Stalker & Privacy

VPNs merely move the [problem around, they don;t really solve much in /this/ case unless maybe you know your local ISP is snooping and you know that a particular remote ISP is not then it would work. But as soon as you come out of VPN you still need to get to where you wanted to go in the first place and you can be snooped from the VPN endpoint to your final destination.

Of course if more websites would use shttp then this wouldn't be a problem. Everything would be secure from your computer to the website. Nothing in the middle can spy on you. You still have to worry about key loggers and security on the host end but the middle would be secrure at least...

uhm you do realize that even if you use different DNS servers, your service provider still knows the source and destination -unless- it's all neatly encapsulated inside a VPN tunnel (including lookup).
Unless of course, for the purposes of brevity, you didnt mention that in detail and you already have that setup...

(i'm just pedantic when it comes to these things...)

thank you - i take my pedanticness as a blessing and not a curse :)

so bear with me while i go into annoying detail here again...the red X in the network and sharing section doesnt really mean anything from a security perspective.

all it does mean, as far as i know is:

- your computer is connected to a network that has its network location set as 'public'
or if not public,
- the link layer topology discovery (LLTD) protocol is disabled
- network discovery is not running
- the device between you and your demarc / provider device is not running /doesnt support LLTD

I'm sensing a lot of paranoia about the government, and business here from a lot of people no offense to anyone. Logically speaking here why, would your ISP give a crap about what you are doing online? Or the NSA/FBI for that matter unless you were seriously doing something seriously illegal?

If you're doing something seriously illegal the FBI could get a warrant and see what sites you are visiting, otherwise out of all the billions of people online why would they care what you are doing as long as it's not illegal? What a waste of time and how extremely boring. Would you like to know what sites your friends are all visiting most the time? I think I would be bored to tears or grossed out by the adult sites lol.

I would be much more concerned about HACKERS, and MALWARE that DO want to know what you are doing online for the good old fashioned reason of $$$. There are sites out there you could simply just visit which would exploit your computer and give a hacker or hackers complete command line access to your computer,

at which point they could read your documents, and depending on permissions and root shells, remove you as a user, add themselves, activate remote desktop, and steal your files and Install a backdoor for permanent access, how about that Great right?

Why do they do this you ask? They want to drain your bank account, and they want your computer; they then use your computer as a zombie to carry on further attacks. This happens all the time so don't think it can't happen to you, and I fix computer riddled with malware and hackers all the time ouch!.

To keep security breaches from happening of course requires a lot of knowledge, layers of security, and the principal of least privileges etc. That is don't allow users or even yourself to have MORE PRIVILEGES than you need to carry out what you want to do when you log on; like browse the web.

• The First and most important Thing to do if haven't is create a limited user account, if you're currently logging in as administrator (most people are) and you are browsing the web to unfamiliar sites in the administrator account you are asking for trouble, because things like spyware can install with administrator privileges into the root of the system way easier than if you weren't using an admin account. In the control panel you can add a limited user; quickly switch users from the start menu to the limited user account if you want to just BROWSE THE WEB!

• Get A Sandbox, I can't emphasize this enough. A free and easy one I recommend to all my clients is sandboxie
  Sandboxie - Sandbox software for application isolation and secure Web browsing

A Sandbox isolates things from writing to the computer, so if you do get a virus,trojan,rootkit, or run into an exploited web page online it can't generally EVER get out of the sandbox and you can simply remove the contents from the sandbox anytime.

• Get good malware protection with a firewall (duhh) right! lol

If you don't have good malware protection use commodo free edition it's FREE and really good stuff the premium is FREEEE! Make sure you download the internet security version though!
Free Download - The Best Firewall Protection and Anti-Virus Scan Software from Comodo


When I browse the net to unfamiliar sites or the dark corners of the net, I always use the least privileged account, WITH SANDBOXIE, and guess what? I haven't got a single byte of malware successfully installed in my system yet !!! I'm just magic!

Using the above security systems will seriously save you from being spied on by hackers and save you a lot of headaches and potential identity theft, or money being stolen from you.

Peace - I know this was long but I hope this helps. Also I you really want a VPN get that too. Also be sure to watch this video below. This guy talks about the current dangers in rootkits and also how using the operating system features are your best bet; think user accounts and permissions again.

Michael Davis Is Right ON:
YouTube - What are Malware and Rootkits? From Michael Davis, author of Hacking Exposed Malware & Rootkits

Joules said:

Hi adn258 you absolutely right about people being paranoid, I don't care about those organizations cause I have illegal going on but I still like my privacy everyone should, I don't think it's anyone's concern what sites I visit or anything else. On the other hand malaware and viruses are the biggest threat and sanboxie is a wonderful tool to use I use it too and nothing ever gets through and I scan with 3 different malaware scanners, Emsisoft, malewarebytes, outpost outpost security suite is my firewall I use...Thanks for your input much appreciated!!

Thank You as well I will say that emsissoft is great for removing malware as is malwarebytes. That is great you use sandboxie that eliminates most the headaches right off the bat lol from what we call drive by infections which you can get just visiting a site. Since this seems to be of interest to people these days though i.e. information and computer security (fascinating stuff) I will tell you a couple other things.

While sandboxie which is essentially a small form of easy to use virtualization, WORKS WELL, they have their Achilles heel which you should be aware of.

• They keep most malware from PERMANENTLY infecting your system but they don't stop malware from DOWNLOADING and viewing your files. Plainly speaking say you run into an exploit online; a java exploit which runs up some shellcode bam an attacker may have command line access to your machine but it would be SANDBOXED as well.

So essentially he couldn't do anything permanently to your computer like write or delete files, however he could steal your information by viewing or uploading your files for instance if you have passwords on your computer lol.

This is why I recommend to my home clients to take those extra few seconds (super easy) and also log into a standard or guest account with sandboxie lol. Going back to the example again the exploit goes off BOOM!! They may have access to your computer but only as much access as you gave YOURSELF and if you are in a guest or limited account they couldn't do much. The remote command shell would be confined to only being able to explore the guest account where there aren't any personal documents or anything lol.

This is a POC example of why privileges are also majorly important in network security, because there are quick hackers, payloads, shells, and things you could run into with sandboxie that wouldn't keep the bad guys from stealing your stuff. This however leaves you with a manageable situation as permissions and restrictions can ALSO be set in sandboxie settings as well lol.

One other thing I recommend which takes a little study if you don't understand it, is encryption. Do yourself a favor if you haven't already and find a 20 digit password that nobody else could memorize but you and commit it to memory for serious stuff.

http://www.truecrypt.org


True Crypt which I posted a link too above is one sure way with long passwords of protection making sure any documents you want encrypted can never be seen by anyone except yourself or someone whom you want to have see it. It's a great piece to add to your privacy arsenal there with sandboxie as it's free and open source too. (talking about privacy). It uses good old fashioned 256 AES encryption and other algorithms which have NOT BEEN DEFEATED or beaten.

If you have doubt of this check out the article below which comes from TC site.

WebCite query result

Not even the FBI were able to crack Daniel Dantas's laptop whom used this form of encryption. I'm not promoting anything illegal I'm just showing you how to protect your files if you want to make sure they can't be hacked. This is also great if your computer is stolen. Anything that's encrypted with TC can be deleted but the thief whom stole your computer would never be able to see your personal FILES!! As far as Daniel Dantas's laptop goes he was spying on the U.S. , they still have has laptop after all these years...that is...with the files still encrypted which nobody can get too lol.

Another tool in your arsenal lol KeePass - Kee Pass is a password safe that 256 bit AES encrypts your passwords but stores them in an easy to use fashion. This keeps you from having to memorize all those passwords for web sites. You memorize one master password and you can open the safe with all your other passwords. You can copy your password from the safe and the temporary memory that copies your files is auto deleted in a few seconds.

Link to KeePass - Free Free Free

KeePass Password Safe





Austin
Computer Programmer
Computer Tec
Security/Auditing Professional
Loves To Talk About Computers
Willing to Talk About Anything Computer Related
Friend
Someone You Can Ask Anything


Peace

Hi again, ADN that very long info, anyway thx for sharing. Its cool. Im using Random password generator (RPG), i think it from Iobit. it has the same feature i think. But i didn't put any password in there. I keep in my book. Only use it to generate high-security password even i can't remember it . I lil bit scary though that if the small application as keepass or RPG or others has some kind build-in module could send out/steal all the data/pass. That would be horrible nightmare .

Question:
Is there any good tool for sniff some IP that flowing unwelcome in my pc?
A bonus if it can alert if there are unwanted IP slip in.

I've tried Comview.

Pckicker said:

Hi again, ADN that very long info, anyway thx for sharing. Its cool. Im using Random password generator (RPG), i think it from Iobit. it has the same feature i think. But i didn't put any password in there. I keep in my book. Only use it to generate high-security password even i can't remember it . I lil bit scary though that if the small application as keepass or RPG or others has some kind build-in module could send out/steal all the data/pass. That would be horrible nightmare .

Question:
Is there any good tool for sniff some IP that flowing unwelcome in my pc?
A bonus if it can alert if there are unwanted IP slip in.

I've tried Comview.

That's horribly unlikely lol. This is frightening for average computer users but since it's open source I can look at the source code myself. That's why I like open source. If you don't like corporations spying on you all I can say is two words "open source".

I could take the code from KeePass make sure it's clean and RE-COMPILE it from scratch. While most people wouldn't do this the general consensus is open source is clean. Firefox is open Source for instance; the odds of it containing malicious code is about zilch