Internet Communications

From Steal This Wiki

Jump to: navigation, search

Communications via the Internet


Pretty much all internet communication is or can be monitored by the authorities. Certainly, once you're identified as a dissenter, everything you do will be watched.

This section lays out ways to work within this environment and ways to, in some cases, get around the overseeing eyes of Big Brother.


Contents

[edit] Using Email Securely

While access to internet cafes or other public access point maybe monitored (CCTV will hardly ever be noticeable), if you pay by cash and use a disposable one time email address like hotmail or gmail it is very unlikely that your identity will be pin pointed. This is obviously only useful if the the recipient is not in danger of being compromised or if you can agree predetermined times to communicate using 'disposable email addresses and public machines at each end of the communication. What will be noticed is if you are under investigation stop using your old email address, make new accounts, and then continue to email your family and friends as normal, do you think it will be hard to figure out who that new account belongs to? Using encryption will raise eyebrows but does protect your communications and if you are using public key encryption you can also verify the senders identity.

[edit] Looking at Web Pages Securely

Remember that while you are looking at web pages all kinds of information may be free to leak into your mind and even your soul. Check that you are conscious of this at all times. If possible use an ad blocker and make sure you do not look at web pages when you are tired or under the influence of any medication that may reduce your consciousness. Even the most legitimate looking and well designed web page may well contain information that is either completely incorrect or deliberately misleading.

Your browsing probably follows a pattern to your favorite news, sports, email, and other sites. With the right software or if the ISP is watching this browsing pattern can be detected potentially flagging persons of interest for either enhanced surveillance or sending your location to the police.

[edit] Social Networks & IM (Instant Messaging)

Although fun and even useful, be aware that social networks can expose your personal details to other people, and is to be considered as a constantly government monitored method of determining who you communicate with even casually. Make sure you understand what you are sharing with whom. Many services by their nature allow many people even the whole of the internet to see the message you thought you just sent to a friend. Educate yourself and be aware.

IM tends to be more unambiguous but like email is inherently not secure or private and is mostly monitored or at least archived.

If you need to use Yahoo Messenger but don't want to download it to the computer you're using, there is a web based version at http://web.im.

[edit] Encryption

While it is fairly trivial to install industrial strength free open source email encryption on any personal computer like GNU Privacy Guard for windows or see here for other platforms, it is only as good as your personal security habits. It maybe easy enough for security agencies to crack your encryption and there may well be 'back-door' access that you don't know about, you can only consider this to be a way of slowing down third party access to your private information. If any third party wants access to your information they may feel the quickest way is to 'persuade' you to hand over your encryption keys.

see Crypto section below.

[edit] Remember Pattern Matching

Remember that in general the pattern of your web browsing and email contact just like the pattern of your phone calls and credit card transactions will be much more telling than individual records. Just in the way that Credit card companies will now automatically notice if your spending goes outside the norm either in geography or amount it is certain that electronic communication can be monitored easily in the same way and act accordingly.

[edit] Email - What it is and isn't! (and thoughts on security)

Email is short for electronic mail. Now that we have email, email users refer to regular mail — received via the Post Office — disparagingly as Snail Mail. Inherent in its form, is its speed. When you send a letter through snail mail it can take days to arrive. When you send an email it arrives in the recipient's "email box" (inbox) nearly immediately. The only delay being the time it takes for the sender and recipient's email servers and the recipient's email client to synchronize with one another.

There is another difference though, (every rose has a thorn, right?) while snail mail arrives days later and doesn't run on Sundays it does require the use of tangible resources such as paper and stamps. It does have one benefit that email doesn't — it's usually in a sealed envelope. So speed or security. Oh, and email is probably massively less hungry on resources...

In practice, the only thing stopping your postal carrier (or any one of the various postal workers who touch your envelope from the time it's picked up to the time it's delivered) from opening and re-sealing your mail is the law of your country (but when did that stop anyone?). When it comes to email, they are still figuring out how to handle it from a legal perspective. Recent court decisions have tended to side with privacy advocates when it comes to who can read your email, how it is obtained and the responsibilities of the Internet Service Provider (ISP).

On the other hand ISP whistle-blowers have informed the public that media companies such as AT&T who provide you with your internet service wasted little time in responding to the government's request/demand for access to its data and voice lines. If you are using email you should expect the same kind of privacy you have when you are browsing the internet: None. Assume that someone is reading your email and assume that someone is watching all of your internet activity.

Don't communicate important or sensitive information through email. Once you've established groups of people or partners in actions, only use email when absolutely necessary. You should be similarly concerned about talking on the phone, but somewhat less so. The bottom line is that the only secure methods of communication involve direct conversations and sealed envelopes. But if there is a reason for the government to suspect you of illegal activities (read: anything they don't want you to do for any reason), then you should be careful on the phone and using snail mail just as you are careful with email.

Email can still be a good way to share reference material or for bringing people together. Still, be careful with it. Don't give your email address to anyone unless you know them or are confident in their security. When you sign up for access to sites on the web that require log-ins, read their privacy statements and never provide your email address, even to a person or a party appearing to represent your ISP. Don't even give your email password to your friends or family. Don't use your email to store important information or personal files on financial or other personal information — save it locally on your computer and/or print it out for your files. If something arrives in your email inbox that might be necessary for someone else to be able to access in an emergency, or if you are unavailable — temporarily or otherwise — then it doesn't belong only in your email inbox.

The Bottom Line...

The bottom line is that your email inbox is yours and yours alone, Email offers a efficient and easy means of communication for people with access to it but it's also easily vulnerable to access from the outside. Treat it appropriately, and treat it with respect.

Months can go by if you are planning something with your friends on email without any indication that it's being accessed illegally, you can let your guard down, believing that you are speaking in private and then suddenly, without warning, you're being hauled into jail and your computer is taken as evidence against you.

You might not have done anything, but that doesn't matter. We no longer live in a society where the government allows free speech if we ever did. But hell, governments never never stopped anyone doing anything.

Even the suggestion of the idea of a notion of an intangible threat is enough to put you away. And the more innocent you are, the more likely you are to be tortured — cops, especially the feds, don't like to be wrong, and it should be obvious to anyone who reads the news that the government will stop at nothing to get what it wants or to make it appear like it has what it wants. Don't let your own email be your undoing. Use it with respect and caution.

[edit] Webmail

Webmail is now cheap and plentiful. Just remember that the contents are readable by anyone that your company wants to give access to, even if you have deleted the messages; many services just make them invisible to you while still keeping a full archive for the cops. If you are ever in jail or any institution, make a new account and don't e-mail anyone but non-activist friends and family, as your email and surfing will always be watched.

When using webmail (or generally browsing), try to use a browser like Firefox, which has many extensions that are perfect for hiding/deleting/encrypting your history or your searches or your email content.

[edit] Free email sites

Most everyone and their dog does free email now. Here are some of the big ones:

  • Freenigma is a Firefox extension for encrypting emails from Yahoo or Gmail.


[edit] Local Email

Local download email is the original way to get your email, but your information is saved on your hard drive by default. You read files that are downloaded automatically to your drive by your email application. Everything you send and receive, in addition to being kept by the email server in the same way that webmail works, is also stored on your drive.

The files are deleted from the server and saved on your computer. Often, emails remain on server backup even after you retrieve and delete them. All of these emails are readable by a pig who gets his hands on your laptop.

Whether using local email or webmail, your emails are kept on a server. ANY and ALL internet communication can be intercepted or monitored.

[edit] How to Post Information on the Web

[edit] Domain Name

If you plan to do any web publishing of any type register and own your domain name we own the stealthiswiki.org domain meaning that reactionary companies cant just pay off a hosting company to take our web address. Many hosting companies give you a free taste of the domain, and will rent it to you but if it is not in YOUR NAME you dont own or truly control it. You can ask people what happens when the hosting company goes bankrupt where the domain name went, that domain name is the only way most everyone knows how to access you on the net. A whois lookup should return your information.

[edit] Keep It Simple

Not everyone has a cable modem, DSL or dedicated T1 line. When designing a website or other web presence, consider making a low graphics or even graphics-free version for folks using dial-up services or overloaded proxy services. If you're running a web radio station, consider a Low-Fi audio feed. For the truly security cautious Flash, Java and Javascript plugins are all problems as are other plugin type website gadgets. Give viewers the option of viewing a straight HTML site with normally linked pictures and downloads. Test your site in Internet Explorer, Links, LYNX, Firefox/Mozila, Konqueror, Opera, and mobile phone browsers and almost everyone should be happy.

[edit] Podcast

Have an outline and basic script for any monologues before you start to record. Be sure to research your guests and have questions ready. It is a good idea to send the questions to the guest so they sound intelligent, unless you are planning an ambush. Use the program audacity to record and convert to mp3 , get a good microphone, a telephone recording attachment is good for phone in guests. A basement or interior room which gets no noise from the outside with blankets hung on the walls and ceiling and carpeted floors absorbs most noise. Turn off furnaces or other appliances which could come on suddenly and cause noise for the duration of your recording session. Go through afterwards and do post production to wipe out parts that are not interesting or dead air gaps, It is best to edit down to standard times, half hour or an hour, break up into several mp3's if you want to do a giant recording session. Always have someone else listen to the show before putting it on the net, preferably someone not overly familiar with the topic. Be sure to research carefully your file host, for many people once they set up the RSS feed they will have trouble following you if you switch hosts, especially if you forget all the places you advertised. There are some really free providers like http://www.ourmedia.org/ and some good searching will turn out more but be careful that you are not just signing up with a place that will start charging once you get popular. Some of the best free hosts require you use a free distribution license like we do at Steal This Wiki for the files they host, this is mostly to prevent successful shows from suing for royalties later. You can do this all with the cheapest netbook and an internet connection, advertise with stencil paints and wheatpasted posters. check out Public Speaking, and Guerilla Radio

[edit] Social Media

The new buzz words for the democratisation of communication and news media. While traditional news media like newspaper and TV are 'one to many' hierarchical structures Micro/mobile blogging and regular blogs allow citizen journalists to add their collective voices to a more democratic process. While the obvious bias of 'legacy' news media in contrast, becomes more apparent, many people realise they can scan the blog news feeds and make up their own balance view of 'reality'.

[edit] Blog & Micro Blogging

There are many free blog sites which have many options. Most now have an option to post via SMS and email. If you want a regular readership, be sure to post on a regular basis (at least once a week).

[edit] Popular Blogging Services

Blogger Hosted for you for free. Part of the Google empire (for good or evil?).

WordPress.com Choice of hosted of download the software and run on your own server.

MySpace Hosted Heavily monitored by the US Government and owned by Rupert Murdoch's News Corporation (The goons who run Fox News)

Xanga

LiveJournal

Tagworld

[edit] Micro Blogging Services

Mostly known by the biggest of the pack which is currently (Aug 08) Twitter. Allows you to post a SMS length text message from anywhere that is in some way connected to the internet. This includes to and from most modern mobile (cell) phones. You can choose who can see your postings; either people you approve, just the recipient or anyone. This combined with GPS and camera equipped mobile phones allow posts to be tagged and linked to location and photographs.

More about Twitter on Wikipedia

[edit] Social Networking Sites

Now massively popular social network sites connect people with their peer group, relatives and social contacts. Most services are aimed at niche markets: Bebo for tween to teen market, MySpace and Facebook for older teens to third level and Linkedin for professionals.

All provide a locked in network that tends to tie users into their branded ringfenced domains by allowing users to invest large amounts of energy in tending their online 'profiles'. In most cases it becomes very hard for users to extract or migrate this data and the network of contacts that users develop as the actual data is masked from view, it is also impossible to delete, ever. Large privacy concerns and the ambiguity of what profile information is publicly shared or available to private investigators for a price makes use by inexperienced vulnerable people inadvisable. Treat with caution since this is the first place the cops will look for interrogation leads after hauling you in for questioning or tracking you down. For those sneaky types out there know that just making a new account when you run off to the caves of Azerbaijan to hide out will not protect you, by communicating to your old family and friends you make a match to your old life, very easy for any investigator private or police to follow.

[edit] College or Personal Web Space

Most colleges and some ISP's give webspace and a shell account when you register. An account for low bandwidth sites will be a fine option, but if your site becomes hot quickly, you could be shut down or charged for bandwidth usage.

[edit] Bittorrent

The bittorrent protocol allows for easy downloading of large files, as well as easing the dissemination of your own stuff. Using torrents and tracker websites, you can find almost anything from the latest movies and games to applications and operating systems. The bittorrent protocol uses your upstream bandwidth to re-share the content as you are downloading, decentralizing the total downloading infrastructure.

Consider using PeerGuardian or similar block list software if you download unlicensed content through P2P networks. This may protect you from being profiled by known and suspected copyright license collection organizations that are known to use questionable legal intimidation tactics as well as blocking many torrent polluters which send out bad chunks which cause longer downloads as you have to re try many parts of your file.

[edit] Photohosting Sites

Photo hosting sites are an easy way to distribute or share photos.. Be sure to read the terms and conditions to be sure you retain rights and ownership if that is important to you, you will also want to research the takedown policy for controversial content. Here are a few sites http://www.photobucket.com http://www.imageshack.us http://www.flickr.com Flickr

[edit] Photo File Security

Remember kids, your camera does leave a digital fingerprint the cops can follow, strip the EXIF data from all photos before posting so they are less easily traced. In Linux install the program jhead which edits the JPEG image file headers, in command line type 

jhead -de *

in your photo directory and date and camera information for all of the .jpeg and .jpg files will be stripped. If you are a Windows or Mac user just select and copy the part of the pic you want to the clipboard, then paste into a paint program and save.

Your cameras pixels also leave a fingerprint, there has been some work eliminating the background uniform pixel noise from cameras by adding a random pixel shading to pictures. If you plan to photograph for radical causes it is wise to use a different camera than the one you use to post family photos on flickr.

[edit] Indymedia

Indymedia is a news site for an alternative viewpoint. It is a very activist source and covers activist news.

Many news sites now include a discussion area at the bottom. This is usually not read by the regular news viewer and is mostly a place for debate between posters.

[edit] Video on Torrent or Video sites

Video of police violence, corpgov malfeasance, or active resistance can be posted to video viewing sites or to bittorrent location sites. YouTube which has been bought by Google Video are basic sites for this, as they offer a huge number of viewers, but you may be more easily prosecuted if the pigs want to sue the video of them off of the web. Youtube will delete videos of police or other violence it it exceeds their acceptable policy. Liveleak and other video sites get less traffic but have more open terms or service.

[edit] Vagabond Video

Perhaps you want to waste brain cells and watch CorpGov TV shows and movies off of the net like everyone else does, but what if you don't have a a regular net connection, or even more difficult not even a laptop just a PDA or video player? If you either have a friend with a computer or access to a server with the right software installed you can use the programs mencoder or ffmpg to encode for playback on your PDA, these are available for most Linux distros and Apple OS-X, there are also programs to do this on Windows.

One of our writers only has a PDA so she finds a WiFi hotspot, logs into her server account halfway across the globe, starts a screen(screen is a very useful unix/linux program that keeps a terminal session running even when you disconnect) session so she can log out and the work will continue, and uses bittorrent to download the file to her server account. It should be easiest to grab the weblink for the torrent file from your computer or PDA web browser and past it into the command line terminal session after the command links, elinks, or lynx which are text only web browsers, they will prompt you for a file name that will save the torrent, be sure whatever name it saves as ends with .torrent so your bittorrent program will recognise it. She mentioned that it is often easier to visit a computer lab or library and use a big keyboard and screen to hunt down the torrents you want assuming there is not a surf-block program installed to stop torrent sites. Since public machines almost never have a SSH program installed she suggested a web based Java SSH program (Warning not for secure communications!!) to connect to your server and get the remote download started, try those:

In a few hours or so she brings a power cable or battery pack for her PDA and visits a good WiFI hotspot that she can sit at for an hour or two, coffee shops work well for this. She then logs in and exits the finished torrent and uses mencoder or ffmpg on the server side to shrink and convert the file to something her PDA will play back at a decent rate and download quickly. Here is an example of the Linux command string she uses, edit this for your own files and preferences, be sure to encode to a video codec that your player can read.

mencoder exampleoriginalfile.mpg -ofps 15 -srate 24000 -oac mp3lame -lameopts cbr:br=32:vol=5:mode=3 -ovc lavc -lavcopts vcodec=mpeg1video:vbitrate=96:vhq:keyint=300 -vop scale=160:120 -o examplefinishedfile.mpg

or

ffmpeg -i examplestartfile.avi -ab 56 -ar 22050 -b 500 -s 320x240 examplefinishedfile.mpg

This conversion will not take more than ten to twenty minutes even on a slow server to convert a movie but you might want to start a "screen" session on your server and disconnect while the encoder is working to save battery pack power on your PDA. Tweak the bitrate settings, framerates, and size for better performance or quality. These examples encode using the mpeg1video codec since this should work on even early PDA's but you might see better results with more modern devices like Ipods if you use mpeg4 instead.

After this is all done she just uses a FTP program to grab the file to her PDA and once it is done watches it when she has time. To keep the less honest from seeing her PDA she starts the FTP program and puts the PDA into her backpack under the table with a battery pack or solar cell plugged in since big WiFi file transfers use plenty of battery power. Be sure you have a good connection before you put the PDA in the pack or you might realize that the file never downloaded.

She has another trick for TV shows such as news programs and some comedy, which she prefers to just strip out the the audio from the video files for listening to as a podcast during her bike commute she uses the following.

ffmpeg -i originalfile.mp4 -vn -ac 1 newaudiofile.mp3

IF you want to something a bit different with codecs or other settings type man ffmpg or mencoder to see your options.

[edit] Usenet and Listservs

Usenet used to be a great way to spread and discuss information. Much like the abuse of the CB radio networks in the USA, the sheer weight of spam and flame wars drove most serious users out, excluding a few special interest groups. Usenet can still be useful, especially if you are able to filter through the garbage. The good stuff can be filtered from the bad stuff using email applications or webmail services that provide good filtering, sorting and viewing options. A well set-up inbox can be extremely helpful in getting to the information you really want to read.

http://en.wikipedia.org/wiki/Usenet

[edit] Internet Phone Communication - VOIP (Voice over Internet Protocol)

Skype is a "free" VOIP (Voice over Internet Protocol) service, but with proprietary communication protocol. The closed nature of the protocol make not possible to check the privacy level. If possible prefer free and open software like Ekiga http://www.gnomemeeting.org/

[edit] Instant Messaging Anywhere

There are several instant messenger clients and services, most free for anyone to use. If you look around, you can even likely find one that will blast through your work or school firewall. Don't expect any IM's to be private, and understand that most services keep a log.

[edit] Web Radio Streaming

Stream like the professionals do! Software and hardware for web-streaming is easy to obtain and easy to set up, with the hardware cheap, and the software free and open-source. Get yourself an older machine, and boot some sort of Linux/BSD operating system on it. Debian http://www.debian.org, Ubuntu http://www.ubuntu.com are easy to set up GNU/Linux variants, and NetBSD http://www.netbsd.org is a portable BSD system. Install icecast http://www.icecast.org/ and rip/download some mp3s. Information on each of these OS and programs is available on their websites.

[edit] Network Printing

While not really getting your message out ON the net, you can really get a radical message OVER the net to unsuspecting audiences. If you can make an exciting eye-catching flyer, people will recognize and grab your work. You have to figure out how to get past firewalls from outside or even print at your own corpgov job without getting caught (or, print it on the day you are fired). Print servers are also often unpatched for security and become a great scan server to use in initiating attacks on the network. Another fun idea, if you figure out the printer admin access, is to upload a script on the day you quit that bank job that will regularly print radical messages, posters, or even this book until the IT department wipes or junks the printer or server. However, attacks which involve printing out all of the ink and paper are not usually warranted as we are not at war with the trees.

Most schools offer computer labs and allow students to print a maximum number of pages a day. Use this to your advantage! Draw up some fliers, print them on 3x3 settings off of a school library or computer lab printer for (somewhat above) your maximum number of free pages. Doing this once a day, or whenever the advisors change shifts to get an unlimited supply of print jobs.

[edit] Connecting:

[edit] Wi-Fi network

Many neighbors have open wifi networks that were left in their default unlocked mode. This is either by accident or the owners wanted to give free access. Often times, the owner will not change the default password from "admin" to a better password, so you may be able to gain access to the network by using the "admin" password. Many of these "admin" passwords can also be found online. Be a good nerd, and at most open ports or DMZ your machine, if you will be around for awhile. Don't rudely lock someone out of their AP or change the SSID to 10053r, p0wn3d, or 1d10t. Something like that will likely make them secure the node, ruining a good open node.

[edit] Wi-Finder

Cheap Wi-Finders, keychain wifi detectors will help you quickly survey an area to see if you have a Wi-Fi node nearby, that way you can leave your lappy in the pack. A good idea is to waterproof and tape one to your bicycle handlebars or stick it under the sun shade of your bike helmet so you can see the LED's.

[edit] Net&Buzz

Most hipper local coffeehouses offer free WiFi and the signal often leaks out into the surrounding area. If you buy coffee there regularly, thank them so they keep it running. If you need Internet for a long stretch, go in after taking a bath and wearing clean clothes; that way they won't kick you out. Plug in and buy a coffee or cake at least every hour and a half. Avoid squatting at high traffic times and most importantly of all, leave a tip!

[edit] Cyber-Hobo Code

Where there is open wireless to be had, why not let people know? Take a tip from Wall Painting and use our hobo code, )( the opposing half circles means open wireless node, while a closed circle means a closed network, chalk it on the curb. If you manage to crack the encryption on a closed network and get online leave the passphrase on the corner of the building near the ground.

[edit] Where to Sit

When out using free public wireless Internet, there is often a dearth of chairs. Many camping stores sell a light, inexpensive mini tripod stool which folds up into a 2/3 meter long bundle. You can strap this to your bike frame or pack for portability.

[edit] Car Surfing

Parking in an area with wifi is a popular way to get online if your Internet is disconnected, if you stay in a well lit area it helps hide the glow from your computer screen. Most netbook low-power computers can use an inexpensive 12 volt car adapter saving the battery for later. Be careful in parking meter areas as the cops may ticket you if the meter expires even though you are in the driver seat. Net squatting for hours outside somebodies home after midnight just gets creepy, especially if you knock on the door and ask to plug in an extension cord.

[edit] Cantenna, Antenna or Woktenna

If you are able to detect a wireless access point but not connect, often a directional high gain antenna will get you a strong enough signal for full connectivity. You can build or buy these antennas. http://en.wikipedia.org/wiki/Cantenna

If you can buy them, it is advisable, for durability sake, to spend the money for a 14dB or higher patch (flat) antenna and a quality tough antenna pigtail. Since these pigtails are fragile, a spare is advisable. Even if your laptop has built-in wireless, a high power removable wifi card that you can attach your antenna to will get you online in many densely populated environments where the built in antenna would normally fail.

Another option is the so-called "Wok-fi" antenna - which is often cheaper and more effective, at the expense of being bulkier and more fragile.

[edit] WEP/WPA

WEP is an old encryption used on 802.11b wireless networks. It is easily cracked, and some business and government offices may have an older personal wifi access point installed in big exec offices so they can play on their mahogany paneled laptops. Any reasonable IT department would have implemented better security.

Our hacks use a computer running Linux but there are also windows and Mac programs for this. Airsnort and Aircrack can help you bust the WEP/WPA encryption: this software package comes as an downloadable option with most Linux distros. Sample some net traffic, then let Aircrack look for weak packets, unlocking the encryption key. If your are a MS-Windows user, booting up with Knoppix STD or other security live distros will give you most of the security hacking tools you will need.

[edit] Community Wireless Co-Op

Many cities have community wifi co-ops which provide free internet and possibly other services from their access areas. These are great for anonymous surfing. Be sure to clear out all personal identifying settings and cookies from your browser and computer before you feel too secure and of course using TOR helps obscure what you are doing too.

To start see if you have any local businesses that wouldn't mind hosting wireless internet for their customers. This can be as simple as installing a used wireless access point and opening it up to an AP with a custom Linux firmware on it so you can control bandwidth and other services. While there are companies who may give out free hardware and even Internet access to businesses willing to host their service we mostly avoid them since they are ad based services and who knows what information is being reported back to home base.

[edit] Pirate Wireless

An interesting spin on community wireless is if at work you find a live network cable and power port you can just plug in an old access point and make a pirate wireless hotspot, of course it would have to make the signal available somewhere useful to justify the expense, maybe a directional antenna to extend the range and some disguise is in order to keep it safe. Alternatively drill holes high on the wall to the outside for your wires and install a plastic waterproof electrical box outside where there would be no suspicion. Make everything look professional and seal all holes for moisture and it might last for years.

[edit] Piggybacking Restricted WiFi Access

How to piggyback WiFi at the airport, university, train station, or other restricted or paid wifi access area using a Linux machine and assuming there is an authorized user online. This works by cloning the WiFi card mac address of an authorized user and makes you both appear to be using the same laptop. Helpful information is in (parentheses) and is either a value or instruction everything else is Linux shell terminal commands. A little practical experience in networking will help you guess or calculate the netmask and gateway address.

  • 1. (type) tcpdump -en
  • 2. (Carefully note Ip addresses and corresponding mac addresses that fly by)
  • 3. (type) ifconfig wlan0 hw ether macAddress
  • 4. (type) ifconfig wlan0 ip netmask (the netmask for the IP address)
  • 5. (type) route add default gw (router ip address, router's ip can usually be guessed from IP)
  • 6. (enjoy your free connectivity!)

[edit] HTTP over DNS

Many for pay commercial WiFi networks or crippled corporate networks still allow DNS queries. This opening can be exploited to allow tunnel access to a server and then out to the Internet. http://thomer.com/howtos/nstx.html

[edit] Cellular GPRS

Mobile phone based Internet connections are quite expensive and have the added detriment of being fully traceable back to you within a few meters, like all mobile phone use. The upside is possible broadband, even in remote areas or while in transit. However, it drains battery life quickly, and will give you a very sub-par viewing experience.

[edit] Mobile Acess Point

Most of the Linux based routers have an internal serial port or two. It will be either 3.3v or 5v. This serial port is a great way to connect a whole campout or crash house to the internet, you will need to add PPPD to the firmware and set up the config files. Use the mobile phone to dial in or get GPRS access, as most unlocked mobile phones accept serial connections and almost all phones accept some Hayes AT commands, you could also cable connect to an older real(non-winmodem) modem this way if DSL is not an option.

Add a battery pack or cigarette lighter adapter and you can even share Internet with a group traveling in several nearby cars, a train, or a bus. Beware of the next cellular bill after your net party unless you have an unlimited data account.

[edit] Bluetooth Sniping

Bluetooth, just like Wi-Fi, uses 2.4 Ghz microwaves. This means Wi-Fi directional antennas and amplifiers can be soldered onto your Bluetooth dongles and cards. Using this technique, locked executive phone books can be obtained, bogus phone or sms messages can be sent, or GPRS internet connections can be established. http://www.newscientist.com/article.ns?id=dn7461

[edit] Wired Ethernet

Often, you can quietly plug a patch cable into the library network when nobody is looking, Know how to get past the often minimal security, and don't abuse the sneak on. The library is our friend, not a thing to be abused.

[edit] Subnet Sniffing

Use of Linux "tcpdump" and watching the traffic will help you establish what subnet you are plugged into, even if there is no DHCP server to hand you an IP address. The "ifconfig" command will be used to set your IP address and subnet, "route" will be used to set your internet gateway. Windows users can use the GUI to add network a address and default gateway settings.

[edit] DNS

If you have to sneak onto a network without a DHCP server to give you an IP address, you may need to plug in your own DNS servers found in 'network settings'. There are a few stable ones in locations all over the world. Either edit /etc/resolv.conf and add these addresses in Unix/Linux or change the Windows DNS settings in your network TCP/IP settings.

  • 208.67.222.222
  • 208.67.220.220

[edit] PPPoE and VPN

Many ADSL providers use PPPoE or VPN to connect. We are still looking for a crack to this protocol. We would be thankful for any tips.

[edit] Mac Address Spoofing

Every network device has a unique ID called a MAC address. If you copy another machine's mac address and use it on your computer, you may be able to obtain access on certain wireless or wired networks. Often there will be an authentication of some other type you must pass as well, but the MAC address is often an easy way to secure home networks. If you do get kicked from a network, try changing the network MAC address (MAC address has nothing to do with being a Macintosh or not), as this is how a machine is usualy banned from a network. MAC addresses are also used in wireless networks.

[edit] Dialup

Free Dialup Services

When a corporation "gives" you internet, beware, as you will likely be forced to stare at ads on part of your screen. Worst-case-scenario, they have full access to your data.

Netzero lets you have ten hours of dialup internet for free. This is an ad-supported service, which only works on either MS Windows or Linspire-Linux platforms.

Nonprofit Unix shell and dialup access co-op, lots of l33t options for connect.

If you are on the run and need to get online, see Free_Telephones for tips on covertly connecting to phone lines.

[edit] Crypto:

[edit] pgp and gpg

PGP (pretty good privacy) and its younger open source cousin GPG (Gnu Privacy Guard) are simple programs that use a shared key and a private key to encrypt data and messages. Many programs have GPG. Inside one of the most useful is a clipboard helper where you paste your text into the box, hit the encrypt button, and your clipboard now has the encrypted message. There is really no end to the applications that can have GPG inside from VOIP phones to instant messengers.

[edit] TOR Onion Servers

Obfuscate the origin of your connection. This provides good privacy from end use sites, but not against telcos and some larger governments who have the ability to monitor end to end internet packet traffic in real time. http://en.wikipedia.org/wiki/Tor_(anonymity_network)

If you find that the TOR network is suddenly not working be sure to check for an update in version at the http://tor.eff.org/ website. Some major Linux distros and other software packages may fall behind and not issue automatic updates if you have not set the updater to check the official TOR package sources.

One often unused feature of the TOR network is the ability to host hidden servers. Once you have the software running you can visit .onion sites which are as difficult to trace as a web surfer running TOR. Visit http://l6nvqsqivhrunqvs.onion/ for a popular reliable hidden discussion forum while your TOR is turned, http://eqt5g4fuenphqinx.onion/ is the official TOR core.onion site when it is up, here is where sites on the onion should be listed. Better yet set up your own hidden server.

[edit] SSH encrypted shell access

The standard secure way to connect for console or tunneled connections to most Unix/Linux type servers. You can use SSH to tunnel or forward almost any service see http://souptonuts.sourceforge.net/sshtips.htm for more ideas. See http://www.openssh.com/ for the real thing or http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html for Putty the small Windows client which will happily run from your USB keychain drive.

The following command you will start a Socks5 type proxy to forward all of your browsing to a remote server vial a remote tunnel: 

ssh -D 1420 user@server.com

The -D means you want to have SSH make a Socks5 type proxy the number (1420 or whatever you like) is the port you want to connect it to. User is your username on a remote server and after the @ sign is the web address of your server, you will be asked for your password after connecting.

If you want to keep your browsing free of the IT department entirely also route your DNS requests through the Socks proxy, in Firefox type 

about:conf

in the address bar and hit enter, you will be dropped into the manual config editing page of Firefox, scroll down to 

network.proxy.socks_remote_dns

and toggle it to true (default is false) now got to Edit>Preferences>Connection Settings and click the Manual Proxy Configuration button, In the SOCKS Host add the address 127.0.0.1 and the port will be whatever you set after the -D (our example used 1420, choose something over 1000) be sure that SOCKS-5 is selected. Once TOR is set up and working install Torbutton in Firefox and add your port settings to make your switch quick as a mouse click.

If your boss blocks port 22 (normal SSH port) you can be a sneak too and route through the almost always open SSL port (443).

[edit] Network Stealth

[edit] Disguise Your Gear

If you have secretly left a server in an office or other secure location, maybe an inside job, using their bandwidth broadcasting your radical news it must look like it belongs there. A nice clean modern case can often be found that will match the equipment where you are making the setup. Other options may be to to hide the server above ceiling tiles or placing a very small mini-ITX or other single board type machines double side taped under or behind a desk or cubicle partition. Hunting these down will drive IT nuts if they even ever figure out where all of their bandwidth is going. see Infiltrating for more ideas

[edit] Covert Server

[edit] Shell Accounts Game

Acquire shell access to as many servers as possible to be able to SSH over borders and obscure the point of origin while on the internet. This can be quite useful:

  • once you have a shell account, use it to proxify your web use. The web requests will look like they came form the server and not you. See SSH encrypted shell access above for details.

[edit] Wi-Fi and DMZ - A router to put your box on the net

Many home DSL lines have the Wi-Fi router unconfigured. Use the default password to take control and DMZ your machine. You are now live on the internet and can direct your domain name to this IP address for small scale web presence.

[edit] Dynamic DNS

There are now many dynamic DNS and DNS forwarding services available for free. Using these services you can direst web traffic from a domain name to your constantly changing DSL line IP address, some services also will redirect to an unblocked network port if your ISP blocks port 80. Many home network routers will automatically update your dynamic DNS provider, if your router does not support these updates there are many update programs that run on Windows, Mac, and Unix/Linux.

[edit] Generic Owned Box plugged into an Open Network

Any old computer plugged into a DSL line or office network and allowed to have an IP address on the internet can be a hidden server. Your server can be used to store files, serve a website, or even remotely browse the net, obscuring your location.

[edit] Arousing Suspicion

An encrypted transmission will generate suspicion on the internet. Always assume your data is being sniffed and act accordingly.

[edit] Anonymous Surfing

There are services that allow web surfing by-proxy which leave behind no trail of your visited websites on the computer. Great for sneaking past work or school snoops, but the Feds might be able to watch these networks. These proxies slow down your connection speed a bit, and may interfere with downloading, but for security, it's worth it. However, the fact that you've been on a proxy site for two hours may attract suspicion.

[edit] Off By One

A simple and free Non-Java web browser for Windows that fits on a CD or flash drive, but doesn't require installation onto the hard drive for use. It's only 1.2 MB and can be compressed down to about 460KB for distribution. When the disc is removed, all browser information goes with it. The page and image caches are memory-resident and utilize no disk storage, so after each session, any "cookies" simply vanish. The drawbacks to its small size is that it doesn't support JavaScript, applets, plug-ins or Flash.

[edit] Mozilla Firefox - Portable Edition

A 25 MB version of the web-browser that can travel with you on your clip flash drive (along with your bookmarks and cookies that won't be on the computer you're using). Runs on Windows or Wine on Linux/UNIX.

Visit http://www.torproject.org/torbrowser/index.html.en for the TOR browser and instant messenger pack. All open source and it fits on your USB drive.

[edit] Links

Humorous and/or useful page of further links on this topic:

Retrieved from "http://wiki.stealthiswiki.org/wiki/Internet_Communications"
Personal tools