/os/ - Online Security

News, techniques and methods for computer network security.

Boards | Magrathea | Catalog | Bottom

Check to confirm you're not a robot
Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096


Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.


Discussion Thread Endwall 02/24/2018 (Sat) 01:52:08 [Preview] No. 1145 [Reply] [Last 50 Posts]
DISCUSSION THREAD
Want to say something off topic about anything?

Have a hot tip about something in the computer security world that doesn't fit into any current thread or category?

Want to chat with your fellow invisible 7 proxy friends?

Want to tell Lt. Gen Michael Hayden, GEN Keith Alexander, ADM Michael Rogers, GEN Paul Nakasone, GOOGLE, AMAZON, FACEBOOK and Microsoft etc. how you feel?

It's open mic at >>>/os/ , anything goes!!

Put all of your banter here:
Edited last time by Endwall on 04/14/2019 (Sun) 02:40:40.
55 posts and 1 image omitted.


Endwall 06/13/2019 (Thu) 04:47:49 [Preview] No.1411 del
Batman_and_Robin_1997_-_The_End_Is_The_Beginning_Is_The_End_The_Smashing_Pumpkins
https://youtube.com/watch?v=9v7jLibv4lU [Embed]

good audio...


Endwall 06/17/2019 (Mon) 05:07:46 [Preview] No.1413 del
The Beatles
The End - Abbey Road
https://youtube.com/watch?v=oV8PSj-hQvw [Embed]

The End -Alternate
https://youtube.com/watch?v=YA_sK86sX5I [Embed]


Endwall 06/30/2019 (Sun) 07:48:56 [Preview] No.1425 del
Just watching the Kim, Moon,Trump impromptu meeting.

When Kim comes to America, President Trump should take him to go watch the Chicago Bulls play a match live, court-side at the United Center, with Dennis Rodman, and Billy Corgan... Michael Jordan should come along too. Afterwards they should go get burgers, fries and hotdogs, and then fly in the presidential helicopter back to the White House for talks. Trump would get re-elected in a landslide. I'd pee myself laughing, and I'm looking forward to it.


Endwall 06/30/2019 (Sun) 07:57:05 [Preview] No.1426 del
>>1425
Gotta let him have a free throw or do a layup at half time too!

No wait... he should setup a pass to Jordan to do to do an Alley-oop slam dunk at half time. Then Kim could wave at the crowd and smile then go back to his box to watch the second half. Trump and Kushner would give a standing ovation. That would be awesome don't you think ?


Endwall 06/30/2019 (Sun) 08:05:02 [Preview] No.1427 del
>>1426
We need Rodman in there too! Chairman Kim dribbles at center court, then he passes to Rodman. Rodman does some moves, sets up the Alley oop for Jordan. Jordan Hangs on the rim after the dunk. I'd be on the floor. Make my dreams come true...Just do it.
Edited last time by Endwall on 07/02/2019 (Tue) 03:26:36.



Tor Hidden Service Mail Server Endwall 08/08/2017 (Tue) 03:16:04 [Preview] No. 992 [Reply] [Last 50 Posts]
############### BEGINNING OF GUIDE ##########################

In this thread I document and revise how to set up a tor hidden service email server, you may substitute the servers that you are most comfortable with.

STEP 0) Collect the relevent files from The Endware Hidden Service
Set up a tor mail server using postfix or OpenSMTPd, with dovecot for imap or pop.

You may contact me anonymously at endwall@zvdcyrpole74oo24gqkx2wh6rmrthrhexzik5dm6xf7ewtiekxmvqwqd.onion
Use endmail.sh to send mail to this account.
http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/endwall_pgp.asc

Encrypt with pgp and send messages and files by email on a tor hidden mail service on port 25.

Everyone should do this. Then just share your hidden service address and handle.

http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/endware/endmail.sh

Message too long. Click here to view full text.

Edited last time by Endwall on 03/09/2019 (Sat) 06:20:10.
4 posts omitted.


Endwall 08/09/2017 (Wed) 22:02:09 [Preview] No. 997 del
Maximum Security Electronic Mail Communications Protocol (MSEMCP)

or

Maximum Security Encrypted Message Communication Protocol(MSEMCP)
Edited last time by Endwall on 08/09/2017 (Wed) 22:20:51.


Endwall 08/09/2017 (Wed) 22:17:11 [Preview] No. 998 del
Maximum Security Encrypted Message Communication Protocol (MSEMCP)

Author: Endwall from the Endware Development Team
Creation Date: August 8, 2017
Copyright: The Endware Development Team (c) 2017
License: You are Free to Study, Reproduce, Copy, Modify, Implement, Test, and Use this protocol as described below, in the spirit of the Endware End User License Version 1.15.

Description:

This protocol MSEMCP provides:
1. Message security through physical isolation of the encryption station by a read only Floppy Disk Message Sneaker Net (FDMSN)
2. Strong Public Key Cryptography using RSA 4096 bit.
3. Transmission and reception anonymity through Tor with 12 hops.
4. Trust and Verification through TLS 1.2 with RSA 4096 bit, and Self Signed Server Certificates to compare repeated server connections.

All of which can be implimented with 4 tools:
1) A Base install of a *nix BSD or GNU operating system in text mode.

Message too long. Click here to view full text.

Edited last time by Endwall on 08/09/2017 (Wed) 22:39:39.


Endwall 05/10/2019 (Fri) 17:20:38 [Preview] No.1394 del
Also after writing the encrypted message onto the floppy disk, eject it and then flip the write protect tab on the floppy. So that you only read encrypted.asc and sha256sum.txt from the floppy on your transmission work station when sending the file.

In general you can improve this protocol by having 2 air-gaped computers, that share your private key. One for decrypting messages, the other for encrypting messages. That way information never flows back and forth between your air-gap stations and the transmission computer.


READ ONLY Floppy 1 computer 1
[TRANSMISSION STATION] <-------------- [ENCRYPT STATION]

computer 2
Floppy 2 READ ONLY
[TRANSMISSION STATION] --------------> [DECRYPT STATION]


The transmission station has the tor mail server (postfix) with tor and endmail. The Encrypt and Decrypt station are separate computers that share your private key for pgp (not necessary if you're not signing anything, since you encrypt with the counterparty's public key only) . Both are air gaped / full disk encrypted running OpenBSD, and floating on a battery backup (off the power grid). Basically unplug your UPS from the wall for 15-20 mins while you do this operation, shutdown the computer then plug the APC back in to recharge the batteries. If malware flows in to the decrypt station, it can't return to the transmission station or jump across to the encrypt station. Nothing ever flows in to the Encrypt station only out.

If malware flows in to the decrypt station, it can't return to the transmission station or jump to the encrypt station. Nothing ever flows in to the Encrypt station only out. Nothing flows out of the decrypt station only in.

Message too long. Click here to view full text.



Endwall 05/10/2019 (Fri) 17:28:17 [Preview] No.1395 del
Nothing should flow into the encryption station, but I guess you have to get the public keys for your recipients onto the encryption station somehow, so you can make an exception for that, or do it during installation if you have a small consistent set of people that you communicate with. Or just risk bringing in a new public key by floppy disk. It's a very small attack surface.

The point is to assume that the transmission computer can or will get compromised by a keylogger, or by other malware, since it is internet connected, and to shield the messages by encrypting on the air gap.

You might need to jump new public keys onto the encryption station but aside from that nothing comes in, only messages go out on it. With the decryption station nothing comes out, only encrypted messages go in.

1.44MB is enough to have a book's worth of text. That should be enough for passing messages.
The King James bible is 4.3MB uncompressed 1.3MB compressed with gzip. So 2 floppy disks should be sufficient to shuttle messages back and forth for a couple of years.

If both message counter-parties did this protocol, it would be pretty secure. If your messages were leaked at that point and you discovered it by some means, you could safely assume that the person that you are communicating with is a rat,snitch,traitor, etc., who forwarded the decrypts along to your adversaries / enemies.

Its not unbeatable, for instance someone could install a camera in your room...and point it at your decrypt / encrypt station monitors,or keyboard, or have switched your keyboard for your encrypt station with a keyboard with RF signalling by physical access, which is why physical security is also important.


Anonymous 11/03/2019 (Sun) 02:07:27 [Preview] No.1490 del
test



Tor Relays Anonymous 01/07/2019 (Mon) 22:23:33 [Preview] No. 1364 [Reply] [Last 50 Posts]
I thought that we should have a thread on running a Tor relay from home, as it didn't seem to fit in with the existing Tor thread. There are several benefits, namely that it mixes any traffic you yourself make on Tor with the traffic of others, which could make it harder to perform traffic correlation. It also increases the bandwidth of the Tor network, of course.

torrc Relay Configuration
Nickname <your nickname>
ORPort 9001
ExitRelay 0
SocksPort 0
ControlSocket 0
ContactInfo <your email>

This config sets up the Tor daemon to run as a middle node. I'd recommend using a separate email as the contact info. The nickname can be anything you want.
It's possible to run it as an exit node, by changing ExitRelay to 1. However, this is very likely to bring the attention of your ISP/Law Enforcement, and you'll probably get banned from many clearnet sites.

It's best to check if your ISP cares about running a relay; mine is apparently fine with it, but I imagine that some may get annoyed and send you letters, or rate limit you or something like that. There's a list at https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs, although it is incomplete.

This thread would probably be good for discussing running similar things with other networks (BT seedboxes, GNUnet nodes etc).



Endware EULA Anonymous 03/29/2018 (Thu) 04:43:38 [Preview] No. 1171 [Reply] [Last 50 Posts]
The Endware EULA is one of the most insanely idiotic things I have ever read. At no point in your rambling, incoherent license were you even close to anything that could be considered a rational thought. Everyone in the open source movement is now dumber for it having been written. I award you no points, and may God have mercy on your soul.

Also, btw, it's probably not meaningfully enforceable. A halfway competent lawyer would tear it to shreds in a court of law.

You should really consider changing it to one of the standard OSI or FSF approved licenses, most of which have been vetted by lawyers, some of which have actually been tested in court and (almost?) none of which are insane garbage like the Endware EULA.
14 posts and 2 images omitted.


Endwall 04/07/2018 (Sat) 03:52:37 [Preview] No.1195 del
> The enumerations presented were examples and are not meant to be exhaustive, however they were meant to be funny.
> For your own sake, and the public's, don't quit your day job to pursue a career in comedy writing.

The part I get a chuckle out of every time I read it is the solar system and space transport vehicles part, I picture Elon Musk reading the license and saying "This is a great license for our project", and then I get a mental image of astronauts on the International Space Station flipping channels on endstream and endtv to pass the time. The rest was meant to be serious.

> What constitutes a "neighbor"? That's not a term with a defined legal meaning, and to the extent that it has one, it's not what you seem to think it means. I can't share the code with someone in another country? They're not my neighbor. Or do you mean it in a metaphorical sense? Legal documents are probably a bad place for metaphors.

This is a valid complaint. I'll change the word neighbor to recipient .

> You say modify AND improve, not modify OR improve. I can only modify it if I improve it? What if you think my changes make it worse? Who decides? You? I guess I'm in violation of the license, then.

This is a valid complaint. I'll remove the word improve. You can freely modify the code and run and distribute the modified code. Improvements are not required, and I won't be the judge. I'll only be the judge of what is released by Endware.

###########

I'm going to make 2 licenses, the first will attempt to rectify some of the complaints by adding and deleting words, and the second will be a simplified license where I delete everything that is redundant and attempt complete generality on the first line of every category.

Message too long. Click here to view full text.



Endwall 04/07/2018 (Sat) 04:07:10 [Preview] No.1196 del
I included government, and legislators to specifically point out that they should protect themselves from unlawful surveillance by the military (NSA, FBI, CIA etc) and corporations (GOOGLE, AMAZON, FACEBOOK, etc) in order to avoid blackmail and coercion, and to focus on strengthening the core institutions of western democratic society (Legislative, Executive, and Judicial branches of government) from attacks by hackers, foreign and domestic military intelligence services, etc.

But to be realistic they probably have proper high end security software and don't need Endware, but maybe they don't, I don't know... I'm sure they have something better. But just in case...


Endwall 04/07/2018 (Sat) 04:12:05 [Preview] No.1197 del
>Any user of this program is granted the freedom to run this code on any computer of their choice.
> I can run it on other people's computers without their permission!? Nice!

Can I run iOS on an Android Phone? or MacOS on regular arbitrary x86 gear?

You can run Endware on any computer architecture you want, and on any hardware device you want to. Including on other people's machines, but you might be breaking the computer misuse laws in doing so, not my copyright license grant.


Endwall 04/07/2018 (Sat) 04:36:06 [Preview] No.1198 del
ME:
1) I grant that the letters A,B,C,D and H have property ZINGER
2) I grant that all roman alphabet letters both upper case and lowercase have property ZINGER

YOU:
But what about L,M,N,O,P, do they have property ZINGER? You must have omitted these for some reason they must Not have property ZINGER!

SOLUTION:

{ A, B, C, D, H } Union (Roman Alphabet) = Roman Alphabet.

L,M,N,O,P are letters in the set Roman Alphabet and hence also have property ZINGER.

QED.


Endwall 04/07/2018 (Sat) 04:51:03 [Preview] No.1199 del
>but if you ever have the chance to run it by a lawyer, you should. After he gets done laughing, explain that it's not a joke. At this point, you'll need to ignore the look of pity on his face and explain that you're not mentally retarded, either. Then you can let him explain why your license is such a piece of shit.

I'm going to bring an HD digital video camera to the meeting and zoom in slowly so that I can catch the moment that the facial expression changes from mirth to sadness then to pity. I'll upload it as a webm onto Endchan or perhaps as an animated gif.



Compile Thread Anonymous 11/27/2016 (Sun) 20:44:39 [Preview] No. 692 [Reply] [Last 50 Posts]
Endwall guy should keep irrelevant compile instructions in this thread by editing the OP or edit the Sticky thread before purging said irrelevant posts in various threads. Just remind them to compile from source and redirect them to this thread.
9 posts omitted.


Anonymous 01/15/2017 (Sun) 22:04:32 [Preview] No. 797 del
is there reason to use torsocks over git's builtin socks5 proxy?

wouldn't it be better if you just register 127.0.0.1:your_tor_port as http.proxy and https.proxy variable by git config?

Not sure what revision of git your distro ships with but using torsocks should be considered depreciated hack for applications with builtin socks5 proxy support.


Reop from source Endwall 08/09/2017 (Wed) 22:53:08 [Preview] No. 999 del
Install REOP from Source
###############################################
$ mkdir -p ~/src
$ cd ~/src
$ endget --no-check-certificate https://www.tedunangst.com/flak/files/reop-3.0-snapshot.tar.gz
$ tar -xvf reop-3.0-snapshot.tar.gz
$ cd reop
$ ./configure
$ make
$ ./reop --help
$ cd ~/bin
$ ln -s ~/src/reop/reop reop
$ export PATH=$HOME/bin:$PATH
$ reop --help

Generate a key pair
$ cd ~

Message too long. Click here to view full text.

Edited last time by Endwall on 08/09/2017 (Wed) 22:57:34.


newfag 01/20/2018 (Sat) 11:21:06 [Preview] No.1102 del
>>707
do i need to run tor as:
tor_stable -f /usr/local/etc/torrc-defaults ?
or does it do that automatically?


Endwall 01/22/2018 (Mon) 07:47:47 [Preview] No.1104 del
>>1102

It should just work automatically. Start tor like this and read the console output

$ tor_stable &

It should say where it is reading the torrc and torrc-defaults from in the console output lines.


Anonymous 02/15/2018 (Thu) 04:28:39 [Preview] No.1127 del
>>1102
>>1104
Neat trick if you don't want your desktop littered with shells:

$ tor_stable &disown; exit;



Chrome Addons Anonymous 12/10/2017 (Sun) 03:54:06 [Preview] No. 1075 [Reply] [Last 50 Posts]
A lot of browser addons or extensions claim to improve privacy and security. These include Ghostery, Disconnect and Privacy Badger along with a slew of others.

I think for most entry level computer users that those type of addons might provide something useful. To people who are more experienced with browsers and their extensions they seem like a gimmick or just fancy visual feedback. A lot bells and whistles with very little actual functionality.

What can really make surfing the internet a much safer experience? If we focus on HTTPS, SSL and Digital Certificates then we have a good head start. From there we can protect ourselves from ads that might lead to sketchy websites. We can beef up our passwords and add authenticators to our accounts. At the most zealous level we can disable javascript and flash.

The following extensions are for Chrome.

https://chrome.google.com/webstore/detail/adblocker-ultimate/ohahllgiabjaoigichmmfljhkcfikeof?hl=en

Adblocker Ultimate accomplishes the two jobs that all adblockers must. First it has to have a pretty good idea of what is undesirable content and what it is that users want to see or interact with. Also there are no false positives; Adblocker Ultimate pretty much never identifies images or other website content as ads when they aren't.

The extension is also easy to turn off. You can disable it entirely or just for a webpage. The function that allows you to add new blocked elements works extremely well.

https://chrome.google.com/webstore/detail/authy-chrome-extension/fhgenkpocbhhddlgkjnfghpjanffonno?hl=en

Authy integrates authentication into the browser. I have not personally used this extension. The use of authenticators is extremely powerful security wise. I prefer to use my phone and download apps that have authenticators because I see having two different pieces of hardware as more secure than an application running beside another on the same device.


Anonymous 12/10/2017 (Sun) 03:57:48 [Preview] No.1076 del
https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp?hl=en

HTTPS Everywhere forces connections on websites to be made through HTTPS instead of HTTP. I have seen a number of times where a website's homepage will have HTTPS enabled but some other portion will not be encrypted through HTTPS.

https://chrome.google.com/webstore/detail/kb-ssl-enforcer/flcpelgcagfhfoegekianiofphddckof?hl=en

KB SSL Enforcer redirects the browser to use SSL/TLS.

https://chrome.google.com/webstore/detail/keeper%C2%AE-password-manager/bfogiafebfohielmmehodmfbbebbbpei?hl=en

Keeper Password Manager is by far one of my favorite addons. It does a perfect job of saving usernames and passwords. It allows for the easy generation of new passwords that are extremely secure. The features that it offers for free are top notch.

https://chrome.google.com/webstore/detail/pop-up-blocker-for-chrome/bkkbcggnhapdmkeljlodobbkopceiche?hl=en

Poper Popup Blocker is effective and consistent about blocking popups when the browser and adblocker fail to do so.

https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en

Message too long. Click here to view full text.



Anonymous 12/10/2017 (Sun) 04:18:38 [Preview] No.1077 del
If you don't trust password managers then I suggest using a solution like pass the unix password manager.

https://www.passwordstore.org/

Also you can just generate passwords with password card and last pass.

https://www.passwordcard.org/en
https://lastpass.com/generatepassword.php


Endwall 12/14/2017 (Thu) 04:06:42 [Preview] No.1081 del
>>1035

I don't endorse google chrome, and generally avoid any products and services produced by this company if you want to maintain computer and internet privacy and security. Their entire business model is to invade your privacy and sell the information to advertisers and to the government. Avoid all of their products if possible.

That said I'm sure this thread might be helpfull to windows users. So go ahead and start a Windows 7 security thread as well.


Anonymous 02/14/2018 (Wed) 14:30:23 [Preview] No.1121 del
https://chrome.google.com/webstore/detail/ipfuck/bjgmbpodpcgmnpfjmigcckcjfldcicnd?hl=en-US
''IPFuck generates random IPs and fake the use of a proxy with HTTP headers.
It can make you anonymous on several websites.''

https://chrome.google.com/webstore/detail/trackmenot/cgllkjmdafllcidaehjejjhpfkmanmka?hl=en-US

TrackMeNot is a lightweight browser extension that helps protect web searchers from surveillance and data-profiling by search engines. It does so not by means of concealment or encryption (i.e. covering one's tracks), but instead, paradoxically, by the opposite strategy: noise and obfuscation. With TrackMeNot, actual web searches, lost in a cloud of false leads, are essentially hidden in plain view. User-installed TrackMeNot works with the Chrome Browser and popular search engines (AOL, Yahoo!, Google, and Bing) and requires no 3rd-party servers or services.


https://chrome.google.com/webstore/detail/automated-free-proxies-di/ojjklffhhhfpeaelghfocilljceokage?hl=en-US
''
CIAO identifies trusted and working free proxies using its own community. CIAO is instrumented to collect anonymous data about proxy performance and behavior (e.g., amount of data downloaded, page download duration). This data is reported to our servers as an input for the proxy selection algorithm. To bootstrap this process, our servers discover free proxies by crawling proxy aggregator websites. Each proxy is then tested daily to verify reachability, performance, and behavior. ''
(useful for sites like mega.co.nz)

https://github.com/dhowe/AdNauseam/wiki/Install-AdNauseam-on-Chrome-Without-Google‘s-Permission


Anonymous 02/14/2018 (Wed) 17:09:12 [Preview] No.1123 del
I would recommend getting the binary, or compiling yourself, a Firefox 52 ESR. ESR/Nightly/Dev builds have extra features that regular versions don't. Such as installing non-Mozilla signed apps and more about:config options.

https://www.mozilla.org/en-US/firefox/organizations/

I would also recommend using this doc to mess with your settings in about:config. It's not a comprehensive list (I've yet to be able to spoof my vendor), but it has enough where you can work towards making yourself camouflaged. Using this site

http://kb.mozillazine.org/About:config_entries

You can check more in-depth stats about what your browser is giving off. Like, even if you resize your window, your browser still tells websites your native resolution.

https://browserleaks.com/

And HTML5 canvas is one of the best ways to track you, considering it generates a near-unique signature for users. For this, you should use this and set your settings to "fake readout API" and "constant" for random number generation. This will help blend you in with the rest of the user info. Turning it off is almost as bad as having it on, because that in and of itself is a unique fingerprint.

https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/



FreeBSD Anonymous 12/05/2017 (Tue) 03:45:16 [Preview] No. 1073 [Reply] [Last 50 Posts]
Anyone here run FreeBSD on hardware?


Anonymous 12/06/2017 (Wed) 14:11:19 [Preview] No.1074 del
There isn't a single person who would use FreeBSD on real hardware. You can't easily port Linux drivers to it, not much community support... Really, using Gentoo FreeBSD edition or Source Mage is better.


Endwall 12/10/2017 (Sun) 08:50:25 [Preview] No.1078 del
I installed FreeBSD 10 on a Sun Microsystems UltraSparc Creator 3D workstation that I got for $30. OpenBSD wouldn't work, something about a bad magic number or something. Anyways the NVRAM had a dead battery so I couldn't get it on the internet because it couldn't register a MAC address which is stored in the NVRAM. I read an article about soldering the NVRAM with a new battery. Replacement is like $70 for a new NVRAM. So it's in the basement for future projects.

That aside I have about 2 or 3 PowerMac G5 silver towers ($50 for a dual 2.3GHz) that I want to install FreeBSD onto. I've read that this is the way to go with those things. I'll experiment with it this summer.

I think if you're going to go BSD go OpenBSD, but really these are for different purposes. If you need to have drivers for video cards and for multiple desktop environments use FreeBSD. If you want nothing to work, no drivers for video cards, etc but a secure environment then use OpenBSD. I mainly use Parabola, Gentoo and OpenBSD. Different use cases for different jobs. I ultimately want to migrate my linux experience to something like Source Mage evenutally when I have more time to spend reading and installing/fixing computers. But I'm too busy with school to change gears right now.

FreeBSD friends post your security tips here in this thread. Links to articles and tutorials about FreeBSD security and other helpful tips are also welcome. Thanks for starting the thread OP.


Anonymous 12/17/2017 (Sun) 05:39:07 [Preview] No.1086 del
>>1074
I do. I run it on the Xeon workstation under my desk.



BTC Mixing services links anon 10/17/2016 (Mon) 12:33:37 [Preview] No. 608 [Reply] [Last 50 Posts]


Anonymous 10/17/2016 (Mon) 20:36:47 [Preview] No. 609 del
questionable


Anonymous 10/12/2017 (Thu) 00:22:15 [Preview] No. 1049 del
how 2 buy bitcoins?



end/tech/ archive Anonymous 06/29/2017 (Thu) 09:06:23 [Preview] No. 957 [Reply] [Last 50 Posts]
https://web.archive.org/web/20170603033845/http://endchan.xyz/tech/

All of the hundreds of threads just deleted from end/tech/ are available there.



SSH privacy Anonymous 05/11/2016 (Wed) 18:16:01 [Preview] No. 42 [Reply] [Last 50 Posts]
How can I anonymously ssh into something? Going through Tor and using a freshly generated key for identification is obvious, but how can I make sure that there is no data leakage above all that? I haven't been able to find any guides on that, even though it seems like something a lot of people might be interested in doing.
2 posts omitted.


Anonymous 05/11/2016 (Wed) 21:01:41 [Preview] No. 45 del
>posting in the little retard's pet board
>captcha required

post this somewhere else if you are interested


Anonymous 10/21/2016 (Fri) 05:56:34 [Preview] No. 620 del
you gotta make suer your ssh deosn't show your key files to the server too


Anonymous 10/21/2016 (Fri) 12:05:39 [Preview] No. 621 del
>>620
Commenting out
SendEnv LANG LC_*
can help too.

Disabling pubkey auth is important. If you have passwordless key or have key loaded in ssh-agent, option
-oPubkeyAuthentication=no
disables pubkey auth completely.

Also, there's this thing to demonstrate deanon by ssh key:
https://github.com/FiloSottile/whosthere


Anonymous 12/28/2016 (Wed) 01:52:02 [Preview] No. 748 del
Finally, my almonds have been activated.


Anonymous 01/08/2017 (Sun) 19:31:59 [Preview] No. 782 del
In ~/.ssh/config so you don't leak your username if you forget to specify one.
host *

user root