There having been several, and way too many, high profile arrests in recent months, i will be explaining various methods with which to protect yourself while you sail the high seas of that thing we call the Internet. For various reasons, one being time, the other being that if you’re reading this to learn how to protect yourself, you are probably not a ‘leet hacker’ (i hate that term btw), i’ll be simplifying how these methods work as best i can without loosing the overall process of the function. With the arrests of the Anonymous 16, the activists who simply participated in a DDoS attack on Paypal, the news has made no secret about how easy it was to catch them. Simply by analyzing the incomming IP traffic from the host computer to the target computer (paypal), they were able to pinpoint who sent the traffic that helped to disable the site. This was made especially easy by the fact that nothing was used by the Anonymous 16 to obscure their IP addresses during the attack. The Anonymous 16 used a program called Low Orbit Ion Cannon, which is a DDoS tool. While some DDoS tools allow for the use of a proxy (which isn’t as secure and anonymous as most people tend to think) to obscure your IP address, the LOIC is not one of them. So, these activists simply joined in an attack, without taking precautions (some of them not even knowing what they were doing was illegal), and were subsequently arrested and charged in federal court.
There are several ways to accomplish obscuring your IP address while engaging in a DDoS attack on a website. My personal favorite is the SSH Encrypted Tunnel. Simply put, what an encrypted tunnel does is establish an encrypted connection to a remote machine, subsequently making all outgoing traffic from your computer and IP address, appear that it is coming from the remote machine that your tunnel has connected to. To top it off, all information to and from are encrypted with various different cyphers, depending on what program you are using to establish said connection. SSH Encrypted Tunnels also have other functions that are helpful. For example, they allow you to bypass firewalls that prohibit certain internet services, such as censored webpages. I suggest that you read up on SSH Encrypted Tunnels, they are very useful for a many number of things besides the two things i have described above.
The next way to obscure your IP address is by use of a VPN, a Virtual Private Network. Very simply put, VPN’s allow you to access a network, and by way of which, changes your outgoing traffic IP address. Now there is a reason that i almost exclusively use SSH Tunneling rather than a VPN. I’m sure that a lot of you heard about HideMyAss turning over their servers, including logs, to the authorities last year, which lead to the arrests of several Anon’s. While VPN’s do support a tunneling function, they do not use cryptographic tunneling. Instead they rely on the security of a single provider’s network to protect your traffic.
Proxy address are also another method of obscuring your IP address, although not near as secure as the previous two methods i have listed. A proxy works pretty much the same way that a tunnel does with the following exceptions: The information is not encrypted; You have no way of knowing how secure the proxy you are using to connect to is unless you check it out yourself; and publicly available proxy’s tend to get blocked quickly by various services because they are used quite a bit by amateurs to DDoS, or spam on an IRC for example.
The last method for obscuring your IP address that i will address here is the Tor Network. Tor has been around for over a decade, and was quite innovative when it was released so long ago. Now a days, however, there are much more secure and a lot faster ways to protect yourself. Now don’t get me wrong, using Tor in a pinch when you have to is fine. Just don’t rely on it for everyday use. There have been instances where a person running a Tor Relay or use Tor to do blackhat activities, have been arrested and charged with their crime; at the very least people have been questioned for running Tor Relays alone even when they themselves have done nothing illegal. Tor relies on other Tor users setting up Relay points in the Tor Network, allowing you to surf the Internet anonymously in a pinch. As i said, while the Tor Network is encrypted, it isn’t the most stable or secure of things out there.
Now that we have ways to obscure our IP addresses from view, it’s time to move on to protecting sensitive data. Obviously, the first thing that would come to anyone’s mind is encrypting sensitive data. But there are other questions most people have: What is the most secure encryption? Where should i keep the encrypted files? What about the encryption key? How hard is it to crack encrypted files? When it comes to which is the most secure, i will turn to what has been mathematically proven: Vernam Encryption. Vernam encryption works on the same theory as one-time pads, and is often called one-time pads also. It has been mathematically proven to be unbreakable if used correctly. Vernam encryption relies on the unique use of the key and sufficient randomness of the used key. Even with increased computing power, it cannot be broken. This is in contrast to other encryption methods, such as AES encryption, which achieve their security based on the burden of calculating theoretical conceivable decoding, which for an attacker, is practically not feasible. In other words, it works on the assumption that the attacker will not have the necessary computing power to break the cypher. Moving on now to where you should keep your encrypted files. This one is simple. NOT ON YOUR COMPUTER. Use a USB stick, or even a portable hard drive. USB sticks are portable, easily concealable, and easily destroyed if need be. Both the files and the encryption key should be kept on portable removable storage devices.
All in all, if you are careful, and learn how and why things work, and how to circumvent them, you should be fine. How do i know this? Easy. I have been active for almost two decades now. I have rubbed elbows with the likes of Lords of Destruction, the l0ft, and the Cult of the Dead Cow in the 90’s just to name a few, and i am still here, fighting for the cause. Lastly, and probably one of the most important things i can tell you is this: Change your handle at least on a semi-regular basis. Personally i change my handle roughly every few years just in case. Once your name is known, and people either know your exploits by you bragging (never brag btw), or by however else, you are in danger. Over the last two decades i have had literally dozens of handles, and i am not remembered by many for that reason. And in a year or two, i will shed the name Bree, and start over with another name. Hacking is not about getting your name in the paper, or people knowing who you are in the blackhat community. This will only lead to bad things happening, like attention from the authorities, which can lead to arrest and imprisonment, or worse getting flipped to a whitehat by the feds. Anyway, hope you’ve all enjoyed this, and i hope you take what i have said to heart.
-Bree
@Anon_Bree
#LulzTeam
anonbree 