DOCUMENT STATUS: PROVISIONAL, REVISION IN PROGRESS

Windows

• Download Tor here: https://www.torproject.org/
• Run the .exe
• Extract to the default folder. You should have a folder on the desktop called Tor Browser. In this folder is Start Tor Browser.exe. If you want you can right-click to create a shortcut and drag it to your desktop, making sure the original stays in the same folder.
• Click https://check.torproject.org/ to verify TOR is working. If your ISP blocks connections to TOR or you need further help feel free to ask about it in the #OpNewblood channel, which again you can access through your web browser at this link: http://webchat.anonops.com

Linux

• Download Tor here: https://www.torproject.org/
• Extract to destination of your choice. Default location is fine.
• You should now be able to just click Start Tor Browser to start.

Mac OSX

• Download Tor here https://www.torproject.org/
• Unzip the file and move TorBrowserBundle_en-US.app to your Applications folder. (_en-US is the language suffix)
• Double click the TorBrowserBundle_en-US.app
• If you are having problems go to https://www.torproject.org/docs/tor-doc-osx.html.en for further info.
• Once again for help with making a bridge if your ISP blocks Tor please ask in the #OpNewblood channel via your web browser here: https://webchat.anonops.com

Using Virtual Machines

It is strongly recommended that you consider making a Virtual Machine (VM) to separate your personal OS instance with your anon activity OS instance. This ensures that personal data does not leak while viewing anon-related social media on such sites as Twitter or Facebook. It has several other advantages such as allowing you to quickly delete all anon activity off your computer by simply deleting the VM itself.

Virtual Machine Software

• VirtualBox - x86 and x64
• VMWare Workstation 7 - x86 and x64
• Windows Virtual PC - x86
• Parallels Desktop - x86 and x64

Disk Encryption

Disk encryption is another way to protect yourself. Disk encryption software will make it pretty much impossible for any one but yourself to access the data on any physical disk.

Disk Encryption Software

• TrueCrypt - Truecrypt repository at grc.com
• Bitlocker - (Win 7 Ultimate only)

• GPG (Windows) http://gpg4win.org/download.html
• GPG (Mac) https://gpgtools.org/
• APG (Android) https://market.android.com/details?id=org.thialfihar.android.apg

Linux Tor Software

WHONIX - https://www.whonix.org/wiki/Main_Page - Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP.

TAILS - https://tails.boum.org/

JanusVM - http://janusvm.com/ (not actively maintained, documentation minimal)

The Amnesic Incognito Live System (TAILS): https://tails.boum.org/download/index.en.html
A bootable, live, Linux distribution focusing on security and privacy. Basically this entire document in a single download.

Kali: http://www.kali.org/ The successor to Backtrack. A sort of Swiss army knife for pentesting.

Ubuntu Privacy Remix: https://www.privacy-cd.org/
Intended solely for Live booting. No installation on the local system is required and none of the data on it is touched.

Using Secure Shells with PuTTY

http://jfitz.com/tips/putty_config.html

Normal connections to the internet, unless using SSL, are cleartext unencrypted transmissions divided into data packets. Using a packetsniffer, it is possible to capture most packets, and look at their payload in plain text. This can include usernames, emails, IM's, and sometimes even passwords and sensitive information. When you set up a tunnel securely, you are connecting to a secure, encrypted connection to the machine you are connecting to, helping to prevent the use of packetsniffers to steal your information. Not only is this useful for keeping your local connection to the internet secure, it is also one of the basic ways you can hide which IP address you are connecting to the internet from at home. When using the tunnel for your transmissions, all of your packets will have that machine's IP address on the source address section instead of your own. Again, as covered above, you cannot trust a VPN (SSH) provided at no cost. It is in your best interests to use a paid hosting provider.

OpenVPN GNU/Linux

Information on how to set up a GNU/Linux system to use openVPN can be found here: http://openvpn.net/howto.html

OpenVPN only secures you between your server and you, not between your server and the internet. Your server will be the middle man and is identifieable unless augmented with additional obfuscation techniques.

To secure the connection between your local server and the internet you'll need a commercial VPN provider. (This section does not apply to people who connect directly to the internet. Most people will need the commercial VPN.)

Using SOCKS4/5 Proxys

If you're interested in using SOCKS 4/5 proxies with the Firefox browser, you can find instructions here: Need good link.

Configuring DNS

This section explains how to change the nameserver that resolves domain names into IP adresses that is sometimes used as an ideal way to trace you by your ISP, even if the data you used is encrypted via RSA or a strong triple des encryption the request to the domain name to an ip still is carried out by someone, make sure it's you, or someone friendly. DNS requests in an ideal situation should be encrypted, if you're super paranoid, and some proxies offer this.

Changing Windows Hostnames

This hacker's trick is a good way to associate a permanent IP mirror for your favourite social networking site like facebook, twitter, etc etc. If this is something you're interested in, more information can be found here: http://www.ehow.com/how_5225562_edit-windows-hosts-file.html

If you want cannabis.com to goto 4.2.2.1 then you can enter it just like the localhost 127.0.0.1 entry you'll find in your windows setup. This bypasses nameserver requests to most browsers (check to be sure with a packet sniffer)

Packet Capturing

All of these need PCap drivers installed and are included in the downloads of each. Understanding packets takes time and practice.

To get started install a copy of wireshark (http://www.wireshark.org/) or MS Network Monitor 3.4, both are free. If you don't see any capture interfaces listed then you may need to run it as administrator.

To identify which interface is seeing your traffic click the first (top-left) icon "list available interfaces" and look for the one with the numbers counting up; it's the active one. Start it and watch all the packets flow. You might see lots of traffic, start closing shit that's downloading or streaming stuff. You'll get down to a slower scroll of ARP and NetBios traffic, the occasional UPNP burst and other stuff.

If you're on a secure VPN or something you'll see just about ALL SSL/TLS grey colored packets or all UDP blue packets in some cases. Try another active interface (like a TAP interface) to see the goods.

Get on your home network and play around; see what DHCP handshakes look like, DNS requests/responses, navigate a shared folder and see what it shows you, stuff like that.

If you know how, do an NMAP scan and see how obvious and loud it is and learn techniques to use it in a more covert manner. http://www.wireshark.org/docs/ <- read and watch the videos. There's a lot to it but once you catch on it's quite simple to grasp.

TCPDump(linux)/WinDump(windows) - Command line packet capture for gathering to analyze later. http://www.tcpdump.org/ and http://www.winpcap.org/windump/

NetworkMiner (http://networkminer.sourceforge.net/) is an alternative that allows you to sort collected packets however you want (by host for example) for easy digging around.

NEED MOAR/BETTER INFO HERE:

TCP/IP AND THE WIDER INTERNET: (DNS/HTTP Port 80/Logging/Secure ways to connect to your 'crack' machine).. PROXY CHAINING, SSH CLI Chaining maybe?

Change DNS Settings in Windows XP

http://www.mediacollege.com/computer/network/dns.htmlNetwork Layers & OSI ModelIn order for a security expert to truly understand a software or hardwares running on a network or security system, they must be able to relate to and fully conceive the implications of changes that are made to an existing setup.No matter what you do at any level of the network layer, you will be interacting at other levels also. E.g. The data link layer (Layer 2 OSI) must make use of the physical layer (Layer 1 OSI), and so on.Layer 1 : Physical layerThis is the electrical and physical specification of the devices. In particular it will refer to pins, voltages, repeaters, hubs, network adapters, host bus adapters and SANs (Storage Area NEtworks). Standards such as the RS-232C Com port standard popularised in the 90's uses such physical wires to access medium.One such popular medium would be the internet. To which the early modems connected.Layer 2 : Data Link LayerThe Data Link Layer provides functional and procedural means to transfer data between network entities using physical layers (or cabling/adapters/routers/repeaters) so on and so forth. Originally Layer 2 was intended for point 2 point transfer only. LAN and multi-broadcast media (multicast et al) were developed independant of the ISO standard (IEEE 802).WAN and LAN are services on the data link layer that arrange bits, from physical layer into logical fram sequences. These frames contain important information that is relative to your Transmission Control Protocol, and includes information such as your IP (Internet Protocol) address.This address is binded through service levels by the TCP (Transmission Control Protocol) transport layer.8. Hack in a sack:The Metasploit Framework
Metasploit is a software suite created for penetration testing, and is included in both Backtrack and Gnacktrack LiveCDs listed in the mobile solutions section. It has a command line interface, a GUI interface, and a Web interface, creating what is, in a real way, the world's first point-and-click hacking software. It has a massive, constantly updated Database of usable exploits, which you can use to gain access to vulnerable remote systems. http://www.metasploit.com/