This article by ro0ted is a follow-up to his post of yesterday on the best secure VPN. And yes, it’s well above the pay grade of most of our readers (and staff) but this is a true hacker’s approach. We thought you’d like to see it anyway.
This isn’t a tutorial. These are merely brief guidelines. Now I didn’t post A-Z (meaning all guidelines), just the ones people forget about.
Pick a host & offshore VPS in another country that isn’t allies with your country.
Example: You live in the US, so pick Russia for hosting and VPS’s. The US has zero jurisdiction in Russia which is why Snowden was safe in the Moscow airport. That’s not the USA’s territory. They aren’t going to sanction a country over 1 l’il hacker.
2. Home Router
Go to your home router and change the default DNS to a country that’s also not an ally, as stated above. Don’t just pick one; pick like 20. That way your DNS will always rotate.
Alternate DNS Addresses: http://wiki.opennicproject.org/Tier2
3.) VPS IP Address Spoofing
Get a script that allows you to spoof your VPS addresses to any address you pick. The best address to spoof your VPS IP to is the governments IP’s. Why? They will have no clue who they are going after. [editor’s note: also lulz]
Government IP Addresses: https://usahitman.com/magipa/
Get a huge list of private sock5s, meaning you have to pay for them. You don’t want anyone else having these. This will come in handy when your VPN daemon such as openvpn crashes; your real IP won’t show. Instead the SOCK5’s will show.
5.) Automatic 1 minute Rotation
Chain your VPNs. Make a script that allows you rotate them every minute.
6.) Mac Rotation
You want to change your Mac Address to at least 300 fake Mac Addresses every minute, as your real Mac Address is floating around in packets.
7.) Sniffjoke – transparent TCP connection scrambler
Install Sniffjoke on your PC & on your VPSs. This way no packets get read.
Setup honeypots on each VPS. These will stop hackers and it will also expose who the attackers are. Since it’s the government you are worried about, you want to pay for a good high-interaction honeypot.
9.) BIG-IP ASM Firewall
Install BIG-IP ASM Firewall to your VPS’s so now they are protected against zero days, DDoS bulletproof, OWASP threats, and automated bot attacks, It can detect, identify, and stop the attacks before the attack even reaches your servers. It is excellent botnet detection and web scraping protection.
BIG IP ASM About: https://f5.com/products/modules/application-security-manager
90 Day Free Trial: https://f5.com/products/trials/product-trials
Just my two cents.