GlockTalk.com
Home Forums Classifieds Blogs Today's Posts Search Social Groups



  
SIGN-UP
Notices

Glock Talk
Welcome To The Glock Talk Forums.
Reply
 
Thread Tools Display Modes
Old 01-23-2013, 02:52   #1
12smile
Member
 
12smile's Avatar
 
Join Date: Apr 2008
Posts: 92
Best Way to surf anonymously & hide IP Address?

I'm getting a little tired of going to websites and seeing target ads for the things I've just googled OR adds for a shopping site on another site showing the items I have in the first sites shopping cart.

If there were a way to be completely surf anonymously I'd do it.

I'm using Windows XP.

I also see my facebook icon on the comments section of news sites....this is annoying.

What proxy servers do you find effective. I'm looking for a free solution but a paid solution could be welcome as well.
TIA
12smile is offline   Reply With Quote
Old 01-23-2013, 06:40   #2
sbhaven
Senior Member
 
sbhaven's Avatar
 
Join Date: Jun 2008
Location: Constitution State
Posts: 4,646
Start by disabling the "cookies" in your web browser. You may have to delete them after disabling them. Then see the info at the following links for more suggestions.

Disable third-party cookies in IE, Firefox, and Google Chrome
How to Delete Cookies
Browse Anonymously
How to Browse Anonymously With Tor
TOR
Top Free Anonymous Web Proxy Servers
Best Free Anonymous Surfing Services
Ways You Can Hide Your Public IP Address
Readers Respond: Ways to Hide IP Addresses for Anonymous Web Surfing
__________________
Currently hiding behind enemy lines in a Blue State.

Last edited by sbhaven; 01-23-2013 at 06:48..
sbhaven is offline   Reply With Quote
Old 01-23-2013, 10:25   #3
12smile
Member
 
12smile's Avatar
 
Join Date: Apr 2008
Posts: 92
Bullseye.
Thanks that's exactly what I am looking for.
12smile is offline   Reply With Quote
Old 01-31-2013, 14:09   #4
Never Nervous
Senior Member
 
Never Nervous's Avatar
 
Join Date: Aug 2009
Location: Metro ATL
Posts: 2,238
Quote:
Originally Posted by sbhaven View Post
Thank you. Great info

NN
__________________
____________________________________________
"Religion is for people who are afraid to go to hell. Spiritually is for people who have already been there."
Never Nervous is offline   Reply With Quote
Old 02-01-2013, 14:34   #5
12smile
Member
 
12smile's Avatar
 
Join Date: Apr 2008
Posts: 92
so far so good with Tor.

It starts it's own browser (based on Firefox I believe) and I go to sites that limit access (like a newspaper that has limited free article access per month) and they don't know who I am.

It is clearly slower that regular browsing but it is going around the world a few times first

Will try TAILS on a flash drive next.
12smile is offline   Reply With Quote
Old 01-23-2013, 10:28   #6
The Fed
Senior Member
 
Join Date: Dec 2012
Location: Central Florida
Posts: 707
TOR is all you need.
The Fed is offline   Reply With Quote
Old 01-23-2013, 10:33   #7
zodiacbw
Senior Member
 
zodiacbw's Avatar
 
Join Date: Apr 2008
Location: Buford, GA
Posts: 178
Quote:
Originally Posted by The Fed View Post
TOR is all you need.
This.
__________________
///M Power
zodiacbw is offline   Reply With Quote
Old 01-23-2013, 10:36   #8
ThinkMud
Senior Member
 
ThinkMud's Avatar
 
Join Date: Jul 2010
Location: Northern VA
Posts: 334
My TOR on my Mac stopped working after the last FireFox update.
__________________
“There are only two things we should fight for. One is the defense of our homes and the other is the Bill of Rights.” -Marine General Smedley Butler.

-Semper Fi
ThinkMud is offline   Reply With Quote
Old 01-23-2013, 12:06   #9
ScottieG59
Senior Member
 
ScottieG59's Avatar
 
Join Date: Jan 2011
Location: Rural area near Kansas City, KS
Posts: 967
First of all, there are alternative methods of determining your true IP address. The best method of hiding is to use a live CD distribution called "TAILS." You can find it online at https://tails.boum.org

Just realize there are still methods of finding you.

If you read and understand the information on the TAILS site, you will see that a live CD with TOR embedded is a better method than using an operating system installed on a hard drive.

Good luck and stay legal & safe.
ScottieG59 is offline   Reply With Quote
Old 01-23-2013, 23:31   #10
12smile
Member
 
12smile's Avatar
 
Join Date: Apr 2008
Posts: 92
Quote:
Originally Posted by ScottieG59 View Post
First of all, there are alternative methods of determining your true IP address. The best method of hiding is to use a live CD distribution called "TAILS." You can find it online at https://tails.boum.org

Just realize there are still methods of finding you.

If you read and understand the information on the TAILS site, you will see that a live CD with TOR embedded is a better method than using an operating system installed on a hard drive.

Good luck and stay legal & safe.
This is good....I'm liking the idea of Tails on a flash drive with a TOR browsing package on it...This is a higher level of Geekyness than I'm accustomed to.
Thanks
12smile is offline   Reply With Quote
Old 01-24-2013, 22:24   #11
12smile
Member
 
12smile's Avatar
 
Join Date: Apr 2008
Posts: 92
Oh Yes....I am liking Tor. Folks it's a separate browser and it tells you what 'spoofed' IP address your computer is displaying.

Good Stuff.

Now it appears that Tails is a surrogate OS separate from Windows, that will further mask your presence. I'd like to put that on a flash drive and plug it in and browse on a phantom browser with a phantom OS... I'll report back.

I'll try running it from a DVD first.

Thanks
12smile is offline   Reply With Quote
Old 01-25-2013, 14:41   #12
Don H
Senior Member
 
Don H's Avatar
 
Join Date: Dec 2005
Posts: 4,913
edit...

Last edited by Don H; 02-05-2013 at 03:11..
Don H is offline   Reply With Quote
Old 01-23-2013, 12:10   #13
HexHead
Senior Member
 
Join Date: Jul 2009
Posts: 4,818
If you use Safari, you can select "Private Browsing". Works on their PC version as well as on Macs.
HexHead is offline   Reply With Quote
Old 01-23-2013, 12:11   #14
ditto1958
Senior Member
 
Join Date: Sep 2012
Location: West Monroe, Louisiana
Posts: 830
Borrow a computer from someone you don't like?
ditto1958 is offline   Reply With Quote
Old 01-23-2013, 12:22   #15
Adjuster
Senior Member
 
Adjuster's Avatar
 
Join Date: Feb 2006
Location: Ft. Lauderdale FL
Posts: 9,916
Google Chrome has a 'New Incognito Window' feature. It is supposed to let you surf anonymously. I am not sure exactly what it hides from the web but anonymous surfing is its purpose.


/
Adjuster is online now   Reply With Quote
Old 01-23-2013, 12:22   #16
Adjuster
Senior Member
 
Adjuster's Avatar
 
Join Date: Feb 2006
Location: Ft. Lauderdale FL
Posts: 9,916
Here is Chromes description.

http://support.google.com/chrome/bin...n&answer=95464


/
Adjuster is online now   Reply With Quote
Old 01-23-2013, 22:06   #17
MySiK26
******
 
MySiK26's Avatar
 
Join Date: May 2008
Location: Mulligan's Valley, CO
Posts: 3,033
Send a message via AIM to MySiK26


run a virtual machine, inside of a virtual machine, spoof each machine's mac address, and use a proxy...



MySiK26 is offline   Reply With Quote
Old 01-23-2013, 22:12   #18
MySiK26
******
 
MySiK26's Avatar
 
Join Date: May 2008
Location: Mulligan's Valley, CO
Posts: 3,033
Send a message via AIM to MySiK26


Quote:
Originally Posted by Adjuster View Post



Incognito mode (browse in private)



For times when you want to browse in stealth mode, Google Chrome offers the incognito browsing mode. Here's how the incognito mode works:
  • Webpages that you open and files downloaded while you are incognito aren't recorded in your browsing and download histories.
  • All new cookies are deleted after you close all incognito windows that you've opened.
  • Changes made to your Google Chrome bookmarks and general settings while in incognito mode are always saved.
looks like it just cleans all traces of internet activity from your computer... I'm sure everything gets stored...somewhere.
MySiK26 is offline   Reply With Quote
Old 01-25-2013, 17:06   #19
vram74
Senior Member
 
Join Date: Feb 2010
Posts: 756
Adblock Plus + Ghostery should stop the trackers well enough.
vram74 is offline   Reply With Quote
Old 02-10-2013, 15:18   #20
md2lgyk
Senior Member
 
Join Date: Mar 2001
Location: WV
Posts: 2,898
Quote:
Originally Posted by vram74 View Post
Adblock Plus + Ghostery should stop the trackers well enough.
That's what I use. And also a Firefox add-on called Priv3. I get virtually no ads on any web page.
__________________
"The great object is, that every man be armed. Everyone who is able may have a gun." - Patrick Henry
md2lgyk is offline   Reply With Quote
Old 02-11-2013, 00:21   #21
harrygunner
Senior Member
 
Join Date: Sep 2010
Posts: 409
'jdeere_man' and others, please forgive the wall of text. It is that kind of a question. This is a description of what I did. Others can add to the discussion or ask for more details on particular issues.

* Why I did it. 1) I use my laptop while traveling and use either hotel/motel wireless or coffee shop wireless. 2) I don't trust "smart phones" and didn't get a G4 Internet plan for the few times I'd dare to connect my phone to Internet. I only connect over Wi-Fi hotspots. I wanted a way to tunnel past all the hotspot threats before hitting the 'net.

* Overview: VM running Linux with a OpenVPN server and 'tinyproxy' proxy. Laptop and Android phone runs OpenVPN client.

The VPN/proxy virtual machine (VM): Runs a 64bit RHEL6 clone with 512MB RAM and one virtual CPU. Any Linux distribution should work. One virtual NIC is bridged to the host physical NIC that routes traffic to the Internet.

I kept the installation to a minimum, but did a custom installation to make sure I had all the services I needed. Mainly looked for programs to support 'libvirt' since I use on KVM on the host as the hypervisor. Also wanted development tools so I could compile source code as needed.

I did not install the X Window System or a GUI. I either SSH in directly or connect through a serial console from the host to configure/maintain the VM. The final VM file is about 3.6GB in size. The disk size is not fixed and will grow as needed. But I don't expect it to grow since I didn't install a caching proxy.

One could use VirtualBox instead of KVM to build the VM host and machine. Probably easier. Runs on Windows as well. I didn't because my use is business/personal and did not want to worry about Oracle's license for the extension pack.

Another option is VMware. We've build VM's on that for clients, but there was no need for me to spend money when KVM is around.

I decided to install 'OpenVPN' and 'tinyproxy' on the VM. I chose OpenVPN because there's a OpenVPN client app available for my Android phone. I trust that app more than the native VPN app that comes with Android. Plus, it's more secure than M.S. PPTP. L2TP is a bear to set up under a OpenSwan VPN server and I would have wanted to go that way to use RSA instead of shared secrets.

'tinyproxy' is a straightforward non-caching proxy, all I need.

The VPN server is secured in several ways: SELinux, OSSEC, iptables configured to block out entire continents or countries and to drop malformed packets, etc. The firewall also forwards local traffic to/from the virtual 'tun' network that OpenVPN creates. Proxy runs as 'nobody'. Multiple partitions that are either immutable or mounted as 'noexec,nosuid,nodev'. Swap, /tmp and /var/tmp are set up with 'cryptsetup' and a random key. The proxy only allows connections from the non-routable virtual network established by OpenVPN. So no direct outside access to the proxy.

The client programs use the DNS I assigned on the VPN/proxy, OpenDNS. So, a hacker/cracker at a Wi-Fi hotspot attempting to spoof DNS won't succeed. Also, I did not register the IP to associate it with a URL, so clients don't need DNS to find the VPN, just it's IP address. As I mentioned before, sites in the business of tracking are mapped to '127.0.0.1' by the /etc/hosts file on the VPN/proxy. So, they don't see my traffic at all.

My main concern is security over autonomy, but I may add the 'polipo' proxy to the VPN. It can easily chain to 'Tor'. i.e. the proxy on the VPN would direct traffic to 'Tor'. 'polipo' would listen on a separate port on the same virtual network OpenVPN creates. So, if I wanted more autonomy, I would simply change the port number in my web browser proxy setting.

'tinyproxy' allows you to enable "anonymous proxying" and to specify which fields to pass in the connection packet header. You can even block the 'User-Agent' to make it harder for sites to characterize you by the OS, browser that you use. But, some sites will brand you a threat and block you. GlockTalk doesn't care. I generally allow it along with 'Host', 'Authorization' and 'Cookie'. Cookies are useful to websites and are less of a concern if they are deleted when the browser closes. All the packet header fields are described here: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html

* Authentication: I used a separate VM with no Internet access as a certificate authority (CA) to sign the public and private keys for all parties. I did it all using 'openssl'. But, OpenVPN offers something called "easy-rsa" that's supposed to make this task easier.

The private key for the phone should be password protected. You will be asked for it when you configure the client.

The Android OpenVPN client (and apparently the Windows client) needs a PKCS12 formatted cert/privatekey combination file. A Linux client wants the public certificate and private key in separate files. I used 'openssl', but 'easy-rsa' might do that for you.

You will need four or five files on clients and six on Linux server:

- server.conf on the server
- client.conf on a Linux client or nearly the same file with name changed to client.ovpn on Android or Windows.
- dh2048.pem Diffie-Hellman signing certificate. (on server only, not clients)
- public certificate of the CA (never the CA private key)
- CA signed public certificate for the phone (or laptop), CA signed private key for the phone (or laptop). These two are adjoined as a single file on Android (or Windows).
- OpenVPN's ta.key (OpenVPN's HMAC to strengthen safety of TLS handshaking. Thwarts Wi-Fi spoofing. 'OpenVPN' provides a simple command to create it.)

I placed the five files on a microSD and plugged it into my Android phone. The OpenVPN client setup picked up the files off of 'external_sd'.

* The phone: I installed 'OpenVPN Connect' from https://play.google.com/store/apps/d...penvpn.openvpn and 'Firefox Beta' from https://play.google.com/store/apps/d...fox_beta&hl=en

'OpenVPN Connect' is also available for iOS from https://itunes.apple.com/us/app/open...590379981?mt=8

The native web browser on Android has no way to change how to connect to Internet. Fortunately, Firefox-beta provides a way. No GUI for that, one must use 'about:config'.

* Laptop: Easier. Used same tar.gz source I compiled on the server to compile/install on my laptop. Used a .conf for clients instead of servers. Web browsers have a GUI dialog for setting up proxies.

In both cases, I went to a site that shows the IP address I'm using to confirm I'm using the proxy. Then from my phone, I entered a nonexistent site name to make sure the 'OpenDNS' page showed up for such sites (proving the phone is using DNS configured on the VPN).
__________________
People who've had to deal with their karma are more interesting to talk to.

Last edited by harrygunner; 02-12-2013 at 21:52..
harrygunner is offline   Reply With Quote
Old 01-25-2013, 18:10   #22
g29andy
CLM Number 197
Charter Lifetime Member
 
g29andy's Avatar
 
Join Date: Jan 2001
Location: TN
Posts: 3,615


VPN. Hotspot shield is not expensive and decent speed.

Comodo Dragon or IceDragon browsers.
__________________
Sent using ad-blocking browser

Last edited by g29andy; 01-28-2013 at 09:41..
g29andy is online now   Reply With Quote
Old 01-25-2013, 19:37   #23
12smile
Member
 
12smile's Avatar
 
Join Date: Apr 2008
Posts: 92
The plot is thickening.

I'm seeing 'Online Privacy' as an issue more clearly.

When I heard the phrase 'Online Privacy' I just assumed it was more 'worry wart' nonsense.

But I used one of the sites above and it gave me a 'referrer' ? and it was this site and this thread.

At the same time I saw adds from 2 websites that I have shopping carts saved on...I did open the adds and will buy from them tonight but the deal is.

THEY FOUND ME

digikey.com and tmart.com

so....whatever they paid for those adds they're going to get a return on them.

Thanks again for the info...
12smile is offline   Reply With Quote
Old 01-25-2013, 20:05   #24
sbhaven
Senior Member
 
sbhaven's Avatar
 
Join Date: Jun 2008
Location: Constitution State
Posts: 4,646
Quote:
Originally Posted by 12smile View Post
The plot is thickening.
But I used one of the sites above and it gave me a 'referrer' ? and it was this site and this thread.
Yep. Sites have the capability (if programmed) to capture the web page you came from when selecting a URL link to reach that web page.

That is why some times you'll see people here and on other gun sites leave links to sites like Democratic Underground (DU) and some online polls cold. Its so those sites don't see where people are coming from.
__________________
Currently hiding behind enemy lines in a Blue State.

Last edited by sbhaven; 01-25-2013 at 20:05..
sbhaven is offline   Reply With Quote
Old 01-25-2013, 22:23   #25
Linux3
Senior Member
 
Linux3's Avatar
 
Join Date: Dec 2008
Posts: 1,396
When you think you are surfing anonymously go to this site and test it out.
https://www.grc.com/x/ne.dll?bh0bkyd2
__________________
It it's not on fire,
It's a software problem.

Linux3 is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT -6. The time now is 14:03.



Homepage
FAQ
Forums
Calendar
Advertise
Gallery
GT Wiki
GT Blogs
Social Groups
Classifieds


Users Currently Online: 1,250
349 Members
901 Guests

Most users ever online: 2,244
Nov 11, 2013 at 11:42