BrightSpace666
Active member
Part of a larger project of mine is finished (hopefully finally). In this post you will find some longer information on how to achieve a certain level of security in the online space. We cannot be completely safe because of enemy-controlled facilities and their parasitism in the online space.
If you follow these, you can achieve an "above average" level of security. Remember there is never 100% security, it would require someone not using the internet, computers etc. I hope I have been able to help you with this.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Cyber Security is important in many ways, especially for an SS. As safe as you are spiritually, you need to be safe online.
I won't go into why Cyber Security is important. Spiritual warfare, browsing forums, and the list goes on. All of these require programs and systems on which you can perform these core tasks, and all with adequate security.
About Linux in brief - Linux is a completely open source operating system, with many default security settings. These settings vary from Linux distribution to Linux distribution, but all systems have "default" security settings.
On Linux (unlike Windows), programs do not run with administrator privileges. On Windows everything runs with this privilege, which is not at all secure from a Cyber Security point of view. Lots of updates, data sending, viruses - all serious problems.
On Linux, if you happen to come across a virus and it downloads in the background, it doesn't run on the system. You have to boot to it, since it don't have administrator privileges, so it doesn't bother you in almost any way. This is not the case on Windows, which is why most viruses are on Windows systems.
Linux has many versions, so anyone who wants to switch has a huge choice.
Linux beginners can start with Ubuntu or even Linux Mint. These systems include word processors by default, just a more secure version of them. LibreOffice, LibreOffice Writer, Draw, etc. There are also numerous security updates, and security improves with each update.
There are also many updates on Linux, but these are mostly Kernel and security updates.
When installing Linux, the first step when you are at the installer is to select "Encrypt entire disk" and "Encrypt my folders". This is the first security step. In the following sections we will talk about the Terminal, so pay close attention to every detail.
Choose a strong password and a security key to access the system. You will need to enter two passwords after each boot - the security key and the user password. Also write down the security key on a piece of paper so that you don't lose it.
Everything will be explained and justified.
The first thing you need to do in your newly installed system is to open Terminal. (this is a panel window where you can type commands. You will do pretty much everything through the Terminal - downloading, installing, unpacking programs, etc).
You need to give yourself root privileges with the following command - "sudo -i". Enter the password of your computer here and you are root.
Type the following command to find the interface name using the following command - "ifconfig". The very first name it gives you is the name you should use. On Kali Linux, the interface name is eth0, but on other systems it's enp0s10, en1ps03, etc. Find this and select it. Next to it will be listed BROADCAST, MULTICAST, so you can easily find it.
I'll use Kali Linux commands in the following sections, but always use your own or it won't work. So always type your own interface name, for example en1p0s3, etc.
The first command is to disconnect from the Internet (only for a while, of course, and only on the computer) - on Kali Linux this is "ifconfig eth0 down". On your system, this should look like this if you're not using Kali - "ifconfig enp1s01 down", "ifconfig en1ps03 down", or whatever the Terminal says on the network.
This will disconnect you from the internet and you can continue. This is necessary so that when you reset the network, it will be with the new settings.
MAC address - A mac address is an abbreviation for the physical location of your computer and makes it easier to determine where you are. If they also know your IP address, that's even worse. This is not good and we will change it. "ifconfig eth0 hw ether de:ed:fe:ef:f0:0e" (Always use your own netname, e.g. enp1s023, etc.) This will change the MAC address.
You can also use the "macchanger" command to change the Mac address, but this must be downloaded. "sudo apt install macchanger -y", or if you are root, "apt-get install macchanger -y". (The "-y" means yes, you need to go further in the installer to download the program.)
When you're done, "macchanger -r eth0" (the "r" is short for Random Mac Address) and it will print out your current MAC address, then the new one. You can also change the MAC Address vendor by typing - macchanger -a eth0 (remember, always replace "eth0" with your own, such as en1ps03, or whatever Terminal says. So, what we have done so far on the completely New, Encrypted system:
sudo -i (for root) - "ifconfig eth0 down", ifconfig eth0 hw ether de:ed:fe:ef:f0:0e / macchanger -r eth0 (both change the MAC address, choose one, but using both together is fine). The next parts will be more complicated commands, but since they are, just copy and paste them into Terminal. These commands all work, regardless of the Linux system.
You can change the 802.11 "nickname" by doing the following. This 802.11 "nickname" means that it sends your Hostname to the AP. So change this so that you don't have a problem with it.
"iwconfig ath0 nickname "It is good"?" is an example, you can type a meaningless "nickname" here.
You can also check what options are available for a particular program, such as macchanger - macchanger -h (the "-h" indicates you're asking for help). Or another - ifconfig -h.
Type the following into Terminal as root - nano /etc/resolv.conf. Then scroll down and change "Nameserver" to the following - nameserver 127.0.0.1.
Next to the commands you will find an explanation of what each command ideally does. These commands are particularly useful in CyberSecurity, so their use is recommended. I should say that these commands (802, SSH, Nickname) come from the Deep Web, but I'll explain why they are useful. If you know anything about IT, you should know what these commands are for, so don't worry. On the other hand, Deep Web users are specifically focused on anonymous Interneting, and often help others to do so.
You should always run these commands in root mode, so "sudo -i" before each command and you're good to go.
Also, change the hostname of your system using "sudo hostnamectl set-hostname linuxconfig", then type "hostname". Here you can see that you have changed it. Also change the short name of your hostname and the "Alias" - hostname -a "Linux", then hostname -s "LX". This changes the "short" name of your Linux system and the "Alias" name.
Ident - in short ident is the TCP identification service. It allows a remote host to determine the local username associated with any TCP connection to that remote host. This is bad in case your computer's username might give away your real name. Be sure to do this with the following.
iptables -A INPUT -p tcp --dport ident -j DROP
That's it, we're ready for the next one.
Next is SSH. This can also be used for fingerprinting. It connects to port 22 of your IP to check if you are using the same machine as another IP you used before, either at your ISP or over a VPN. You need to change this, which you can do with the following commands. There will be 3 commands, all three will prompt you for a name and password, but just press enter. Don't type anything, just type enter. If you do want to do it, type a different username and password for each of the three. But I don't think that's necessary.
ssh-keygen -t rsa -f ssh_host_key.pub
ssh-keygen -t rsa -f ssh_host_rsa_key.pub
ssh-keygen -t dsa -f ssh_host_dsa_key.pub
Now comes the part where you can connect to the internet, "ifconfig eth0 up" (for you, if you're not using Kali Linux, "ifconfig en1ps03 up", or whatever Terminal says.)
Don't forget to use the "macchanger" command, and change the 802.11 "nickname" each time you boot, as it is only valid as long as the computer is on.
So
sudo -i
[Your password]
ifconfig eth0 down (Always replace eth0 with your version, for example en1ps101, or whatever Terminal says).
macchanger -r eth0 / macchanger -a eth0
iwconfig ath0 nickname "Donottrack" (for you an1ps10, or whatever Terminal tells you)
ifconfig eth0 up
Now comes the part where we start to download and configure some stuff. We'll talk about Firefox security settings, Brave security settings, VPNs, I2P (Private, Anonymous Network, Encrypted), Proxychains (It does what the Tor browser does, but differently), and more.
Open Firefox, and the first thing you need to do is go to Settings, and in the bottom left corner, "Add-ons". In the search box, type "ZenMate VPN". This is a VPN add-on. Use it now for all the tasks below. It is needed to do the "basic" configuration over the VPN for security.
Default search engine is DuckDuckGo, delete the rest from there. For camera, microphone, location, turn everything off and disable New Requests. Under Privacy and Security, change it to Strict. At the bottom, tick the "Send Website Do Not Track" checkbox, and then "All sites HTTPS mode" at the bottom. Never record any history. Look through all the sections in Settings and you will find these.
Then scroll to the bottom and select Network Settings. Change the Proxy to Manual and for HTTP Proxy, enter 127.0.0.1, Port: 4444, then select SOCKS5.
Then go to the nextdns page and go to the Browser section. nextdns.io
DNA In short - people access information through domain names. DNS translates domain names into IP addresses. Every device connected to the Internet has a unique IP address that other machines use to find it. Each device connected to the Internet has its own unique IP address. To increase security, it is a good idea to change your DNS address. To do this, I will give you a description of how to change the DNS address in your browser, your Linux system, your router.
You can Download Nextdns to your Linux from Nextdns site. Copy the command line from the Nextdns site and paste in the Terminal and follow the instructions. This is the first step to change your DNS in your System. You can change it your Router, see below, “Tips and Advice”, 14.
In the Firefox section, select the DNS address that NextDNS points to for Firefox and paste it into the Firefox network settings subsection. But before that, change the DNS to Manual and Custom. Then paste the DNS address.
A member wrote a series of CyberSecurity posts, look at that, and what's left out here, and what's in this post, do that, and what's left in there, and what's in this post, do that.
https://ancient-forums.com/viewtopic.php?f=3&t=43871&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
https://ancient-forums.com/viewtopic.php?f=3&t=44022&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
https://ancient-forums.com/viewtopic.php?f=3&t=44195&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
https://ancient-forums.com/viewtopic.php?f=3&t=44341&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
https://ancient-forums.com/viewtopic.php?f=3&t=44770&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
The add-ons I recommend and use for Firefox for both normal browsing and incognito browsing are NoScript, HTTPS Everywhere, ADBlocker Ultimate, UBlock Origin, Ghostery, ClearURL's, Cookie Auto-Delete, PrivacyBadger, DuckDuckGo (add-on), Disconnect, FoxyProxy Standard, Disable WebRTC. (WebRTC should be disabled because it can leak your real IP address, even if you use a VPN or proxy. This extension prevents this.
Open FoxyProxy Standard and go to the "Add" interface on the left. There, select HTTP Proxy on the right, then enter "127.0.0.1, localhost". Then save it, then in the top right corner where the extensions are listed, click on FoxyProxy, then 127.0.0.1 (it will be highlighted in green).
Once you've done everything, you're ready for the next step. Download the VPN you normally use. I recommend ProtonVPN, MullvadVPN and RiseupVPN. The first and third are free, so you can download them and sign up. Mullvad is also a neat and good VPN, you just have to pay for it. RiseupVPN is just download and use. It provides a bridge, just like Tor, so you can use RiseupVPN without your ISP knowing you're using a VPN. Otherwise, ProtonVPN and RiseupVPN are by far the most secure encrypted VPNs.
You can also use WindScribe VPN. From what I've looked at, you can configure a lot of things in it. By default it seems like a good VPN by itself, blocks WebRTC and a lot of malware and more. However, if you use the free version, you only have 10GB monthly limited. If that expires, you'll have to wait until next month.
However, it can be used on its own as it's in Firefox extensions, so you can use it alongside 1-2 VPNs on your system, just this one within Firefox.
I also recommend WireGuard. Below is a useful page on how to set it up to work properly.
On Linux downloads are done differently, there are instructions on what to do on the ProtonVPN and RiseupVPN pages. Select your system and the instructions will be there. Once installed, type VPN in the Linux menu search and you're done. In the case of Riseup, reboot your system and it will work.
Once you're connected to a VPN, you're ready for the next step. Download I2P. If you downloaded it from the I2P site (geti2p.net), then paste the name of the downloaded file into Terminal. I'll show you how - Once downloaded, Terminal: cd Downloads, ls, and there will be the name. In Terminal, type the filename after "java -jar". This will unpack the file.
This is an encrypted, anonymous network. After you install it, wait a few minutes, then launch it in Terminal. At the end of the installer you will see a message telling you which command to run. A small example - "home/yourusername/i2p/i2prouter start". Another - "i2prouter start". And to stop it - "home/your-username/i2p/i2prouter stop". Another one - "i2prouter stop".
Open your browser (Firefox or Brave), and type the next “command” in the search engine, top – 127.0.0.1:7657. Click next and next, and if you need, configure it. But I think it is good is default settings.
Start I2P on every boot, just in case.
You can use another, slightly different VPN provider, WireGuard. Read on to find out how it works. I've provided a link to help you configure it. WireGuard is a most Secure and Safe VPN, but you need the Terminal if you want to configure it.
WireGuard - https://www.the-digital-life.com/wireguard-installation-and-configuration/
Then install the Tor browser. You can easily download it from the Tor website and choose Linux. I'll give you a little help so you can do it from here. Once downloaded, open Terminal and type the following.
cd Downloads/
ls
tar -xvf tor-browser-linux64-11.0.11_en-US.tar.xz
Then go to Downloads and start it. You can also try that in Terminal:
cd Downloads/
cd tor-browser_en-US
./start-tor-browser.desktop
Then launch it, but before you click "connect", go to "Tor Settings". Then scroll down and set the bridge, in this case obfs4. The bridge does the job of hiding from your ISP that you are using Tor. That way, no one but you knows when you are using it.
Then set it up like Firefox. What I listed above for Firefox, set it up for the Tor browser. Do not add or delete anything except add-ons. The Tor browser defaults to two add-ons, NoScript and HTTPS Everywhere. Don't mess with these, leave them as they are. Set security to the highest, "Safest".
Then exit and download ProxyChains. Proxychains (like Tor) is an encrypted service that encrypts almost all traffic that passes through it. It goes from one IP address to another, similar to Tor. You can do this by doing the following. You can install it with or without the root user, but the following commands are root. As root, all you need to do is type sudo -i in Terminal and then enter your password.
So - apt-get install tor -y / If you're not doing it in root, then - sudo apt install tor -y
Then - apt-get install proxychains -y / If you are not rooting, then - sudo apt install proxychains -y (Sudo for short - superuser)
But do the next part in root - sudo -i and your password, and you’re the root.
Then - nano /etc/proxychains.conf - Here scroll down and take out the "#" in front of Dynamic Chain and scroll down and you will see one that says Strict Chain and put the "#" in front of it. Then scroll down to the bottom and under "socks4" type - socks5 127.0.0.1 9050, then CTRL + S (save, then CTRL + C (exit)).
Then try - "proxychains firefox" and it will start. It is advisable to reboot the system afterwards. Remember to change the Mac address and 802.11 "nickname" on every boot. You can see how it works in the Terminal. The main thing is that if you want to use it with an Application, you need to put "proxychains" in front of the Application. Another example for Brave Browser - proxychains brave-browser.
privacytools.io - On this page you will find countless other useful and helpful applications and programs, browse and select from them.
You can download Brave Browser even if you use multiple browsers. Brave gives detailed instructions on how to do this, so you just need to select and paste the commands into Terminal. Within the Brave - Under Security Settings - Fingerprint - Strict, Block Cookies - All, Block Script - Enabled. On nextdns.io, go to Browsers and look for Brave. What you type there is DNS, type it into your Brave browser. Look under Security Settings. Then select "Custom" DNS and paste what you see on the NextDNS page.
The Add-ons what I recommend to Brave – HTTPS Everywhere, NoScript, FoxyProxy Standard, Ublock Origin, ADBlocker Ultimate, DuckDuckGo (Add-on).
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
You can also use VeraCrypt for additional encryption, it can be useful. Read up on VeraCrypt if you need it. The idea is that you can create a virtual encrypted disk and store data on it.
If you want a bit more security, you can use VirtualBox. VirtualBox is a virtual computer running on a physical machine. You can specify how much storage space it should have, how much RAM it should use, and so on. You can install lots of systems here and try them out. You can also use Tails OS to increase security.
To summarise, once you have started the system
sudo -i
[Your password]
ifconfig eth0 down (Always replace eth0 with your version, for example en1ps101, or whatever Terminal says).
macchanger -r eth0 / macchanger -a eth0
iwconfig ath0 nickname "Donottrack" (for you an1ps10, or whatever Terminal tells you)
ifconfig eth0 up
Then
Start I2P (home/your username/i2p/i2prouter start / i2prouter start)
start RiseupVPN (just look for it in the applications, you don't need to use Terminal to start it)
Then start ProtonVPN (look for ProtonVPN in your applications, you don't need to use Terminal to start it).
This is good because by default you connect from one VPN IP address to another VPN IP address, and this is very good for security. Not incidentally, two VPNs running at the same time = enhanced security.
Another variation
Launch WireGuard (Launch it with the instructions and directions in the attached link).
Start RiseupVPN or ProtonVPN.
Start I2P (home/your username/i2p/i2prouter start / i2prouter start).
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
If you are doing everything through the Tor browser, so you are viewing the forums from there, do these settings I listed above. Even if Tor is secure, if you need more anonymity, do it. If you use Proxychains for browsing, do it. This should have been a Linux Advanced Information post. It's a bit long, but below are some important points to keep in mind for security.
The next part is the CyberSecurity on Android. (?) I may publish a cybersecurity post on Android later today. However - there are a lot of parts to go through and it's still a bit incomplete. The post itself is done, I just feel it's still incomplete.
But remember - the greatest security is always yourself. Never do anything stupid, otherwise the techniques mentioned above will not protect you.
Tips and advice
1. Always use I2P and some kind of VPN (WireGuard) for even the most traditional internet use, and use a secure browser (Firefox or Brave).
2. Choose the right provider for your email account - ProtonMail, MailFence, Tutanota, I2P Email or Riseup Mail. For Tor email - Mail2Tor, TorBox.
3. Use a secure cloud for documents, texts, reading material - Mega, IceDrive or ProtonDrive. For sharing, use Freenet or OnionShare on Tor. For Tor browser storage, use MEGATor.
4. Turn on the Firewall on your Linux system. In the search box, type "firewall", then type the password and turn it on.
5 For a calendar, use an encrypted application - ProtonCalendar, or Tutanota Email provider's Calendar.
6 If you absolutely must create a Facebook account, or any social networking account, do it through Tor, using a Tor email address (Mail2Tor/Torbox.) Never give your real birth year, name, age, identity - anything that is real.
7. Use different email addresses, usernames, passwords, ages everywhere.
8. If using a Laptop, cover the camera with a black/dark material.
9. If you use multiple forums for chatting, use a different text style, speech style, spelling in each forum - So communicate differently everywhere so they don't know who you are.
10. Don't really use profile pictures in other Forums.
11. Download all applications for Linux in English, and don't put the Tor browser on full screen, as this will give away your screen resolution.
12. Change the region and time zone of your Linux system as far away from you as possible. You can do this simply by typing Time into the Linux search engine.
13. Don't tell anyone what you are doing on Linux.
14. On the NextDNS page you will find an interface called "Routers". Here you will see two addresses, and you can paste them into the Advanced Internet Settings menu of your router. Click on the network and you'll see the Settings option. In the Ipv4 interface, enter the address of the NextDNS for the DNS servers, separated by commas, then save it. If your network supports Ipv6, it will there too. You can also do this on your phone - long tap Wifi, then "Advanced Settings", change the IP address to Static, then scroll down and paste the two DNS addresses, then save.
15. If your phone supports Ubuntu Touch, Kali Linux OS for phone, then download it and do the above there too. Ubuntu Touch is basically a Linux system on phone and Kali Linux OS is same. If it doesn't support it, you can try CalyxOS or LineageOS. If they don't either, then try rooting your phone and when done, disable all google/facebook apps and replace all default apps (phone, messages) with other ones. CyberSecurity part 5 (if I remember correctly) has more detailed instructions on this. Use F-Droid to download apps and always have VPN turned on.
16. If you pay by credit card over the internet, look for an app that helps with encryption.
17. Change your wifi password. Make it hard and long, and only you know it. Also change the name of your wifi to something short, like - misbfhs.
18. Always stay logical and never be reckless. Always think rationally and never let anything influence you.
Here is the Offline, PDF File - https://mega.nz/folder/N8dgWLgB#eoF8_ARlenx-upSVrm5abQ
BrightSpace666
If you follow these, you can achieve an "above average" level of security. Remember there is never 100% security, it would require someone not using the internet, computers etc. I hope I have been able to help you with this.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Cyber Security is important in many ways, especially for an SS. As safe as you are spiritually, you need to be safe online.
I won't go into why Cyber Security is important. Spiritual warfare, browsing forums, and the list goes on. All of these require programs and systems on which you can perform these core tasks, and all with adequate security.
About Linux in brief - Linux is a completely open source operating system, with many default security settings. These settings vary from Linux distribution to Linux distribution, but all systems have "default" security settings.
On Linux (unlike Windows), programs do not run with administrator privileges. On Windows everything runs with this privilege, which is not at all secure from a Cyber Security point of view. Lots of updates, data sending, viruses - all serious problems.
On Linux, if you happen to come across a virus and it downloads in the background, it doesn't run on the system. You have to boot to it, since it don't have administrator privileges, so it doesn't bother you in almost any way. This is not the case on Windows, which is why most viruses are on Windows systems.
Linux has many versions, so anyone who wants to switch has a huge choice.
Linux beginners can start with Ubuntu or even Linux Mint. These systems include word processors by default, just a more secure version of them. LibreOffice, LibreOffice Writer, Draw, etc. There are also numerous security updates, and security improves with each update.
There are also many updates on Linux, but these are mostly Kernel and security updates.
When installing Linux, the first step when you are at the installer is to select "Encrypt entire disk" and "Encrypt my folders". This is the first security step. In the following sections we will talk about the Terminal, so pay close attention to every detail.
Choose a strong password and a security key to access the system. You will need to enter two passwords after each boot - the security key and the user password. Also write down the security key on a piece of paper so that you don't lose it.
Everything will be explained and justified.
The first thing you need to do in your newly installed system is to open Terminal. (this is a panel window where you can type commands. You will do pretty much everything through the Terminal - downloading, installing, unpacking programs, etc).
You need to give yourself root privileges with the following command - "sudo -i". Enter the password of your computer here and you are root.
Type the following command to find the interface name using the following command - "ifconfig". The very first name it gives you is the name you should use. On Kali Linux, the interface name is eth0, but on other systems it's enp0s10, en1ps03, etc. Find this and select it. Next to it will be listed BROADCAST, MULTICAST, so you can easily find it.
I'll use Kali Linux commands in the following sections, but always use your own or it won't work. So always type your own interface name, for example en1p0s3, etc.
The first command is to disconnect from the Internet (only for a while, of course, and only on the computer) - on Kali Linux this is "ifconfig eth0 down". On your system, this should look like this if you're not using Kali - "ifconfig enp1s01 down", "ifconfig en1ps03 down", or whatever the Terminal says on the network.
This will disconnect you from the internet and you can continue. This is necessary so that when you reset the network, it will be with the new settings.
MAC address - A mac address is an abbreviation for the physical location of your computer and makes it easier to determine where you are. If they also know your IP address, that's even worse. This is not good and we will change it. "ifconfig eth0 hw ether de:ed:fe:ef:f0:0e" (Always use your own netname, e.g. enp1s023, etc.) This will change the MAC address.
You can also use the "macchanger" command to change the Mac address, but this must be downloaded. "sudo apt install macchanger -y", or if you are root, "apt-get install macchanger -y". (The "-y" means yes, you need to go further in the installer to download the program.)
When you're done, "macchanger -r eth0" (the "r" is short for Random Mac Address) and it will print out your current MAC address, then the new one. You can also change the MAC Address vendor by typing - macchanger -a eth0 (remember, always replace "eth0" with your own, such as en1ps03, or whatever Terminal says. So, what we have done so far on the completely New, Encrypted system:
sudo -i (for root) - "ifconfig eth0 down", ifconfig eth0 hw ether de:ed:fe:ef:f0:0e / macchanger -r eth0 (both change the MAC address, choose one, but using both together is fine). The next parts will be more complicated commands, but since they are, just copy and paste them into Terminal. These commands all work, regardless of the Linux system.
You can change the 802.11 "nickname" by doing the following. This 802.11 "nickname" means that it sends your Hostname to the AP. So change this so that you don't have a problem with it.
"iwconfig ath0 nickname "It is good"?" is an example, you can type a meaningless "nickname" here.
You can also check what options are available for a particular program, such as macchanger - macchanger -h (the "-h" indicates you're asking for help). Or another - ifconfig -h.
Type the following into Terminal as root - nano /etc/resolv.conf. Then scroll down and change "Nameserver" to the following - nameserver 127.0.0.1.
Next to the commands you will find an explanation of what each command ideally does. These commands are particularly useful in CyberSecurity, so their use is recommended. I should say that these commands (802, SSH, Nickname) come from the Deep Web, but I'll explain why they are useful. If you know anything about IT, you should know what these commands are for, so don't worry. On the other hand, Deep Web users are specifically focused on anonymous Interneting, and often help others to do so.
You should always run these commands in root mode, so "sudo -i" before each command and you're good to go.
Also, change the hostname of your system using "sudo hostnamectl set-hostname linuxconfig", then type "hostname". Here you can see that you have changed it. Also change the short name of your hostname and the "Alias" - hostname -a "Linux", then hostname -s "LX". This changes the "short" name of your Linux system and the "Alias" name.
Ident - in short ident is the TCP identification service. It allows a remote host to determine the local username associated with any TCP connection to that remote host. This is bad in case your computer's username might give away your real name. Be sure to do this with the following.
iptables -A INPUT -p tcp --dport ident -j DROP
That's it, we're ready for the next one.
Next is SSH. This can also be used for fingerprinting. It connects to port 22 of your IP to check if you are using the same machine as another IP you used before, either at your ISP or over a VPN. You need to change this, which you can do with the following commands. There will be 3 commands, all three will prompt you for a name and password, but just press enter. Don't type anything, just type enter. If you do want to do it, type a different username and password for each of the three. But I don't think that's necessary.
ssh-keygen -t rsa -f ssh_host_key.pub
ssh-keygen -t rsa -f ssh_host_rsa_key.pub
ssh-keygen -t dsa -f ssh_host_dsa_key.pub
Now comes the part where you can connect to the internet, "ifconfig eth0 up" (for you, if you're not using Kali Linux, "ifconfig en1ps03 up", or whatever Terminal says.)
Don't forget to use the "macchanger" command, and change the 802.11 "nickname" each time you boot, as it is only valid as long as the computer is on.
So
sudo -i
[Your password]
ifconfig eth0 down (Always replace eth0 with your version, for example en1ps101, or whatever Terminal says).
macchanger -r eth0 / macchanger -a eth0
iwconfig ath0 nickname "Donottrack" (for you an1ps10, or whatever Terminal tells you)
ifconfig eth0 up
Now comes the part where we start to download and configure some stuff. We'll talk about Firefox security settings, Brave security settings, VPNs, I2P (Private, Anonymous Network, Encrypted), Proxychains (It does what the Tor browser does, but differently), and more.
Open Firefox, and the first thing you need to do is go to Settings, and in the bottom left corner, "Add-ons". In the search box, type "ZenMate VPN". This is a VPN add-on. Use it now for all the tasks below. It is needed to do the "basic" configuration over the VPN for security.
Default search engine is DuckDuckGo, delete the rest from there. For camera, microphone, location, turn everything off and disable New Requests. Under Privacy and Security, change it to Strict. At the bottom, tick the "Send Website Do Not Track" checkbox, and then "All sites HTTPS mode" at the bottom. Never record any history. Look through all the sections in Settings and you will find these.
Then scroll to the bottom and select Network Settings. Change the Proxy to Manual and for HTTP Proxy, enter 127.0.0.1, Port: 4444, then select SOCKS5.
Then go to the nextdns page and go to the Browser section. nextdns.io
DNA In short - people access information through domain names. DNS translates domain names into IP addresses. Every device connected to the Internet has a unique IP address that other machines use to find it. Each device connected to the Internet has its own unique IP address. To increase security, it is a good idea to change your DNS address. To do this, I will give you a description of how to change the DNS address in your browser, your Linux system, your router.
You can Download Nextdns to your Linux from Nextdns site. Copy the command line from the Nextdns site and paste in the Terminal and follow the instructions. This is the first step to change your DNS in your System. You can change it your Router, see below, “Tips and Advice”, 14.
In the Firefox section, select the DNS address that NextDNS points to for Firefox and paste it into the Firefox network settings subsection. But before that, change the DNS to Manual and Custom. Then paste the DNS address.
A member wrote a series of CyberSecurity posts, look at that, and what's left out here, and what's in this post, do that, and what's left in there, and what's in this post, do that.
https://ancient-forums.com/viewtopic.php?f=3&t=43871&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
https://ancient-forums.com/viewtopic.php?f=3&t=44022&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
https://ancient-forums.com/viewtopic.php?f=3&t=44195&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
https://ancient-forums.com/viewtopic.php?f=3&t=44341&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
https://ancient-forums.com/viewtopic.php?f=3&t=44770&hilit=Cybersecurity&sid=e583d7ad0891b05d7622f53bfc268e16
The add-ons I recommend and use for Firefox for both normal browsing and incognito browsing are NoScript, HTTPS Everywhere, ADBlocker Ultimate, UBlock Origin, Ghostery, ClearURL's, Cookie Auto-Delete, PrivacyBadger, DuckDuckGo (add-on), Disconnect, FoxyProxy Standard, Disable WebRTC. (WebRTC should be disabled because it can leak your real IP address, even if you use a VPN or proxy. This extension prevents this.
Open FoxyProxy Standard and go to the "Add" interface on the left. There, select HTTP Proxy on the right, then enter "127.0.0.1, localhost". Then save it, then in the top right corner where the extensions are listed, click on FoxyProxy, then 127.0.0.1 (it will be highlighted in green).
Once you've done everything, you're ready for the next step. Download the VPN you normally use. I recommend ProtonVPN, MullvadVPN and RiseupVPN. The first and third are free, so you can download them and sign up. Mullvad is also a neat and good VPN, you just have to pay for it. RiseupVPN is just download and use. It provides a bridge, just like Tor, so you can use RiseupVPN without your ISP knowing you're using a VPN. Otherwise, ProtonVPN and RiseupVPN are by far the most secure encrypted VPNs.
You can also use WindScribe VPN. From what I've looked at, you can configure a lot of things in it. By default it seems like a good VPN by itself, blocks WebRTC and a lot of malware and more. However, if you use the free version, you only have 10GB monthly limited. If that expires, you'll have to wait until next month.
However, it can be used on its own as it's in Firefox extensions, so you can use it alongside 1-2 VPNs on your system, just this one within Firefox.
I also recommend WireGuard. Below is a useful page on how to set it up to work properly.
On Linux downloads are done differently, there are instructions on what to do on the ProtonVPN and RiseupVPN pages. Select your system and the instructions will be there. Once installed, type VPN in the Linux menu search and you're done. In the case of Riseup, reboot your system and it will work.
Once you're connected to a VPN, you're ready for the next step. Download I2P. If you downloaded it from the I2P site (geti2p.net), then paste the name of the downloaded file into Terminal. I'll show you how - Once downloaded, Terminal: cd Downloads, ls, and there will be the name. In Terminal, type the filename after "java -jar". This will unpack the file.
This is an encrypted, anonymous network. After you install it, wait a few minutes, then launch it in Terminal. At the end of the installer you will see a message telling you which command to run. A small example - "home/yourusername/i2p/i2prouter start". Another - "i2prouter start". And to stop it - "home/your-username/i2p/i2prouter stop". Another one - "i2prouter stop".
Open your browser (Firefox or Brave), and type the next “command” in the search engine, top – 127.0.0.1:7657. Click next and next, and if you need, configure it. But I think it is good is default settings.
Start I2P on every boot, just in case.
You can use another, slightly different VPN provider, WireGuard. Read on to find out how it works. I've provided a link to help you configure it. WireGuard is a most Secure and Safe VPN, but you need the Terminal if you want to configure it.
WireGuard - https://www.the-digital-life.com/wireguard-installation-and-configuration/
Then install the Tor browser. You can easily download it from the Tor website and choose Linux. I'll give you a little help so you can do it from here. Once downloaded, open Terminal and type the following.
cd Downloads/
ls
tar -xvf tor-browser-linux64-11.0.11_en-US.tar.xz
Then go to Downloads and start it. You can also try that in Terminal:
cd Downloads/
cd tor-browser_en-US
./start-tor-browser.desktop
Then launch it, but before you click "connect", go to "Tor Settings". Then scroll down and set the bridge, in this case obfs4. The bridge does the job of hiding from your ISP that you are using Tor. That way, no one but you knows when you are using it.
Then set it up like Firefox. What I listed above for Firefox, set it up for the Tor browser. Do not add or delete anything except add-ons. The Tor browser defaults to two add-ons, NoScript and HTTPS Everywhere. Don't mess with these, leave them as they are. Set security to the highest, "Safest".
Then exit and download ProxyChains. Proxychains (like Tor) is an encrypted service that encrypts almost all traffic that passes through it. It goes from one IP address to another, similar to Tor. You can do this by doing the following. You can install it with or without the root user, but the following commands are root. As root, all you need to do is type sudo -i in Terminal and then enter your password.
So - apt-get install tor -y / If you're not doing it in root, then - sudo apt install tor -y
Then - apt-get install proxychains -y / If you are not rooting, then - sudo apt install proxychains -y (Sudo for short - superuser)
But do the next part in root - sudo -i and your password, and you’re the root.
Then - nano /etc/proxychains.conf - Here scroll down and take out the "#" in front of Dynamic Chain and scroll down and you will see one that says Strict Chain and put the "#" in front of it. Then scroll down to the bottom and under "socks4" type - socks5 127.0.0.1 9050, then CTRL + S (save, then CTRL + C (exit)).
Then try - "proxychains firefox" and it will start. It is advisable to reboot the system afterwards. Remember to change the Mac address and 802.11 "nickname" on every boot. You can see how it works in the Terminal. The main thing is that if you want to use it with an Application, you need to put "proxychains" in front of the Application. Another example for Brave Browser - proxychains brave-browser.
privacytools.io - On this page you will find countless other useful and helpful applications and programs, browse and select from them.
You can download Brave Browser even if you use multiple browsers. Brave gives detailed instructions on how to do this, so you just need to select and paste the commands into Terminal. Within the Brave - Under Security Settings - Fingerprint - Strict, Block Cookies - All, Block Script - Enabled. On nextdns.io, go to Browsers and look for Brave. What you type there is DNS, type it into your Brave browser. Look under Security Settings. Then select "Custom" DNS and paste what you see on the NextDNS page.
The Add-ons what I recommend to Brave – HTTPS Everywhere, NoScript, FoxyProxy Standard, Ublock Origin, ADBlocker Ultimate, DuckDuckGo (Add-on).
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
You can also use VeraCrypt for additional encryption, it can be useful. Read up on VeraCrypt if you need it. The idea is that you can create a virtual encrypted disk and store data on it.
If you want a bit more security, you can use VirtualBox. VirtualBox is a virtual computer running on a physical machine. You can specify how much storage space it should have, how much RAM it should use, and so on. You can install lots of systems here and try them out. You can also use Tails OS to increase security.
To summarise, once you have started the system
sudo -i
[Your password]
ifconfig eth0 down (Always replace eth0 with your version, for example en1ps101, or whatever Terminal says).
macchanger -r eth0 / macchanger -a eth0
iwconfig ath0 nickname "Donottrack" (for you an1ps10, or whatever Terminal tells you)
ifconfig eth0 up
Then
Start I2P (home/your username/i2p/i2prouter start / i2prouter start)
start RiseupVPN (just look for it in the applications, you don't need to use Terminal to start it)
Then start ProtonVPN (look for ProtonVPN in your applications, you don't need to use Terminal to start it).
This is good because by default you connect from one VPN IP address to another VPN IP address, and this is very good for security. Not incidentally, two VPNs running at the same time = enhanced security.
Another variation
Launch WireGuard (Launch it with the instructions and directions in the attached link).
Start RiseupVPN or ProtonVPN.
Start I2P (home/your username/i2p/i2prouter start / i2prouter start).
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
If you are doing everything through the Tor browser, so you are viewing the forums from there, do these settings I listed above. Even if Tor is secure, if you need more anonymity, do it. If you use Proxychains for browsing, do it. This should have been a Linux Advanced Information post. It's a bit long, but below are some important points to keep in mind for security.
The next part is the CyberSecurity on Android. (?) I may publish a cybersecurity post on Android later today. However - there are a lot of parts to go through and it's still a bit incomplete. The post itself is done, I just feel it's still incomplete.
But remember - the greatest security is always yourself. Never do anything stupid, otherwise the techniques mentioned above will not protect you.
Tips and advice
1. Always use I2P and some kind of VPN (WireGuard) for even the most traditional internet use, and use a secure browser (Firefox or Brave).
2. Choose the right provider for your email account - ProtonMail, MailFence, Tutanota, I2P Email or Riseup Mail. For Tor email - Mail2Tor, TorBox.
3. Use a secure cloud for documents, texts, reading material - Mega, IceDrive or ProtonDrive. For sharing, use Freenet or OnionShare on Tor. For Tor browser storage, use MEGATor.
4. Turn on the Firewall on your Linux system. In the search box, type "firewall", then type the password and turn it on.
5 For a calendar, use an encrypted application - ProtonCalendar, or Tutanota Email provider's Calendar.
6 If you absolutely must create a Facebook account, or any social networking account, do it through Tor, using a Tor email address (Mail2Tor/Torbox.) Never give your real birth year, name, age, identity - anything that is real.
7. Use different email addresses, usernames, passwords, ages everywhere.
8. If using a Laptop, cover the camera with a black/dark material.
9. If you use multiple forums for chatting, use a different text style, speech style, spelling in each forum - So communicate differently everywhere so they don't know who you are.
10. Don't really use profile pictures in other Forums.
11. Download all applications for Linux in English, and don't put the Tor browser on full screen, as this will give away your screen resolution.
12. Change the region and time zone of your Linux system as far away from you as possible. You can do this simply by typing Time into the Linux search engine.
13. Don't tell anyone what you are doing on Linux.
14. On the NextDNS page you will find an interface called "Routers". Here you will see two addresses, and you can paste them into the Advanced Internet Settings menu of your router. Click on the network and you'll see the Settings option. In the Ipv4 interface, enter the address of the NextDNS for the DNS servers, separated by commas, then save it. If your network supports Ipv6, it will there too. You can also do this on your phone - long tap Wifi, then "Advanced Settings", change the IP address to Static, then scroll down and paste the two DNS addresses, then save.
15. If your phone supports Ubuntu Touch, Kali Linux OS for phone, then download it and do the above there too. Ubuntu Touch is basically a Linux system on phone and Kali Linux OS is same. If it doesn't support it, you can try CalyxOS or LineageOS. If they don't either, then try rooting your phone and when done, disable all google/facebook apps and replace all default apps (phone, messages) with other ones. CyberSecurity part 5 (if I remember correctly) has more detailed instructions on this. Use F-Droid to download apps and always have VPN turned on.
16. If you pay by credit card over the internet, look for an app that helps with encryption.
17. Change your wifi password. Make it hard and long, and only you know it. Also change the name of your wifi to something short, like - misbfhs.
18. Always stay logical and never be reckless. Always think rationally and never let anything influence you.
Here is the Offline, PDF File - https://mega.nz/folder/N8dgWLgB#eoF8_ARlenx-upSVrm5abQ
BrightSpace666