not declared in your routing tables. (This also depends on the VPN software of your provider and/or the configuration you are using) If you are using a professional VPN Service having a secure Application, this problem should not occur.

Open Source users will have to check this! As follows, 4routing describes how to use static hosts (with a blackhole) for Linux users.

- To prevent DNS Leaks you should check your ethernet/wireless connection for having an external DNS configured (dynamic name server which is resolving the IPv4/v6 address of www.somedomain.com to xxx.xxx.xxx.xxx) (you could use 1.1.1.1, 1.0.0.1, 8.8.8.8, etc.). If this does not work for your provider since it is blocking external name servers, you can add your router IP as fall back solution.

- If you are using a VPN, check with tracert #target_ip/domain(Windows), traceroute/tracepath #target_ip/domain (Linux/Mac) the route of the traffic to #target_ip/domain. In some cases you are using IPv4 Tunnels but you are still connected by IPv6 with a default route in your routing tables which makes all traffic/DNS requests go through your IPv6 gateway.

    Solution1: Disable IPv6 by device/systemwide/ or on your router (last will not work for any provider)

    Solution2: Delete the IPv6 Routes

 

Possible side effects you should expect using VPN/Proxy Services:

- Most online services will check the geolocation of your IP and if the location differs, you might have to acknowledge your identity to gain access to your account(answer your security question, etc.).

- Access to some online services could be (temporary) blocked if the server was abused by hackers/bots/etc.

 

Posted at 2015-05-14 18:04:29
( updated at 2021-10-05 18:22:03 - cr4sh )
in Manualsb4sh

Tags:
VPNProxySecurity
  • all entries
  • Messages
  • Manuals
  • security
  • Whussup.net
    • Home
    • General Information
    • Contact
    • Blog
    • Campaigns
    • Data Protection & Terms Of Use
  • Donations
Paypal
    • Tools
      • Github
      • Check IP Address
    0
    Guest
    • Whussup.net
      • Home
      • General Information
      • Contact
      • Blog
      • Campaigns
      • Data Protection & Terms Of Use
      • Login
      • Logout
      • User Details
      • Create User Account
      • Settings
    • GAMES
    gear
    Language:
    Sort:
    Filter:
    Geolocation:
    Country:
    Google Domain:
    Simplified Chinese:
    AND search query:
    Search in URL:
    Search in URL - Filter:
    Contained search queries:
    Excluded search queries:
    OR search queries:
    related URL:
    Date:
    File type (Extension):
    Image size:
    Image type:
    Color:
    Dominant color:
    Copyright:



    Filter:
    Alternative Search Query
    Show All Indexes
    HD 3D game language-Filter country-Filter
    minimal length
    Maximal Length
    Free shippingSorting
    Condition
    Min.:

    Max.:
    Sorting:
    Title:Original Title:Description:Year: - Release Date:Genre:Language:Spoken Languages:Country:Duration: - Colour Mode:Dimensions:Soundtrack:Production Companies:Production Countries:
    ----------------------------------------
    Actors:Thanks:Literary:Art:Camera:Casting:Cinematography:Costume:Decoration:Directing:Directing (art):Directing (assistant):Editing:Lighting:Location:Makeup:Music:Other:Producing:Producing (design):Producing (management):Sound Technology And Electrics:Special Effects:Stunts:Logistics:Visual Effects:Literary:
    Suggestions
    Manual
    Plugin Name:generate
    >>
    *: