Professional Documents
Culture Documents
The Ultimate Guide For Anonymous and Secure Internet Usage v1.0.1
The Ultimate Guide For Anonymous and Secure Internet Usage v1.0.1
This is a guide with which even a total noob can get high class security for his system and complete anonymity online. But its not only for noobs, it contains a lot of tips most people will find pretty helpfull. It is explained so detailed even the biggest noobs can do it^^ :
The Ultimate Guide for Anonymous and Secure Internet Usage v1.0.1
Table of Contents: 1. btaining Tor Browser !. "sing and Testing Tor Browser for the first time #. $ecuring %our &ard 'rive (. $etting up True)rypt, *ncrypted &idden +olumes ,. Testing True)rypt +olumes -. $ecuring your &ard 'is. /. Temporarily $ecuring %our 'is., $hredding 0ree $pace 1. Installing +irtualBox 2. Installing a 0irewall 13. 0irewall )onfiguration 11. Installing "buntu 1!. "buntu Initial $etup 1#. Installing 4uest 5dditions 1(. Installing I6) 7 ptional8 1,. Installing Torchat 7 ptional8 1-. )reating T 69 nly Internet *nvironment 1/. 4eneral 'aily "sage
By the time you are finished reading and implementing this guide, you will be able to securely and anonymously browse any website and to do so anonymously. :o one not even your I$; or a government agent will be able to see what you are doing online. If privacy and anonymity is important to you, then you owe it to yourself to follow the instructions that are presented here. In order to prepare this guide for you, I have used a computer that is running <indows +ista. This guide will wor. e=ually well for other versions of <indows. If you use a different operating system, you may need to have someone fluent in that operating system guide you through this process. &owever, most parts of the process are easily duplicated in other operating systems. I have written this guide to be as newbie friendly as possible. *very step is fully detailed and explained. I have tried to .eep instructions explicit as possible. This way, so long as you patiently follow each step, you will be >ust fine. In this guide from time to time you will be instructed to go to certain "6?s to download files. %ou do : T need T 6 to get these files, and using T 6 7while possible8 will ma.e these downloads very slow. This guide may appear overwhelming. *very single step is explained thoroughly and it is >ust a matter of following along until you are done. nce you are finished, you will have a very secure setup and it will be well worth the effort. *ven though the guide appears huge, this whole process should ta.e at the most a few hours. %ou can finish it in phases over the course of several days. It is highly recommended that you close @5??@ applications running on your computer before starting. : A $hare by Baster;irateC
green text, or something similar: D)ongratulations. %our browser is configured to use Tor.E :ow you can use this web browser the same as any other. %ou can go to any website you wish, and neither your I$; or anyone else will be able to see where you are going, or what you are doing. &owever, there are still issues that need to be resolved, so donFt begin browsing >ust yet. ************************************* ***** IMPORTANT SAFETY NOTE ***** ************************************* If you fill out a form containing your email address, your name, or any other sensitive information while using the T 6 browser, be aware that sometimes it is possible for an observer to see that information. <hen using T 6, use it to access websites and content that you are @not@ connected to via your real identity or any username or nic. name which lin.s to your real identity. ?et T 6 be for anonymous browsing solely. 'o your online ban.ing, or any other activities involving your real identity using your normal web browser. ************************************
The surest way to prevent content from writing to your $<5; space is to disable your $<5; space altogether. This may result in your computer running a bit slower than normal, and may mean that you cannot use ram intensive games and applications during the time your $<5; is disabled. Therefore, if you use this method, simply turn bac. on the $<5; when you want to use those ram intensive applications. 5lso, you may choose not to ta.e this step. 1 N &ere is how to disable your swap space if you are using <indows /: @@@ 5'+5:)*' I:$T6")TI :$ B*? <. $OI; T&I$ I0 % " 56* : +I)* 6 ":) B0 6T5B?* <IT& T&I$ ;*65TI : @@@ @This step is recommended for advanced users only. If you are not comfortable doing this, you may safely s.ip this step.@ Instructions are less verbose than usual, as these steps are intended for advanced users only. If you do not fully understand these instructions, s.ip this step. 1. !. #. (. ,. -. /. 0rom )ontrol ;anel, go to D$ystem and $ecurityE. )lic. on D$ystemE, and then choose D5dvanced system settingsE in the left9most menu. "nder the D5dvancedE tab, under D;erformanceE, clic. D$ettingsE. "nder this D5dvancedE tab, under D+irtual BemoryE, clic. D)hangeE. "nchec. D5utomatically manage paging file siMes for all drivesE. $elect D:o paging fileE. $ave, reboot, and follow these same first , steps to confirm that D:o paging fileE is still selected. This means that you have successfully disabled your swap. This means that @nothing@ from 65B will be inadvertently saved to your harddrive.
To resume using $<5; again, simply clic. D5utomatically manage paging file siMe for all drives.E %ou can switch between these two modes as you desire. 4enerally spea.ing, your computer will run fine without a swap file, provided you have enough 65B. @@@ *:' 0 5'+5:)*' I:$T6")TI :$ @@@ The next issue we need to address is how to prevent applications andGor your operating system from saving content inadvertently that you do not want saved. 0or this, we are going to set up a D+irtual BachineE. 5 D+irtual BachineE is li.e a computer inside of your computer. *verything you do inside the +irtual Bachine 7vm for short8 will be fully contained within itself and no one will be able to see what the vm has been doing. Ideally, you want @5??@ of your sensitive computer usage of any .ind, T 6 or : : T 6, to ta.e place within a vm. In this way, you can .eep everything private that you wish while still using your computer fully and getting the most out of it. 'onFt be afraid of this sounds complicated. This guide will ta.e you through every step slowly and methodically. Before we can set up a vm however, we need to ta.e another step.
#. The file will be called DTrue )rypt $etup /.3a.exeE or something similar. 6un this file. (. If prompted that a program needs your permission to continue, clic. D)ontinueE. ,. )hec. DI accept and agree to be bound by these license termsE -. )lic. D5cceptE /. *nsure that DInstallE is selected, and clic. D:extE 1. clic. DInstallE 2. %ou will see a dialog stating DTrue)rypt has been successfully installed.E )lic. D .E 13. )lic. D:oE when as.ed if you wish to view the tutorialGuserFs guide. 11. )lic. D0inishE 5t this point, True)rypt is now installed. :ow we will set up truecrypt so that we can begin using it to store sensitive information. 1. )lic. the D<indows ?ogoEGE$tartE button on the lower left corner of your screen. !. )lic. D5ll ;rogramsE #. )lic. DTrue)ryptE (. )lic. the DTrue)ryptE application 5nd now we can begin: 1. clic. the button D)reate +olumeE !. *nsuring that D)reate an encrypted file containerE is selected, clic. D:extE #. $elect D&idden True)rypt volumeE and clic. D:extE. (. *nsuring that D:ormal modeE is selected, clic. D:extE ,. )lic. on D$elect 0ileE :ote which directory you are in on your computer. ?oo. at the top of the dialog that has opened and you will see the path you are in, most li.ely the home directory for your username. 5n input box is provided with a flashing cursor as.ing you to type in a file name. &ere, you will type in the following filename: random.txt %ou may of course replace random.txt with anything you li.e. This file is going to be created and will be used to store many other files inside. 'o : T use a filename for a file that already exists. The idea here is that you are creating an entirely new file. It is also recommended though not re=uired that you DhideE this file somewhere less obvious. If it is in your home directory, then someone who has access to your computer may find it easier. %ou can also choose to put this file on any other media, it doesnFt have to be your hard dis.. %ou could for example save your truecrypt file to a usb flash drive, an sd card, or some other media. It is up to you. -. nce you have typed in the file name, clic. D$aveE /. Ba.e sure D:ever save historyE is chec.ed. 1. )lic. D:extE 2. n the D uter +olumeE screen, clic. D:extE again. 13. The default *ncryption 5lgorithm and &ash 5lgorithm are fine. )lic. D:extE 11. )hoose a file siMe. In order to benefit the most from this guide, you should have at least 13 gigabytes of free dis. space. If not, then it is worth it for you to purchase some form of media 7such as a removable harddrive, a large sd card, etc.8 in order to proceed. True)rypt can be used on all forms of digital media not >ust your hard dis.. If you choose to proceed without obtaining at least ten gigabytes of dis. space, then select a siMe that you are comfortable with 7such as 133 BB8. Ideally, you want to choose enough space to wor. with. I recommend !3 4B at least. 6emember that if you do need more space later, you can always create additional True)rypt volumes using exactly these same steps. 1!. :ow you are prompted for a password. T&I$ I$ +*6% IB; 6T5:T. 6*5' T&I$ )56*0"??% @@@ 6*5' T&I$ $*)TI : )56*0"??% @@@ @@@ The password you choose here is a decoy password. That means, this is the password you would give to someone under duress. $uppose that someone suspects @@@ that you were accessing sensitive information and they threaten to beat you or worse if you do not reveal the password. T&I$ is the password that you @@@ give to them. <hen you give someone
this password, it will be nearly impossible for them to prove that it is not the 6I4&T password. 0urther, they cannot @@@ even .now that there is a second password. &ere are some tips for your password: 5. )hoose a password you will :*+*6 forget. It may be ten years from now that you need it. Ba.e it simple, li.e your birthday repeated three times. B. Ba.e sure it seems reasonable, that it appears to be a real password. If the password is something stupid li.e D1!#Q then they may not believe you. ). 6emember that this is a password that you would give to someone if forced. It is @: T@ your actual password. '. 'o not ma.e this password too similar to what you plan to really use. %ou do not want someone to guess your main password from this one. 5nd with all of this in mind, choose your password. <hen you have typed it in twice, clic. D:extE. 1#. D?arge 0ilesE, here you are as.ed whether or not you plan to store files larger than ( 4I45B%T*$. )hoose D:oE and clic. D:extE 1(. D uter +olume 0ormatE, here you will notice some random numbers and letters next to where it says D6andom ;oolE. 4o ahead and move your mouse around for a bit. This will increase the randomness and give you better encryption. 5fter about ten seconds of this, clic. D0ormatE. 1,. 'epending on the file siMe you selected, it will ta.e some time to finish formatting. D<hat is happeningRE True)rypt is creating the file you as.ed it to, such as Drandom.txtE. It is building a file system contained entirely within that one file. This file system can be used to store files, directories, and more. 0urther, it is encrypting this file system in such a way that without the right password it will be impossible for anyone to access it. To @anyone@ other than you, this file will appear to be >ust a mess of random characters. :o one will even .now that it is a truecrypt volume. 1-. D uter +olume )ontentsE, clic. on the button called, D pen uter +olumeE 5n empty folder has opened up. This is empty because you have yet to put any files into your truecrypt volume. @@@ @@@ ' : T ;"T 5:% $*:$ITI+* ) :T*:T &*6* @@@ @@@ This is the D'ecoyE. This is what someone would see if you gave them the password you used in the previous step. This is : T where you are going to store your sensitive data. If you have been forced into a situation where you had to reveal your password to some individual, then that individual will see whatever is in this folder. %ou need to have data in this folder that appears to be sensitive enough to be protected by truecrypt in order to fool them. &ere are some important tips to .eep in mind: 5. 'o : T use porn. 5dult models can sometimes appear to be underaged, and this can cause you to incriminate yourself unintentionally. B. 'o : T use drawingsGrenderings Gwritings of porn. In many >urisdictions, these are >ust as illegal as photographs. ). 4ood choices for what to put here include: bac.ups of documents, emails, financial documents, etc. '. nce you have placed files into this folder, @:*+*6@ place any more files in the future. 'oing so may damage your hidden content. 4enerally, you want to store innocent data where some individual loo.ing at it would find no cause against you, and yet at the same time they would understand why you used True)rypt to secure that data. :ow, go ahead and find files and store them in this folder. Be sure that you leave at least ten gigabytes free. The more the better. <hen you are all done copying files into this folder, close the folder by clic.ing the DxE in the top right corner. 1/. clic. D:extE 11. If prompted that D5 program needs your permission to continueE, clic. D)ontinueE 12. D&idden +olumeE, clic. D:extE !3. The default encryption and hash algorithms are fine, clic. D:extE !1. D&idden +olume $iMeE, the maximum available space is indicated in bold below the text box. 6ound down to the nearest full unit. 0or example, if 12.2/ 4B is available, select 12 4B. If 1!.3 4B are available, select 11 4B. !!. If a warning dialog comes up, as.ing D5re you sure you wish to continueE, select D%esE !#. D&idden +olume ;asswordE @@@ IB; 6T5:T 6*5' T&I$ @@@
&ere you are going to select the 6*5? password. This is the password you will :*+*6 reveal to 5:% :* else under any circumstances. nly you will .now it. :o one will be able to figure it out or even .now that there is a second password. Be aware that an individual intent on obtaining your sensitive information may lie to you and claim to be able to figure this out. They cannot. It is &I4&?% recommended that you choose a -( character password here. If it is difficult to remember a -( character password, choose an 1 character password and simply repeat it 1 times. 5 date naturally has exactly 1 numbers, and a significant date in your life repeated 1 times would do >ust fine. !(. Type in your password twice, and clic. D:extE !,. D?arge 0ilesE, select D%esE and clic. D:extE. !-. D&idden +olume 0ormatE, as before move your mouse around for about ten seconds randomly, and tehn clic. D0ormatE. !/. If prompted D5 program needs your permission to continueE, select D)ontinueE !1. 5 dialog will come up telling you that the hidden True)rypt volume has been successfully created. )lic. D .E !2. )lic. D*xitE )ongratulationsL %ou have >ust set up an encrypted file container on your hard drive. 5nything you store here will be inaccessible to anyone except you. 0urther, you have protected this content with T< passwords. ne that you will give to someone under threat, and one that only you will .now. Oeep your real password well protected and never write it down or give it to anyone else for any reason. :ow, we should test B T& passwords.
entirely new dis. drive on your computer. %ou can use this dis. drive >ust as if it @was@ actually a usb flash drive. %ou can copy files to it, directories, and use it >ust as you would use a usb flash drive. <hen you are done, simply close all open windowsGfoldersGapplications that are using your truecrypt drive letter, and then clic. D'ismountE from within True)rypt while you have the drive letter highlighted. This will once again hide all of this data, accessible only by re9mounting it with the correct password. @@@ +*6% IB; 6T5:T $50*T% I:0 6B5TI : @@@ <hen a true crypt hidden volume is mounted, someone who has access to your computer can access anything that is inside that hidden volume. If for example you left your computer running while a truecrypt volume was mounted, then if someone gained access to your computer they would be able to see everything you have in that volume. Therefore: @@@ 5?<5%$ 6*B*BB*6 T 'I$B ":T 5:% T6"*)6%;T + ?"B* ) :T5I:I:4 5:% $*:$ITI+* I:0 6B5TI : <&*: % " 56* : T "$I:4 % "6 ) B;"T*6 @@@ %ou can tell that it is dismounted because the drive letter inside of DTrue)ryptESs control panel will appear the same as all of the other drive letters, with no information to the right of the drive letter. %ou should practice Bounting and 'ismounting a few times with both passwords to ma.e sure you understand this process. nce you have copied filesGfolders into the hidden volume, do @: T@ touch the files or folders in the outer volume anymore. 6emember that both volumes occupy the same single file, and therefore changing the outer volume can damage the hidden volume. nce you have copied filesGfolders into the outer volume during the installation process, that is the last time you should do so. 0rom that point forward, use :?% the hidden volume. The outer volume exists only as a decoy if you need it.
anywhere. This way you still have 5?? of your data and you have lost nothing. 5 good analogy is toxic waste. %ou donFt .now which barrel might contain the toxic waste, so you treat @5??@ the barrels as potentially toxic. This is the surest way you can protect yourself. %ou might be saying, DI have family photos, music, movies that I would have to move to the hidden volume.E That is perfectly fine. 6emember that you can access that hidden volume >ust as if it was a drive letter. In fact, ideally, @5??@ of the content on your computer 7assuming you value your privacy8 should be protected anyways. %ou lose nothing by securing all of that data. -. nce you have copied everything you intend to copy. dismount your hidden volume, reboot your computer, and re9 mount your hidden volume to ma.e sure everything is there. /. :ow it is time to re9format your entire hard drive. 6e9install your operating system of choice 7such as <indows /8, and start with a clean slate. 1. nce you have reinstalled your operating system from scratch, follow sections one through five of this guide to reach this point, and then proceed.
This will ta.e some time to finish. nce you have finished shredding your free dis. space, it will be impossible or nearly impossible for someone to find one of your deleted files and piece it bac. together to see what it once was. &owever, this is : T enough. Oeep in mind that there may still be records of the filenames that were deleted, partial data from those files, image thumbnails, and more that may be enough to incriminate you. This is only a temporary step you have ta.en, and you absolutely must ta.e the actions in step - above in order to be truly safe.
3. Installing -irtual"o4
5nd now we get to the fun part. <e are going to create a secure environment for you to browse the internet and communicate in a way that is totally anonymous and untraceable. %ou will have a setup that is so secure as to be virtually impossible to brea.. 1. 0irst, go to the following "6?: http:GGwww.virtualbox.org !. $elect D'ownloadsE in the menu on the left. #. "nder D+irtualBox platform pac.agesE is D+irtualBox (.3.( for <indows &ostsE, next to that is Dx1-Gamd-(Q. )lic. that. (. $ave the file. It should be titled similar to: D+irtualBox9(.3.(9/3119<in.exe ,. 6un the file. -. D<elcome to the racle +BH $etup <iMardE, )lic. D:extE /. clic. D:extE 1. )lic. D:extE 2. D<arning: :etwor. InterfacesE, clic. D%esE but be aware that your internet connection will be temporarily reset for a few seconds. 13. )lic. DInstallE 11. 5 dialog saying D5 program needs your permission to continueE may appear, clic. D)ontinueE. 1!. ne or more dialogs as.ing if you want to install Ddevice softwareE may come up, select DInstallE each time. 1#. ptionally chec. the box D5lways trust software from racle )orporation.E 1(. D racle +BH installation is completeE, )lic. D0inishE ensuring that D$tart racle +B after installationE is chec.ed. :ow we have the software we need in order to set up and run virtual machines. n your tas. bar to the far right, you should notice +irtualBox running. )lic. on the D+irtualBoxE icon if needed in order to bring the +irtualBox control panel into view. :ow it is time to set up a virtual machine. 0or this, we need to obtain two files. perating systems, such as windows, are typically installed using a cd or dvd. %ou put the cd or dvd into your computer, you boot it up, and you follow the instructions in order to install the operating system. +irtual machines wor. similarly. Before we can use a virtual machine, we have to install an operating system on it. &owever, we are @: T@ going to use <indowsL <e are going to use ?inux. 'o not be afraid if you have no experience using ?inux. I assure you that this will prove to be painless. <e actually need two different linux operating systems in order to have a secure system. Before we go through the steps of setting this up, I want to describe to you what we are doing. 6emember earlier in the guide I explained that one of the downsides to using Tor Browser from your main computer is that you might accidentally put a lin. into a non9Tor browser. The problem with your computer right now is that you can access tor sites, or non9tor sites e=ually well. That means that you have to be extremely careful to ensure that you are using Tor. 5n analogy would be to say that you are typing on a .eyboard with red and green .eys. %ou have to be careful to only hit the green .eys. If you accidentally hit a red .ey, then you could compromise your security and anonymity. That is @not@ a good position to be in. The purpose of setting up a virtual machine is to ma.e certain that you cannot accidentally reveal your identity or compromise your security.
The computer you are using now has two ways of accessing the internet: T 6, and :on9T 6. The virtualmachine we are setting up however will only be able to access the internet using T 6. :o other way period. That means that no matter what you do, no matter how hard you try, you will : T be able to accidentally access any website except through T 6. This @guarantees@ that whatever you do on that virtual machine is going to be through T 6. $o how do we achieve thisR There are a number of ways to do so. The method presented in this guide is not the only good way, however I do believe that it is both easy to set up and also friendly to users who may not have a great deal of 65B. 0irst, we are going to set up two different virtual machines. ne of them will exist for the sole purpose of ma.ing sure that the other one does not accidentally connect to the internet except through T 6. This virtual machine re=uires very little. %ou will not be using it for anything. It will simply act as a gate.eeper to ensure that the other +irtual Bachine is safe. The second virtual machine will be what you use for internet browsing, chatting, etc. This virtual machine will be configured in such a way that it can only use T 6 and nothing else. The way we will achieve this is to force this second virtual machine to go through the first virtual machine for all internet connections. 'o not worry if this seems complicated. 5s with the rest of this guide, I am going to wal. you through step by step exactly what to do. 0irst, we have to obtain the operating systems we will need. In this case, we are going to use D'amn $mall ?inuxE 7yes that is itFs real name8 for the firewall and we are going to use D"buntuE for the main system. The advantage to using D'amn $mall ?inuxE is that we only need #! BB of ram and no dis. sapce to have an effective firewall. ?etFs set up the firewall first:
5. Installing a 2ire#all
1. 0irst, go to the following "6?: http:GGwww.damnsmalllinux.org 7three lFs8 !. $croll down until you see a lin. that says D'ownloadE #. "nder D)urrent 0ull Birror ?istE, clic. any that wor.. $ome may not wor. at any given time. If one doesnFt wor., simply hit bac. on your browser and try another one. (. 5t the time of this guide, the following url wor.ed: ftp:GGftp.is.co.MaGlinuxGdistributionsGdamnsmallGcurrentG ,. 4o to the DcurrentE directory if not already in it. -. )lic. on the file called: dsl9(.(.13.iso U If you cannot find this file, choose the file closet to it. 5 higher version number is fine. The file will probably be about ,3 BB /. The file should ta.e about ,913 minutes to download based on your connection. 7I0 T&* 5B +* $T*;$ < 6O*' 0 6 % ", $OI; T&I$ BI:I9$*)TI :8 7If you had trouble with the above steps, read this mini9section8 7<ith mirrors, it is often the case that a particular mirror site doesnFt wor.. 5t the time of this writing, several mirrors wor.ed. I am providing detailed instructions for each mirror.8 75bove I have already provided instructions for the mirror8 ftp:GGftp.is.co.Ma BI66 6: http:GGgd.tuwien.ac.atGopsysGlinuxGdamnsmall 74o to this "6?, and under D$ubdirectoriesE clic. on DcurrentE8 if available, select the file called Dcurrent.isoE 7provided the file is at least (2 BB in siMe8 If not, then choose the closest file to dsl9(.(.13.iso, a higher version V is fine. BI66 6: http:GGftp.belnet.beGpac.agesGdamnsmalllinuxG 7go to DcurrentE directory, obtain either Dcurrent.isoE 7if (2 BB or higher8 or find file closest to Ddsl9(.(.13.isoE8 BI66 6: http:GGftp.heanet.ieGmirrorsGdamnsmalllinux.orgG 7go to DcurrentE directory, obtain either Dcurrent.isoE 7if (2 BB or higher8 or find file closest to Ddsl9(.(.13.isoE8 5t this point, you should have the file either Dcurrent.isoE or Ddsl9(.(.13.isoE 7or something similar8 fully downloaded and saved into your 'ownloads directory. :ow, go ahead and open up +irtualBox again, most li.ely by clic.ing it on the tas. bar. 1. )lic. D:ewE at the top left, an icon that resembles a many9pointed round star. 2. D<elcome to the :ew +irtual Bachine <iMardE, clic. D:extE 13. D+B :ame and $ TypeE: "nder D:ameE type in: 0irewall 11. 0or perating $ystem, choose D?inuxE
1!. 0or D+ersionE, choose: D ther ?inuxE 1#. )lic. D:extE 1(. DBemoryE, select D#! BBE and clic. :ext 1,. D+irtual &ard 'is.E, "nchec. DBoot &ard 'is.E and clic. D:extE 1-. If a <arning dialog appears, clic. D)ontinueE 1/. )lic. D0inishE 11. :ow you will notice D0irewall, ;owered ffE visible in your +irtualBox control panel. Ba.e sure it is highlighted 7it should be8 and then right clic. it, and select D$ettingsE. 12. $elect D:etwor.E in the menu to the left. !3. )lic. on the D5dapter !Q tab. !1. )hec. D*nable :etwor. 5dapterE and next to where it says D5ttached toE, select DInternal :etwor.E from the pulldown menu. !!. )lic. D .E at the bottom. !#. nce again, right clic. D0irewall, ;owered ffE and select D$tartE !(. )hec. D'o not show this message againE and clic. D .E. This is >ust letting you .now that the D6I4&T )T6? O*%E on your .eyboard is the DcontrolE .ey for this virtual machine. !,. D<elcome to the 0irst 6un <iMardE, clic. D:extE !-. D$elect Installation BediaE, under DBedia $ourceE is a pull down menu. To the immediate right of that pull down menu is an icon with a folder. )lic. that folder icon. !/. ?ocate Dcurrent.isoE or Ddsl9(.(.13.isoE 7or the similar file name8 that you downloaded. <hen located, clic. D penE. It is li.ely in the D'ownloadsE directory of your home folder. !1. )lic. D:extE !2. )lic. D0inishE :ow the virtual machine will start to boot up. $imply waitH 7This may ta.e up to , minutes.8 #3. ne or more new dialogs may come up saying D+irtualBox InformationE, >ust clic. D'o not show this message againE and clic. D .E 5fter a few minutes, the booting will finish and you will be loo.ing at the des.top for your firewall virtual machine. To the right of the window you will see some stats that loo. something li.e this: "p: 3 .Gs N 'own: 3 .Gs ;rocesses: 12 );" "sage: 13T 65B "sage: 1-.!BBG!1.1BB etc. )ongratulationsL %ou now have a firewall running. :ow we will set up this firewall to protect you so that you can safely use T 6 from your main virtual machine.
70irst, clic. inside the window that your virtual machine is running in8. :ow try moving your mouse cursor. If you do not see the mouse cursor moving around, then press 76I4&T )T6? W I8. :ow move your mouse cursor again. If you notice that you are moving your DmainE mouse cursor over the window, but you do not see the D'$?E blac. mouse cursor moving, then clic. again into that window. If you do this a few times, you should notice that the mouse begins to wor.. %ou may have to press 6I4&T )T6?WI a couple of times to get the mouse to wor.. 1. nce the mouse is wor.ing inside of your virtual machine, go ahead and close the window entitled D4etting $tarted with '$?E 7If you cannot see the full virtual machine window, for example because your screen resolution is set so that some of the window goes too low, read this mini9section8. 70irst, press 6I4&T )T6?WI until you have your main windows white mouse cursor bac.8. :ow, clic. on DBachineE in the menu at the top of the window. 7$elect D$witch to $cale BodeE8 7 )lic. D$witchE8 7:ow you will have converted your firewall window to a smaller siMe, and you will be able to resiMe it. %ou may need to press Dright ctrlE to get a windows mouse cursor 7which you will need in order to resiMe this window8. :ow simply resiMe it to the siMe that wor.s for you, and then clic. into the window to be able to use the blac. mouse cursor inside the virtual machine. I recommend you maximiMe this window to ma.e sure you can read everything clearly. !. 6ight clic. anywhere on the des.top, go to $ystem 7a red folder8, go to 'aemons, ssh, and start. #. 6ight clic. again anywhere on the des.top, go to P$hells 9J 6oot 5ccess 9J Transparent (. :ow you have a window that you can type in. Type exactly as shown below into this window, and hit enter: passwd nce you type this and hit enter, it will as. you for a password. This is a password for full access to the firewall. Ba.e it at least 1 characters in siMe. @@@ IB; 6T5:T: 'o not forget your firewall password. %ou will need it later in the guide. @@@ <hen you have successfully changed your password, it will say D;assword changed.E ,. :ow type exactly as shown below, into the same window: ifconfig eth1 13.3.#.1 -. It will not say anything after you hit enter, it will >ust return you bac. to the prompt. :ow our firewall server is ready. <e want to save this state so that we can get bac. to it easy in the future. ;ress 6I4&T )T6?W$ /. :ow you will be loo.ing at a window that says DTa.e $napshot of +irtual BachineE. Iust clic. D .E 1. :ow, letFs test this out to confirm it wor.s as we expect. 4o ahead and close the virtual machine by clic.ing the DPE in the top right corner. 5 menu will come up. $elect E;ower off the machineE and clic. o.. 'o : T chec. the box called D6estore current snapshotE. 5nd now you should be once again at the +irtualBox manager. %ou will see D0irewall 7$hapshot 18, ;owered ffE 2. Ba.e sure that D0irewall 7$napshot 18, ;owered ffE is selected. 5t the top right of your +irtualBox Banager is a button that says: D$napshots 718E. )lic. it. 13. )lic. on D$napshot 1Q, the top9most selection. This will highlight it. 11. :ow right clic. it, and clic. on D6estore $napshotE 1!. 5 dialog box will come up as.ing if you are sure, clic. D6estoreE 1#. :ow clic. the D$tartE button at the top with the large green arrow. 1(. 5ny dialog boxes that come up with a chec. box saying D'o not show this information againE, simply chec. the chec.9 box, and clic. o.. 'o not worry about any of those. 6emember, if you do not have immediate control of the mouse inside the virtual machine, simply press 6)T6?WI 7press right ctrl and DIE at the same time8 and clic. into it until you have mouse control. :ow your firewall is good to go. 5ny time you need it, >ust go to the +irtualBox Banager and follow steps 2 through 1(
above. %ou do not have to go through the whole setup process again at any time in the future. %our firewall is ready.
!-. D$elect Installation BediaE, under DBedia $ourceE is a pull down menu. )lic. the Dfolder iconE to the immediate right of that pulldown menu. !/. ?ocate Dubuntu913.139des.top9i#1-Q 7or the similarly named file8 from your 'ownloads directory, or wherever you saved it. )lic. on it, and clic. D penE !1. )lic. D:extE !2. )lic. D0inishE :ow simply wait. %our "buntu virtual machine will be loading up. This may ta.e a few minutes. 'onFt worry if you see all .inds of strange messagesGtext. It is normal. 5fter a few minutes, you should start to see the "buntu des.top load. "nli.e your firewall, you will notice that you do not have to clic. the mouse inside the window. It automatically happens. This is going to be much easier than the D0irewallE step. nce everything has loaded, you will be loo.ing at a window that says DInstallE with a button that says DInstall "buntuE. If you cannot see everything, press 6)T6?W0 7to go full screen8. %ou can return to windowed mode by 6)T6?W0 again. 5ny dialogs can be closed, and you can chec. the box that says D'o not show me this again.E #3. )lic. DInstall "buntuE #1. )hec. D'ownload updates while installingE #!. )hec. DInstall this third9party softwareE. )lic. D0orwardE ##. *nsure D*rase and use entire dis.E is selected, and clic. D0orwardE. 6emember, this is : T tal.ing about your hard dis.. It is tal.ing about the 1913 gigabyte virtual dis.. #(. )lic. DInstall :owE #,. :ow you will be guided through a series of installation related screens. The first screen as.s you to select your timeMoneGtime. $elect your choice and clic. D0orwardE #-. :ow .eyboard layout, again select your choice and clic. 0orward. If you are unsure, leave it as is or clic. D0igure out .eyboard layoutE #/. D<ho are youRE 0or D%our nameE type in: mainuser #1. <hen you type in DmainuserE the other boxes will fill in automatically. :ow clic. in the text box next to D)hoose a passwordE. #2. 'o : T use the same password as the firewall. )ome up with a different password. (3. *nsure that D6e=uire my password to log inE as well as D*ncrypt my home folderE are selected and chec.ed and proceed. :ow simply wait until the installation is finished. The installation may ta.e a while, and it may appear to stall at some points. 5s long as the ubuntu mouse cursor shows an animation that is turning around in circles, the installation @is@ wor.ing. $imply wait until it is done. If after an hour or two the progress bar hasnFt moved at all, then go ahead and re9start the installation starting from step !( 7after closing the window and powering down the virtual machine8. 'epending on your computer, it could ta.e !9( hours. Bost li.ely, it will ta.e about an hour. nce finished, you will see a dialog that says DInstallation )ompleteE with a button that says D6eboot :owE. 'o : T press the D6eboot :owE button. )lose the SPF on this window, and ;ower 'own. (1. :ow, right clic. D;rimaryE and go to D$ettingsE. (!. )lic. on D$torageE in the left menu. Then clic. on the Dubuntu913.13H .isoE under where it says DI'* )ontrollerE (#. To the right it says D5ttributesE under that it says D)'G'+' 'rive : HE to the immediate right of that is a cd icon. )lic. it. ((. $elect D6emove dis. from virtual drive.E (,. )lic. D .E (-. :ow, ma.ing sure that D;rimaryE is highlighted, clic. the D$tartE button at the top with the large green arrow. :ow we wait for your newly installed "buntu machine to boot up. (/. 5fter a few minutes, you will see a dialog appear that says Dmainuser9+irtualBoxE. 4o ahead and clic. on DmainuserE
which has the Dperson iconE to the left of it. (1. :ow it will prompt you for your password. *nter the password you used in the installation process. (2. 5fter a minute or so, you should hear a nice login sound, and you should be fully logged into your virtualmachine. ,3. Oeep waiting, and a dialog will appear that says DInformation avialableE and D6ecord your encryption passphraseE )lic. on: D6un this action nowE ,1. Type in the same password you used to log in. 5fter that window closes, clic. D)loseE in the dialog box. )ongratulationsL %ou have now set up a virtual machine as well as a firewall to protect it. :ow we need to finish configuring the primary virtual machine.
virtual machine window. 'epending on the speed of your computer, this may ta.e 13 minutes or more. Iust be patient. 'onFt worry if your virtual machine appears to be running too slow, we will speed it up. :ow your +irtual Bachine is set up and ready for use.
T 6. @@@
12. This will connect you to the 0reenode I6) networ.. 5fter a few minutes, you will be connected and a dialog box will appear. !3. "nchec. the box that says D$how this window after connectingE, and then clic. D)loseE !1. :ow, in the same text box as you typed the Gserver command, type the following exactly as shown below, including the DGE and DVE characters: G>oin V"buntu !!. :ow you are in the V"buntu chatroom. 0eel free to discuss the "buntu operating system and as. =uestions related to how to use "buntu. 6emember: @@@ 'o : T discuss T 6 or sensitive material. %ou are : T anonymous. @@@ This is a good opportunity for you to learn how to set up "buntu to be the way you want as far as colors, layout, theme and so forth. <hen you have finished, simply close the DO+IrcE window.
:ow wait until the file finishes downloading, and then the D"buntu $oftware )enterE will appear. 0ollow these steps: 1. ;ress DInstallE !. Type in your password when prompted. 5fter a short wait, Torchat will be installed. To start Torchat, go to D5pplicationsE 9J DInternetE 9J DTorchat Instant BessengerE
)lic. that button. 1(. $elect DBanual proxy configurationE 1,. :ext to both D&TT; ;roxyE and D$$? ;roxyE type in: 1!/.3.3.1 1-. $et the port to 1111 for both D&TT; ;roxyE and D$$? ;roxyE 1/. :ext to D$ )O$ &ostE type: 1!/.3.3.1 11. $et the port for D$ )O$ &ostE to 23,3 12. Ba.e sure that D$ )O$ v,Q is selected at the bottom. !3. )lic. D .E and then D)loseE :ow we have instructed 0irefox to use T 6. &owever, 0irefox cannot use T 6 yet. 6ight now, "buntu is completely unable to connect to the Internet. <e are going to change that. !1. 4o to D5pplicationsE 9J D5ccessoriesE 9J DTerminalE !!. Type in: sudo bash 7and hit enter8 !#. Type in your password if prompted. !(. Type in the following commands exactly as shown below 7or copy paste them8: ifconfig eth3 13.3.#.! GetcGinit.dGpolipo stop GetcGinit.dGtor stop GetcGinit.dGprivoxy stop 7:ote: the last three commands, those beginning with GetcG are only necessary if you installed Torchat8 :ow you have told your "buntu machine to >oin the same networ. that your 0irewall is on. :ow we can establish a tunnel for T 6 data to flow from our "buntu machine, through the 0irewall, into your <indows guest machine. <e need to establish two such tunnels. The first tunnel for port 23,3 data, and the second tunnel for port 1111 data. <hen these two tunnels are set up, it will be possible for you to use your "buntu machine to access any website using T 6. 0urther, it is still completely impossible for your "buntu machine to access the Internet in any other way. !,. %our terminal window should still be open. Type in the following command exactly as shown 7or copy paste it8: ssh 9: 9? 23,3:13.3.!.!:23,3 rootX13.3.#.1 !-. Type DyesE if prompted. <hen prompted for the password, give your 0irewall password. :ot your "buntu password. 5fter you hit enter, you will see the cursor go to a blan. line and nothing else happens. This simply means the connection you re=uested is active. If the connection were to stop for any reason, you would return to a command prompt. If you want to terminate the connection yourself, simply hit )T6?W). %ou can type in the same ssh command again if you need to re9 open the tunnel. !/. :ow we are going to open the second tunnel. In your terminal window, go to D0ileE and D pen TabE. This will open up a tab for a second terminal without affecting the first. !1. :ow, type exactly as shown below to open the second tunnel: ssh 9: 9? 1111:13.3.!.!:1111 rootX13.3.#.1 !2. 6eturn to 0irefox. 4o to the D0ileE menu and unchec. D<or. fflineE if it is chec.ed. #3. 4o to the "6?: http:GGchec..torpro>ect.org If you see the text: D)ongratulations. %our browser is configured to use TorE then you are all setL %our "buntu virtual machine is now : T connected to the internet in any way. &owever, you can browse any website using T 6, even %outube. %ou do not have to be afraid of >avascript or 0lash. 5ny files you save onto your virtual machine will automatically be saved in the encrypted truecrypt volume you set up earlier. In fact, everything the virtual machine does will be contained within that truecrypt volume. 0urther, even if someone somehow managed to remotely gain full root access to your "buntu machine 7absurdly unli.ely
to happen8, they would still not be able to see @anything@ about who you are, or what your real I; address is, or even that you are using a +irtual Bachine. To them, it would appear that the "buntu machine is your main computer. They would be totally unable to compromise your identity based on this alone. &owever, .eep the following in mind. If someone were to gain access to your "buntu machine, they < "?' be able to see anything you have used it for or any files you have saved. Therefore, I recommend for the sa.e of absolute security, do not store anything on your "buntu virtual machine that identifies you. This is >ust a precaution. It is virtually impossible that someone would manage to remotely gain access to your "buntu machine
%ou dont have to do all steps at once. %ou can do a little of it every time you have an hour or two to spare. I thin. for the whole procedure you will need roughly 191! hours. I thin. its written in a way everybody should be able to follow. If there are still steps unclear >ust as., i will see if i can help you. btw this is written for noobs, but the tips here are interesting for allmost everybody. ;.$.: nce you have installed T 6 you can get access to T 6 hidden services and other interesting deep9web pages. If you want some lin.s for your first steps into this hidden part of the internet >ust as. me. If there is a lot of re=uests i will write an extra thread with the most important websites in the deepweb. ne thing before you get started : most deepweb pages arent online !(G/. $o if you cant reach a certain website be patient and try again and again till you get access. 5nother thing : you will find websites that are pretty shoc.ing and disturbing. In 22.,T you will see beforehand what you find on those sites, so if you dont want to see certain things dont .lic. on the lin.s. :ow that you have a really secure system, you should .now what to do when the shit hits the fan and you are arrested or your home gets searched. $%our system, is secured in a way they cant brea., so the only thing that can incriminate you now is your testimony. These ! youtube videos are ! lectures on behaviour towards the police in such situations. ;art one is done by a criminal defense attorney, part ! by a very experienced police officer. They both tell you about the tric.s the police uses and how you should react : http:GGwww.youtube.comGwatchRfeature\playerKembedded]v\-wP.I(t/nuc http:GGwww.youtube.comGwatchRfeature\playerKembedded]v\31f^_<>'+O* `tl,dw : say nothing and as. for a lawyer, 5??<5%$ L %ou cannot improve your situation with anything you say 7this is counterintuitive, but the attorney here has in his whole carrer :*+*6 heared of single case where a suspect could help his case by tal.ing to the police, but he could name many cases where they made matters way worse8 but you can ma.e it a lot worse, so shut the hell up and wait for your lawyer. *ven him being a defense lawyer wouldnt tal. to the police under any circumstances. %ou can tell your story before court 5:' :*+*6, ":'*6 : )I6)"B$T5:)*$, B*0 6* T&5T L *ven the cop in lecture ! says :*+*6 T5?O T T&* ; ?I)* LLLLL V p$hit$orm : A $hare by Baster;irateC