ro0ted

This article by ro0ted is a follow-up to his post of yesterday on the best secure VPN. And yes, it’s well above the pay grade of most of our readers (and staff) but this is a true hacker’s approach. We thought you’d like to see it anyway.

This isn’t a tutorial. These are merely brief guidelines. Now I didn’t post A-Z (meaning all guidelines), just the ones people forget about.

1. Location

Pick a host & offshore VPS in another country that isn’t allies with your country.

Example: You live in the US, so pick Russia for hosting and VPS’s. The US has zero jurisdiction in Russia which is why Snowden was safe in the Moscow airport. That’s not the USA’s territory. They aren’t going to sanction a country over 1 l’il hacker.

2. Home Router

Go to your home router and change the default DNS to a country that’s also not an ally, as stated above. Don’t just pick one; pick like 20. That way your DNS will always rotate.

Alternate DNS Addresses: http://wiki.opennicproject.org/Tier2

3.) VPS IP Address Spoofing

Get a script that allows you to spoof your VPS addresses to any address you pick. The best address to spoof your VPS IP to is the governments IP’s. Why? They will have no clue who they are going after. [editor’s note: also lulz]

Government IP Addresses: https://usahitman.com/magipa/

4.) SOCK5

Get a huge list of private sock5s, meaning you have to pay for them. You don’t want anyone else having these. This will come in handy when your VPN daemon such as openvpn crashes; your real IP won’t show. Instead the SOCK5’s will show.

5.) Automatic 1 minute Rotation

Chain your VPNs. Make a script that allows you rotate them every minute.

6.) Mac Rotation

You want to change your Mac Address to at least 300 fake Mac Addresses every minute, as your real Mac Address is floating around in packets.

7.) Sniffjoke – transparent TCP connection scrambler

Install Sniffjoke on your PC & on your VPSs. This way no packets get read.

About Sniffjoke: http://www.chmag.in/article/aug2011/sniffjoke-%E2%80%93-defeating-interception-framework

Github: https://github.com/vecna/sniffjoke

8.) Honeypot

Setup honeypots on each VPS. These will stop hackers and it will also expose who the attackers are. Since it’s the government you are worried about, you want to pay for a good high-interaction honeypot.

9.) BIG-IP ASM Firewall

Install BIG-IP ASM Firewall to your VPS’s so now they are protected against zero days, DDoS bulletproof, OWASP threats, and automated bot attacks, It can detect, identify, and stop the attacks before the attack even reaches your servers. It is excellent botnet detection and web scraping protection.

BIG IP ASM About: https://f5.com/products/modules/application-security-manager

90 Day Free Trial: https://f5.com/products/trials/product-trials

Video:

Just my two cents.

Categories: Anonymous, Communication, Crypto, Cyber, FBI, Hackers, Hacktivism, NSA, Privacy, ro0ted, Security, Surveillance, Technology, VPN