Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- +----------------------------------------------------------------------------------+
- | VPN, privacy & Firefox (+ other Gecko browsers)* rev. 0.3.14 |
- +----------------------------------------------------------------------------------+
- ========== VPN section ==========
- + You can try free OpenVPN configs or Softether:
- + OpenVPN:
- - OpenVPN - you can edit configs (.ovpn) with notepad to change encryption (line 88 - standard is not so good: AES-128-CBC - try AES-256-CBC instead)
- - OpenVPN - you can edit configs (.ovpn) with notepad to add option "block-outside-dns" (for example in line 104) to avoid DNS leaks
- - OpenVPN - if you add option "block-outside-dns" you can avoid "DNS leaks" & you don't need (Simple) DNSCrypt
- (my testing suggest that when you using OpenVPN without "block-outside-dns" option together with Simple DNSCrypt you are affected by DNS leaks)
- (Simple DNSCrypt not working for me, anyway this needs further testing...)
- - OpenVPN - you can edit configs (.ovpn) with notepad to add option "--remote-cert-tls server" (for example in line 21) to avoid "Man-in-the-Middle" attack
- https://openvpn.net/index.php/open-source/documentation/howto.html#secnotes [OpenVPN 2.1 and above]
- - https://www.vpnbook.com/ (few free OpenVPN configs)
- - http://www.vpngate.net/en/ (a lot of free OpenVPN configs)
- + OpenVPN manuals:
- - https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
- - https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
- - https://openvpn.net/index.php/open-source/documentation/howto.html
- - https://openvpn.net/index.php/open-source/documentation/security-overview.html
- + Softether:
- - http://www.vpngate.net/en/
- - I recommend to try DNSCrypt to avoid DNS leaks (check your DNS leaks - links are below)
- - Changed the default algorithm for SSL from RC4-MD5 to AES128-SHA
- - http://www.softether.org/5-download/history
- - http://www.softether.org/1-features/3._Security_and_Reliability
- - https://torrentfreak.com/free-access-to-dozens-of-anonymous-vpns-via-new-university-project-130324/
- + Softether disadvantages:
- - logging policy: 2 weeks [default]
- - when you will be disconnected then your IP will be exposed (there is no 'kill switch' feature)
- - DNS leaks...
- + Security of popular algorithms:
- - https://en.wikipedia.org/wiki/RC4#Security
- - https://en.wikipedia.org/wiki/MD5#Security
- ========== Browser section ==========
- + Secure your privacy in Firefox:
- - by using addons like in IceCat [https://directory.fsf.org/wiki/IceCat] I mean:
- Adblock Plus (ABP), Disable WebRTC, Fat-Free Fox, No Resource URI Leak, NoScript, Privacy Badger, uBlock Origin (uBO), uMatrix etc.
- Additionally you can add: CanvasBlocker, Disconnect, FoxyProxy, Https Everywhere, Privacy Settings, Random Agent Spoofer.
- Take a look @ these sites:
- - https://web.archive.org/web/20170404173124/http://b.agilob.net/better-security-privacy-and-anonymity-in-firefox
- - http://configfox.sourceforge.net/
- - https://www.bestvpn.com/make-firefox-secure-using-aboutconfig/
- - https://www.bestvpn.com/privacy-news/control-firefox-privacy-settings-with-an-add-on/
- - https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-security
- - https://www.howtogeek.com/102032/how-to-optimize-mozilla-firefox-for-maximum-privacy/
- - http://www.ghacks.net/2015/07/01/control-privacy-settings-in-firefox-easily/
- + If you would like to use Google Chrome anyway you can replace it with Chromium or Iron:
- - https://en.wikipedia.org/wiki/Chromium_(web_browser)
- - https://en.wikipedia.org/wiki/SRWare_Iron
- + Use Tor or Tor Browser (based on Firefox):
- - "We will never be able to de-anonymize all Tor users all the time. • With manual analysis we can de-anonymize a very small fraction of Tor users"
- - https://edwardsnowden.com/docs/doc/tor-stinks-presentation.pdf‎
- - https://commons.wikimedia.org/wiki/File:Tor_Stinks.pdf
- - https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Tor_Browser
- - https://www.torproject.org/docs/tor-manual.html.en
- - https://www.torproject.org/docs/faq.html.en
- - https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters
- + SSH/SOCKS/proxy:
- - Privoxy - https://en.wikipedia.org/wiki/Privoxy
- - https://lifehacker.com/5763170/how-to-secure-and-encrypt-your-web-browsing-on-public-networks-with-hamachi-and-privoxy
- - https://lifehacker.com/237227/geek-to-live--encrypt-your-web-browsing-session-with-an-ssh-socks-proxy
- - https://outflux.net/blog/archives/2006/12/07/paranoid-browsing-with-squid/
- - https://embraceubuntu.com/2006/12/08/ssh-tunnel-socks-proxy-forwarding-secure-browsing/
- - https://pl.terminal28.com/instalacja-i-konfiguracja-squid3-tor-privoxy-anonimowosc-w-sieci [translate with your favourite translator]
- - https://www.reaper-x.com/2011/10/17/how-to-install-squid-proxy-on-windows/
- - https://www.unixmen.com/install-configure-squid-proxy-ubuntu-debian/
- - https://www.cyberciti.biz/faq/debian-ubuntu-linux-install-onionrouter-software/
- - Pirate Tor Browser - http://www.softpedia.com/get/Internet/Browsers/PirateBrowser.shtml or http://www.majorgeeks.com/files/details/piratebrowser.html
- + Change your UserAgent frequently (get UA addon for your browser). Example of UA sites:
- - Random Agent Spoofer addon for firefox: https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/
- List of UA sites:
- - http://www.browser-info.net/useragents
- - http://mybrowseraddon.com/custom-useragent-string.html
- - https://developers.whatismybrowser.com/useragents/explore/
- - https://udger.com/resources/ua-list
- - https://techblog.willshouse.com/2012/01/03/most-common-user-agents/
- - http://www.useragentstring.com/pages/useragentstring.php
- + Fingerprint (fingerprinting algorithms):
- - https://en.wikipedia.org/wiki/Fingerprint_(computing)
- - https://en.wikipedia.org/wiki/Canvas_fingerprinting
- - https://en.wikipedia.org/wiki/Device_fingerprint
- - https://browserleaks.com/canvas
- + Check your browser privacy/security:
- - https://browserleaks.com/
- - http://browserspy.dk/
- - https://panopticlick.eff.org/
- - https://www.howsmyssl.com/
- + Other sites worth mentioning:
- - riseup.net/en/better-web-browsing
- - privacytools.io
- - https://en.wikipedia.org/wiki/Category:Internet_privacy
- - https://en.wikipedia.org/wiki/Category:Crypto-anarchism
- ========== OS section ==========
- + Check Tails Linux:
- - https://en.wikipedia.org/wiki/Tails_(operating_system)
- - https://www.wired.com/2014/04/tails/
- + Check Whonix Linux:
- - https://en.wikipedia.org/wiki/Whonix
- - https://www.whonix.org/
- + Secure you DNS with DNSCrypt:
- - For Linux follow this: http://www.webupd8.org/2014/08/encrypt-dns-traffic-in-ubuntu-with.html
- - For Windows - you need: "dnscrypt-winclient" or "Simple DNSCrypt".
- URLs:
- - https://simplednscrypt.org/
- - https://github.com/jedisct1/dnscrypt-proxy/wiki
- - https://github.com/Noxwizard/dnscrypt-winclient
- (Simple DNSCrypt not working for me (I'm still using "block-outside-dns" option in OpenVPN config file).
- (Anyway this needs further testing...)
- + Check your DNS leaks:
- - https://ipleak.net/
- - https://www.dnsleaktest.com/
- - https://whoer.net/
- ========== P2P section ==========
- + Use peerblock
- - https://en.wikipedia.org/wiki/PeerBlock
- + Use ipfilter.dat
- - for example: ed2k://|file|ipfilter_v0153.dat|19871409|93474AE3F1D3A0A7C4EEC7E52A146721|/
- __________________________________________________________
- * Other Gecko browsers - this means it may also work with:
- Airfox, Beonex Communicator, Camino, Comodo IceDragon, Conkeror, Classilla, Firefox for Android, Flock, Galeon, Ghostzilla, HP Secure Web Browser, IceCat (GNU IceWeasel), K-Meleon, Kazehakase, Kirix Strata, Lotus Symphony, Lunascape, MicroB, Minimo, Netscape 6, Nightingale, Oxygen, Pale Moon, Portable FireFox, SeaMonkey, Swiftfox, Swiftweasel, Sylera (for mobile), TenFourFox, Timberwolf (AmigaOS 4), Tor Browser, Waterfox, xB Browser
- https://en.wikipedia.org/wiki/Gecko_(software)
- Any suggestions are welcomed.
- Source:
- https://beamstat.com/chan/privacy
- https://beamstat.com/chan/Crypto-Anarchist%20Federation
- (Bitmessage channel)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement