Online anonymity is vital for a hacker or a person who want privacy. If you are concerned about your privacy and security you must read this. Staying anonymous online means hiding your IP address, location or simply hiding all sort of IDs. Any government organisations can easily fingerprint a normal user by simply tracing the IP and location and ISP details. Thus staying anon is important while penetration testing. Some people just want to evade the spying organisations others just want to access a website which is banned in their country, they all use these techniques.
VPN – virtual private network uses Point to Point Tunneling Protocol to establish a connection. VPN means a server that is designed to allow multiple users to connect into a single machine and use it as their virtual network to access the internet. i.e a single network with thousands of users so that its hard to fingerprint or track a single user. When a user browse with the vpn the target can only log the VPN machine’s details. If someone start tracing he could only get the IP address of the virtual server. The best VPN servers don’t log the user details. VPN is a safe way to browse and blocked websites. Still there are many advanced method to track real IP so, don’t think that VPN is the ultimate way of staying anonymous. You can find many free and paid VPN providers on the web.
TOR stands for “The Onion Router”. wondering why an “Onion”? Its related to onion because TOR use multiple layer of encryption resembling the layers in an onion. TOR works in a complicated way than a VPN. Its servers are divided into three: Entry, Middle and Exit. These three nodes communicate with a high level of encryption so that it is one of the most safe services. unmasking a tor user is really hard (still american gov organisations claim they can). TOR can also be used for browsing the dark web where you can get all the illegal stuffs. TOR provides a specially modified browser for more secure browsing. Downloading that would be great idea. TOR can also run as proxy service. You can proxy any application in kali linux using proxychains. Proxychain can run any app through any proxy service, by default its set for tor proxy running on port 9050.
Eg: the following command will run iceweasel browser through proxy
Click here to see how to change tor exit node manually and its detailed explanation.
3. Customize the browser
4. Browsing habits
Changing browsing habit in the sense using of email service and social networking sites. Many people think that using Facebook or gmail over TOR can protect their identity. Using you personal account over a proxy service never protects you because they already logged the login IPs and location since the day of registration. If you created a Facebook account without a proxy and later if you use a proxy, there is no point in using that. Never use your personal info to login. Better don’t use social networking site and do penetration testing on same proxy network simultaneously.
5. Switch search engine
Google is the most used search engine on the internet but, using that is not a good idea for a hacker. Google logs all the information including the searched keywords, ip, location, device info or simply everything that a user send from a browser. There are many other search engines over the web that do not logs the user information. Disconnect is my favorite one. you can also use shodan its known as the hackers search engine since it displays more info like netbios. Switching to these search engines will help you to protect your identity.