Teología 101

Porque no es tan difícil...

Herramientas de usuario

Herramientas del sitio


darknet

Tor

Links

Bridges

  • [Good] Bridges are Tor entry nodes not publicly available (therefore not easily blacklisted by ISPs). However, ISPs are still able to use Deep Packet Filtering to filter out Tor traffic, therefore we have Tor Pluggable Transports…

Transports

  • [Better] Tor Pluggable Transports attempt to avoid Deep Packet Filtering by making Tor traffic look like any other traffic. Pluggable transports obfuscate your traffic to your Tor Bridge entry node.
  • Go here and under “Advanced Options,” select pluggable transport type and “Get Bridges.”
  • Copy and paste into Tor either during setup or in your settings. Manual Page

O/Ss

Tails: [Best] Tails with Pluggable Transport or Bridge

  1. Get Tails
  2. Boot
  3. At Tails boot menu, go into Additional Settings
  4. Select Network Connection
  5. Choose 2nd option: Configure Tor bridge or local proxy
  6. Click on “Add”
  7. Then start Tails
  8. Once booted into Tails choose “Configure” in Connection Settings Pop-up
  9. Check “Tor is censored in my country”
  10. Paste in your bridge information (with pluggable transport if you want) obtained previously and saved on USB stick.

Qubes

Get Qubes:

You can install on a USB stick. From the installation guide:

  • “Installing an operating system onto a USB drive can be a convenient and secure method of ensuring that your data is protected and remains portable. If you want to install Qubes OS onto a USB drive, just select the USB device as the storage location for the OS. Be advised that a minimum storage of 32 GB is required and that a fast USB 3.0 compatible drive is mandatory to achieve decent performance. Also, bear in mind that the installation process is likely to take longer than an installation on a internal storage disk.”

Requirements to run Qubes on a machine: In the BIOS settings…

  1. Enable Virtualization (VT-x, VT-d / AMD-V, AMD-Vi)
  2. Disable Secure Boot (optional, but recommended)
  3. Set Boot to Legacy (optional, but recommended)
  4. Boot from USB

Search Engines

These are Tor sites. You must use a Tor browser…


Entry Points

Listings

Others


Anon ID

Create a Fake Anonymous Identity (create an identity for the DarkNet)

Make an ID, modify it so it is “yours” and use that same ID on the DarkNet.

  • NEVER use it on the ClearNet.
  • Save it on the encrypted persistent partition on your Tail USB stick.

Email

Temporary Accounts:

ProtonMail: This is a “hybrid” set-up: Encrypted (private) but not necessarily anonymous.

DarkNet Email Providers


IM

XMPP Servers (allows you to create an account):

With an account you can communicate with anyone else with an XMPP account.

Use Pigin:

  • In Pigin, Advanced Settings, change the XMPP service to the .onion server.
  • OTR (Off-The-Record) Plugin: end-to-end encryption.
    • Tools… Plugins… Enable it and set Default OTR Settings (always use)

File Management

File Sharing:

  1. Remove/Clean MetaData: In Tails, right click and select “Clean Metadata”
  2. Basic File Sharing: https://send.firefox.com/
    • Tor Security Settings must be Medium or Low (b/c JavaScript is necessary)
  3. Peer-to-Peer File Sharing (more secure, full control): OnionShare
    • Creates a local Onion service on your computer to be accessed by recipient
    • From Tails: right-click file, “Share via OnionShare” (creates URL to share)
    • Must be downloaded with a Tor client/browser

File Removal: (delete and wipe) The following only works on hdd…

  1. For a file: In Tails, right click file to delete and choose “Wipe.”
  2. For a device: Clean all persistent available space on your Tails…
    • Open a file manager, right click in white space…
    • Choose: “Wipe available disk space” (choose options). Does NOT delete files.

File Removal on ssd/usb_stick: The only real way to erase data so it can not be retrieved…

  1. Burn it. Destroy it. Microwave it. (Yes, you read that correctly.)
  2. Securely wipe and format the entire device. In Tails…
    • Applications… Utilities… Disks… Select the device to wipe…
    • Click on the cogs icon by the partition graphic… choose “Format Partition”
    • Erase option: choose “Overwrite existing data with zeroes…”
    • Type: file system type, set to whatever type you want.

Device Encryption: The above wiping sequence for ssd/usb_stick can also be used to encrypt an entire device so that whatever you store in it will be encrypted.


Cryto-Currency

Functions on the same asymmetrical encryption idea as PGP

  1. Your “wallet” has a key pair: one public and one private
  2. You send money to a person's public key
  3. You receive money via your public key and own it via your private key.

Bitcoin

Watch Zaid's explanation: link

REMEMBER: BitCoin is NOT ANONYMOUS. All transactions are public. Never send/receive from an account you do not want to be linked to.

  • Blockchain includes: Sender address, Receiver address, Amount (ID#), etc.
  • If you need to “clean” Bitcoins and make them more anonymous, use tumblers.

Set Up:

  1. Create a wallet (Electrum comes pre-installed in Tails)
    • Use the “Seguit” option (newer, more secure)
    • Also: Tools… Preferences… check “Edit fees manually” (to see x-fer fee)
  2. Create a second wallet using the “Legacy” option for ATMs
    • Take the QR code from this wallet to the ATM (pic on phone)
  3. Deposit cash into ATM w/QR code to buy bitcoin w/ your legacy wallet

Where to buy Bitcoin:

  1. ATM (easiest and easy to be anonymous): https://coinatmradar.com/
  2. Online Website: https://www.coinbase.com/

To receive money (people pay you): send people your Receiving Address or QR Code

Tumbler / Mixer:

Monero (XMR)

Download it and check the hash: https://web.getmonero.org/downloads/

Info & How-To: https://moneroworld.com/

For Monero Daemon Settings:

  1. Start a node automatically (downloads the entire blockchain, 25GB)
  2. Connect to a remote node (in Tor network; access blockchain). Nodes:

Buy some Monero:

Monero Wallet Address:

  • CREATE A NEW ADDRESS FOR EACH TRANSACTION
  • Just click on “Create new address” and name it
  • This further enhances your privacy and anonymity

Investigations

Technical Investigation of a .onion site:

  1. Check out the http headers
    • You might get lucky and get the “Client-Peer” IP address
  2. See what kinds of software they are running and their current version
    • Server Version | PHP App Server (etc.)
  3. Are there vulnerabilities in that version? is it old? exploits available?
    • You can get a search warrant here to break into the machine (hack in) if you have jurisdiction over the location of the server.
    • If not then…. go to Shodan.io
  4. Go to Shodan search engine (searches IoT - Internet of Things)
  5. Enter the combo of software and versions to see what machines out there are running that particular combination and open to the Internet.
  6. From the results, find out which serve up .onion sites.
    • Few results: do it “by hand”
    • Many results: write a script
  7. Query the servers that host .onion sites and “ask” if they serve up your particular .onion site address. If you get a “yes,” bingo.

Learn:

  1. Use a VM (or Tails) and get on the DarkNet
    • If VM: take a snapshot when it's set up like you want it
    • Then after use it, revert back (rollback) to your clean snapshot
  2. Install ZeroNet, Tribler, I2P, et al
  3. Experiment (by safely: use a machine and ID you only use for DarkNet)
darknet.txt · Última modificación: 2020/04/17 19:43 por gregkedro