/os/ - Online Security

News, techniques and methods for computer network security.

Posting mode: Reply

Drawing x size canvas

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

Manage Board | Moderate Thread

Return | Catalog | Bottom

Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.

Expand All Images

Internet Security General Anonymous 04/16/2016 (Sat) 07:56:30 [Preview] No. 4
Continuing from >>>/tech/597
This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.

Endwall 04/17/2016 (Sun) 21:49:24 [Preview] No. 5 del
This is good. Keep it comming.

We can come up with some best practices to increase security, minimize footprint and increase privacy.

Anonymous 04/18/2016 (Mon) 05:58:03 [Preview] No. 8 del

Better Ad Blocking for Firefox, Mozilla, Camino, and Safari
also works with the Thunderbird email client!

Tired of distracting ad images cluttering up your web experience, or even your email? Here is a simple way to keep many of these ads from displaying in your browser. The technique below works for any Gecko-based browser (Mozilla, Firefox, Camino, Netscape7). It also works for Apple's browser: Safari. See the special instructions for Safari below. And it even works with the Thunderbird mail client! See Thunderbird directions below. Also, check out the new notes on dealing with Flash advertising, below. Finally, I've improved the ad blocking based on user feedback. Already using it? Grab the latest for even better results.

How to use userContent.css with: Firefox/Mozilla/Camino/Netscape
You need to place the userContent.css file in the chrome directory of your browser user profile. The different browsers store your profile in slightly different places. For macos X, the profile chrome directory locations are:

Firefox: home:Library:Application Support:Firefox:Profiles:profilename:randomstring.default:chrome:
Mozilla or Netscape: home:Library:Mozilla:Profiles:profilename:randomstring.slt:chrome:
Camino: home:Library:Application Support:Camino:chrome:

Restart your browser to pick up the styles. Go to your favorite sites and see that many ad images are gone, but other images are still there!

How to use userContent.css with Thunderbird New!
You need to place the userContent.css file in the chrome directory of your Thunderbird user profile. For macos X, the profile chrome directory locations is:
home:Library:Application Support:Thunderbird:Profiles:profilename:randomstring.default:chrome:

Why should you use a custom user stylesheet with Thunderbird? For the same reason you should use it with your browser: to block unwanted ads! Many mail providers can place ads in your email. Using this stylesheet you can block almost all of them.

Anonymous 04/18/2016 (Mon) 06:18:28 [Preview] No. 10 del
Privacy is not Security is not Anonymity is not Pseudonymity is not your real identity, they're all different and needs to be defined separately and specifically.

Anonymous 04/18/2016 (Mon) 10:34:24 [Preview] No. 18 del
Although there's no statistical user data like in panopticlick.eff.org or amiunique.org, this website can help you see what they see in somewhat better detail: https://www.browserleaks.com/

Anonymous 04/20/2016 (Wed) 03:51:57 [Preview] No. 26 del

Anonymous 04/23/2016 (Sat) 08:52:51 [Preview] No. 28 del

Anonymous 04/23/2016 (Sat) 08:56:32 [Preview] No. 29 del

Anonymous 04/23/2016 (Sat) 08:58:20 [Preview] No. 30 del
work this time damn it

Anonymous 05/03/2016 (Tue) 04:20:39 [Preview] No. 31 del
Install sic IRC client
$ sudo torsocks apt-get install sic
$ sudo torsocks pacman -S sic

$ torsocks sic -h onionirchubx5363.onion -p 6667 -n anon39572

Anonymous 05/14/2016 (Sat) 11:35:23 [Preview] No. 47 del
Could someone explain to me how does Subgraph OS sandbox X11 and what the hell is the "Metaproxy" that they use?

Also, why do some people who use uBlock Origin don't use HTTPS Everywhere when uBlock Origin does not redirect to the HTTPS website when available? Isn't using HTTPS important and preferred in Tor?

Anonymous 05/24/2016 (Tue) 21:37:11 [Preview] No. 48 del
I guess they just forgot to install it or don't actually care about security/privacy and use uBlock for ad blocking.

Anonymous 06/14/2016 (Tue) 05:30:28 [Preview] No. 99 del

Anonymous 06/15/2016 (Wed) 23:48:55 [Preview] No. 114 del
That website's not that bad, but I can't help but to notice it's shilling for Disconnect and Veracrypt which is good for normies but I would avoid cross platform encryption methods.

Anonymous 06/28/2016 (Tue) 03:14:24 [Preview] No. 135 del
It seems like manual Socks5 Tor proxy configuration on Icecat reveals that it's not using the Tor browser but if one uses FoxyProxy to manage Tor, it pretends to use the Tor browser. I use Clean Links, Decentraleyes, FoxyProxy Basic, HTML5 Everywhere, HTTPS-Everywhere, No Resource URI Leak, Privacy Settings, Random Agent Spoofer, Self-Destructing Cookies, uBlock Origin, and uMatrix extensions. I don't know if using [code]torsocks icecat[/code] would mask Icecat as Tor Browser via ip-check.info

Anonymous 07/10/2016 (Sun) 06:39:36 [Preview] No. 161 del
Anyone know what's the most correct way to route OpenBSD's pkg_add over Tor?

Anonymous 07/11/2016 (Mon) 08:25:07 [Preview] No. 163 del
I've never used OpenBSD, but what about iptables and forcing all TCP connections through the Tor proxy and dropping all other packets?

Anonymous 07/11/2016 (Mon) 10:11:41 [Preview] No. 164 del
add this to your user.js to make it look like tor browser

// Fingerprint
user_pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0");
user_pref("intl.accept_languages", "en-US, en");
user_pref("network.http.accept.default", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
user_pref("network.http.accept-encoding", "gzip, deflate");
user_pref("network.http.accept-encoding.secure", "gzip, deflate");
user_pref("privacy.donottrackheader.enabled", false);
user_pref("general.appname.override", "Netscape");
user_pref("general.appversion.override", "5.0 (Windows)");
user_pref("general.buildID.override", "20100101");
user_pref("general.oscpu.override", "Windows NT 6.1");
user_pref("general.platform.override", "Win32");
user_pref("general.productSub.override", "20100101");
user_pref("general.useragent.vendor", "");
user_pref("general.useragent.vendorSub", "");
user_pref("general.useragent.locale", "en-US");
user_pref("intl.locale.matchOS", false);

Anonymous 07/13/2016 (Wed) 20:40:15 [Preview] No. 185 del
hey niggers, I want to use links with tor pretending to be firefox or something. help me out famalam

Endwall 07/13/2016 (Wed) 21:31:23 [Preview] No. 186 del

######### Configuring Links for Tor

1) Press ESC
[X] Async DNS lookup
socks4A proxy :
[X] Connect only via proxies or SOCKS

[ ] Send fake firefox
[ ] Send do not track request
[X] No referer

Fake User Agent: Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0


Number of formated documents 5->2
[ ]Aggressive cache ## uncheck this



use s key to bring up bookmarks and save bookmarks and g key to enter a url. Now you're ready to use tor. Use your current tor browser to bring copy over your favorite onion links and save them into your links browser bookmarks manually one by one. Do the same for youtube pages and other Clearnet pages that you frequent.
Edited last time by Endwall on 07/13/2016 (Wed) 22:32:06.

Anonymous 07/13/2016 (Wed) 22:01:41 [Preview] No. 187 del
>get links 2.13
>go to setup>network>proxies
>put "" into the socks proxy field
>check "connect only through proxies"
>go to setup>network>http>header
>check "fake firefox"

Anonymous 07/13/2016 (Wed) 22:06:56 [Preview] No. 188 del
Oh, you beat me to it. Should have refreshed before posting.

Keep in mind that checking "fake firefox" disables several of the other relevant options. It forces no referer regardless of your referer setting. Same for the user agent.

Anonymous 07/13/2016 (Wed) 22:30:20 [Preview] No. 189 del
Using fake firefox and fake user agent just doesn't go well together as it seems that the old 38 of the fake firefox user agent overrides the custom fake user agent

Endwall 07/13/2016 (Wed) 22:31:21 [Preview] No. 190 del

Yeah I forgot to uncheck that box. I just copied the previous post with some edits.

I'll fix that now.

Anonymous 07/13/2016 (Wed) 22:38:21 [Preview] No. 191 del
I've checked with ip-check.info, it apparently knew that I was not using the tor browser

Anonymous 07/13/2016 (Wed) 22:42:37 [Preview] No. 192 del
nvm, I've turned on some unnecessary shit, now it thinks I'm using the tor browser albeit the ff 38 user agent.

Anonymous 07/14/2016 (Thu) 22:30:13 [Preview] No. 194 del
Turns out, links v2.13 already has the new useragent, just haven't rolled out fast enough in certain distros. Now we can all pretend to use the newer Tor browser but with Links!

Anonymous 08/07/2016 (Sun) 01:22:38 [Preview] No. 262 del
(5.77 KB 301x167 52543627245.jpg)

TOR and VPNs will likely be illegal in the U.S. come 2017. FBI's reach extended globally


TOR MODS Endwall 08/15/2016 (Mon) 06:00:38 [Preview] No. 283 del
change this to

digest_algorithm_t alg = DIGEST_SHA1;

Leave this alone it will break the tor handshake between each router if you change it. Disregard my previous advice on this mod.

If you know of any other good mods for tor post below or in the tor/vpn thread.

Edited last time by Endwall on 12/22/2016 (Thu) 05:18:39.

Endwall 08/15/2016 (Mon) 07:45:10 [Preview] No. 285 del

Also change this

else if (build_state && build_state -> desired_path_len >= 4)

to be:

else if (build_state && build_state -> desired_path_len >= 6)

TOR HACKS Endwall 08/15/2016 (Mon) 08:05:31 [Preview] No. 286 del

change to

change to

or.h is a config goldmine.

Anonymous 08/18/2016 (Thu) 22:56:18 [Preview] No. 321 del
I'm seeing that some of you use links2 with Tor. I do so as well, and I have been able to mask my browser as the firefox based Tor Browser. This includes changing the HTTP headers as well. Here is my script, save it in your /usr/local/bin directory. You can use websites such as ip-check.info and browserspy.dk to see whether the browser is masked or not.


/usr/bin/links2 -address-preference 3 -async-dns 1 -http-bugs.bug-no-accept-charset 1 -http-bugs.no-compression 0 -http.do-not-track 1 -http.extra-header "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\Accept-Language: en-US,en;q=0.5\Accept-Encoding: gzip, deflate\Connection: keep-alive" -http.fake-user-agent "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0" -http.referer 1 -ftp-proxy -socks-proxy -only-proxies 1 -save-url-history 0 -smb.allow-hyperlinks-to-smb 0 https://check.torproject.org

Endwall 08/20/2016 (Sat) 19:48:35 [Preview] No. 345 del
Regenerate intermediate term signing key:

$ tor --keygen

This will ask you to create a passphrase and then generates the key, make up a strong passphrase before hand and store it somewhere
$ passgen

Endwall 09/04/2016 (Sun) 23:37:16 [Preview] No. 550 del
If you're forced to use Windows, and you want to browse the internet behind tor you can use the links2 windows binary,


and chain it to the tor expert bundle binary. I just tried this out and it worked fine.


endtorrc works with this setup but you have to comment out the Sandbox variable.
and place the torrc, torrc-defaults, geoip, and geoip6 files in the directory C:\Users\user\AppData\Roaming\tor\

Anonymous 09/07/2016 (Wed) 18:29:36 [Preview] No. 558 del
Are you enabling do not track? I wouldn't suggest that.

Endwall 09/07/2016 (Wed) 23:21:30 [Preview] No. 559 del

I didn't post >>321, but I'm glad someone did. I incorporated the extra header bit into my setup and into the Endware scripts. I personally don't enable the do not track button. That seems to be the recomendation from JonDonym to not send that request. Thanks for pointing this out. Perhaps I should write up new instructions for setting up links2. I'll do that on the weekend.

a@a 11/07/2016 (Mon) 03:47:53 [Preview] No. 665 del
Random trivial info: the tor browser uses 1000x600, so if you're using a hardened iceweasel or something pretending to be tor, change your window resolution to 1000x600 and doublecheck via ip-check.info

Proxychains workflow Endwall 04/23/2017 (Sun) 05:00:20 [Preview] No. 884 del
Repost of a good workflow from another user (Masonator?)
originally posted here >>>/pol/39627

Rationale: Use the Tor network to obscure your originating IP, use an ssl proxy or socks5 proxy to obscure Tor network use
Stragtegy Flow: Tor -> SSL Proxy -> Clearnet
Alternate Strategies: VPN ->Tor -> Clearnet ; VPN ->Tor -> SSL Proxy -> Clearnet ; Tor -> Clearnet ; Tor browser on Tails

Proxychains Workflow

################ Materials List ##############################
you will need:
1) proxycheck.sh from >>>/os/
2) tor
3) proxychains
4) an ssl proxy

############### Work Flow ###############################

1) Go to a proxy site here is one for the sake of the tutorial:


2) Copy those proxies and paste them into this:


3) Export anonymous and or elite proxies

4) Make a text file called ssl_proxies.txt
5) Paste the exported proxies into ssl_proxies.txt
6) run this command:

$ bash proxycheck.sh ssl_proxies.txt

this will weed out the proxies that give connection errors
you should have new files with the checked working proxies I would use ssl_proxies_yt.txt and pick one from there for the proxychains configuration.

7) Go to the config file of proxychains in /etc/proxychains.conf and make sure it looks like this.

chain_len = 2
tcp_read_time_out 12000
tcp_connect_time_out 12000
socks5 9050 # Tor socks5

The first proxy is tor and the second one is the working proxy that we should have a list to choose from at this point in the tutorial. It might take a few tries with the proxies but if you see that it is resolving dns requests in the output you are good to go.

8) Now with proxychains set up you are ready to open your browser lets say you use icecat run this command:

$ proxychains icecat

Now you are going through tor and able to browse the clearnet with the http proxy.

WARNING : Anonymity may require other additional settings, including browser settings, user-agents, stylometry obfuscations etc.
However the strategy presented here is an opinion about a strategy that may be helpful in the process of anonymous tcp ip communications.
Edited last time by Endwall on 04/30/2017 (Sun) 02:38:05.

Anonymous 04/23/2017 (Sun) 17:56:33 [Preview] No. 885 del
>Congratulations you are anonymized.
This is misleading. Anonymity is much more than just "use this".

Stop treating Tor and other tools as a complete solution to anonymity.

Stop suggesting such complicated methods. The users who need this are better off using the Tor Browser with security settings on high, preferably on Tails.
Point people to information like the official Tor documentation, if you think they are lacking try to improve them.

Anonymous 04/29/2017 (Sat) 09:51:29 [Preview] No. 887 del
use proxies with a similar address to chain multiple proxies.

Anonymous 04/29/2017 (Sat) 09:54:31 [Preview] No. 888 del
they also have to be fast so would buying proxies help or hurt anonymity past the tor hops? I guess that would depend if they accept bitcoin right?

a@a 04/29/2017 (Sat) 10:02:25 [Preview] No. 889 del
That's not really me, but a@a can be nothing more than an empty hollow identity for anyone that likes your stuff and is passionate about OPSEC, so yes it's a@a though it's masonnigger because he used to be easily identified by not articulating well enough and making common spelling errors that only he makes, hence, the stylometry suggestion.

Endwall 04/30/2017 (Sun) 02:53:50 [Preview] No. 893 del
>>889 sorry to confuse you with Masonator

>>890, good post, good summary from the Tor Project and Whonix. Thanks for posting that.

I saw the following information in the same thread from pol:

Heads: Devuan GNU+Linux non systemd version of Tails with only Free Software:



I'll place this into the sticky.

Keep the tips coming in.
Edited last time by Endwall on 04/30/2017 (Sun) 03:15:58.

Anonymous 05/01/2017 (Mon) 12:07:42 [Preview] No. 895 del
https://youtube.com/watch?v=jZhex1mcPZA [Embed]

Since anything transatlantic is absolutely intercepted, how fucked are we?

Endwall 05/03/2017 (Wed) 05:49:28 [Preview] No. 897 del

First of all interesting video from Mr. Satan, with his eyebrow rubs. 3 eyebrow rubs, then 6 eyebrow rubs with his pentagram tatoo with an eye in it. On the upper right hand corner he has a triangle baseball cap, and the letters "Illu" ? below that. Lux et Veritas (Light and Truth)? More like Lux In Tenebras (Light in the Darkness).

Theoria Apophasis https://www.youtube.com/user/kathodosdotcom . Who is this guy supposed to be? Pro Photographer:

"Analyzing the nature of professional photography in its fundamental roots, getting past the gear-sniffing and measuring, and getting to the metaphysics and heart of true professional photography. There are NO UNTRUE photographs, only compositionally and technically inept ones. A professional photographer is a master of composition and light manipulation, it is no more complex than this."

I'm not sure what the source of his "This has been confirmed" statements are, but he seems to think that he's on the winnning team.

Secondly don't be transatlantic. Build a city wide lan. Or better yet build a city wide BBS over modem in your locality. Restrict acceess to modem only by your local area code, and use some HTTPS or TLS scheme. Disconnect ethernet from the BBS server. Then have fun chatting with locals about local things. If you do that, does your local government have the lawful authority to collect your conversations (phone tapping)? Then you can be anonymouse by going to any building with a telephone connection and dialing the BBS. No TCP/IP just random building phone #. Wear a ski mask when you go there. That's anonymouse.

Basically I have faith in the encryption protocols, but I believe (assertion without proof) that all of the OS distributions of linux are vulnerable, and given the Intel AMT debacle that was disclosed recently, I'm pretty sure its worse than Ring 0, more like Ring -3 security intrusion. Get off of Intel. We need a new paradigm. Tor isn't going to help you if you're rooted at the hardware level.
Edited last time by Endwall on 05/03/2017 (Wed) 07:55:58.

Endwall 05/05/2017 (Fri) 10:49:07 [Preview] No. 901 del
This is legitimate. I'm not sure what to do with this right now.

$ unar search_extract_links.rar
upacks to search_extract_links.dat

which is a text file containing http links
Contains 1265976 records.

$ cat -n search_extract_links.dat
1265955 http://www.turkhackteam.org/genel-guvenlik/1489040-06-04-2017-proxy-listesi.html
1265956 http://memoryhackers.net/konu-29-04-2017-l2-anonymous-proxy-list.mh
1265957 http://memoryhackers.net/konu-fast-proxy-guncel-fresh-20-04-2017.mh
1265958 https://www.ruyaforum.com/48-post9.html
1265959 https://baybilisim.com/01-05-17-l2-anonymous-proxy-list/
1265960 https://baybilisim.com/25-04-2017-l2-anonymous-proxy-list/
1265961 https://baybilisim.com/26-04-17-l2-anonymous-proxy-list/
1265962 http://www.forumsohbeti.com/guncel-proxy-listeleri/2429-07-04-17-fast-proxy-server-list.html
1265963 http://www.forumsohbeti.com/g-ncel-proxy-listeleri/2817-08-04-17-fast-proxy-server-list.html
1265964 http://www.forumsohbeti.com/g-ncel-proxy-listeleri/2430-07-04-17-free-proxy-server-list-1490-a.html
1265965 http://www.forumsohbeti.com/3054-post2.html
1265966 https://www.proxydocker.com/freeproxylist/Germany/Hesse
1265967 http://es.proxyservers.pro/proxy/
1265968 http://proxydb.net/
1265969 https://freevpn.ninja/free-proxy/id/170529
1265970 https://proxyrox.com/proxy/
1265971 https://es.proxyrox.com/proxy/
1265972 http://proxylist.me/proxys/details/74086/indonesia
1265973 https://www.proxydocker.com/freeproxylist/Indonesia/Somewhere?sort=p.type&direction=asc&page=1
1265974 https://www.proxydocker.com/freeproxylist/Indonesia?page=2
1265975 https://orcinustech.com/web-tools/export-proxies.php?scanid=iSJoWDXn02T3clizwmXlk3H2IY0GWH0fAJE&results=all-proxies
1265976 https://orcinustech.com/web-tools/export-proxies.php?scanid=kL3Nge3r14sV83yPPkfA8F6SpxDHtMLNyPB&results=all-proxies

I'll leave the link up in case it's useful to someone else.

I'll work on this list to prune it down to just the main root websites, as you mentioned there is duplication. It may be useful at that point. Right now it's too big.

I'm not sure how this list was generated. Could you elaborate on how it was created? Thanks.

Anonymous 05/05/2017 (Fri) 11:11:32 [Preview] No. 902 del
Well I was looking through the list of proxysites earlier in the thread it lead to this forum https://www.blackhatworld.com/seo/proxie-scraping-links.464079/page-15#post-10005280 The huge list is for a program on windowss called scrapebox. Fuck windows you can use this for the same effect http://www.proxydb.net/leecher

the list it updates almost every day and gets bigger and bigger still a lot of dupes though. I thought it was useful.

Anonymous 05/05/2017 (Fri) 11:15:09 [Preview] No. 903 del
Apparently that thread goes back to 2012 and they just added to it.

Anonymous 05/05/2017 (Fri) 11:16:09 [Preview] No. 904 del
Most of the stuff he mentions is actually old info, or covered by Wikileaks, and of course, common sense. https://en.wikipedia.org/wiki/Upstream_collection https://en.wikipedia.org/wiki/Utah_Data_Center

The guy in the video had been harassed by the government because of his controversial book about magnetism. He also was one of the top guys in Apple customer support. Here's some example links: https://youtube.com/watch?v=rjkYccijTFA [Embed] https://discussions.apple.com/docs/DOC-6031

Anonymous 05/05/2017 (Fri) 17:48:20 [Preview] No. 905 del
That site requires javascript to download. Upload the file here.

Endwall 05/06/2017 (Sat) 03:43:57 [Preview] No. 906 del
$ lspci
Communication controller: Intel Corporation 9 Series Chipset Family ME Interface #1

Thanks Intel.

I've been experiencing weird shit on my computer for the last couple of months. Strange lock ups etc. This might explain it. MFW.

Endwall 05/06/2017 (Sat) 04:13:16 [Preview] No. 909 del
Here is the proxy website list run through
$ sort -du

Alphabetical sort unique

Cuts the file from 75MB uncompressed to 6.8 MB. lines from 1.2 Million down to 111,000.
Edited last time by Endwall on 05/06/2017 (Sat) 04:40:47.

Anonymous 05/08/2017 (Mon) 02:52:23 [Preview] No. 912 del
Wonderful thanks!

Top | Return | Catalog | Post a reply