Ultimate Guide for Anonymous and Secure Internet Usage.pdf

8/10/2019 Ultimate Guide for Anonymous and Secure Internet Usage.pdf

1/32

The Ultimate Guide for Anonymous and Secure Internet Usage v1.0.1

Table of Contents:

1. Obtaining Tor Browser

2. Using and Testing Tor Browser for the first time

3. Securing Your Hard Drive4. Setting up TrueCrypt, ncrypted Hidden !o"umes

5. Testing TrueCrypt !o"umes

6. Securing your Hard Dis#

7. Temporari"y Securing Your Dis#, Shredding $ree Space

8. %nsta""ing !irtua"Bo&

9. %nsta""ing a $irewa""

10. $irewa"" Configuration11. %nsta""ing Ubuntu

12. Ubuntu %nitia" Setup

13. %nsta""ing 'uest (dditions14. %nsta""ing %)C *Optiona"+

15. %nsta""ing Torchat *Optiona"+

16. Creating TO)On"y %nternet nvironment17. 'enera" Dai"y Usage

By the time you are finished reading and implementing this guide, you will be able to securely andanonymously browse any website and to do so anonymously. No one not even your IS or a governmentagent will be able to see what you are doing online. If privacy and anonymity is important to you, then youowe it to yourself to follow the instructions that are presented here.

In order to prepare this guide for you, I have used a computer that is running !indows "ista. This guidewill wor# e$ually well for other versions of !indows. If you use a different operating system, you may needto have someone fluent in that operating system guide you through this process. %owever, most parts of theprocess are easily duplicated in other operating systems.

I have written this guide to be as newbie friendly as possible. &very step is fully detailed and e'plained. Ihave tried to #eep instructions e'plicit as possible. This way, so long as you patiently follow each step, you

will be (ust fine.

In this guide from time to time you will be instructed to go to certain )*+s to download files. ou do N-Tneed T-* to get these files, and using T-* while possible/ will ma#e these downloads very slow.

This guide may appear overwhelming. &very single step is e'plained thoroughly and it is (ust a matter offollowing along until you are done. -nce you are finished, you will have a very secure setup and it will be

well worth the effort. &ven though the guide appears huge, this whole process should ta#e at the most a fewhours. ou can finish it in phases over the course of several days.

It is highly recommended that you close 01++0 applications running on your computer before starting.

Share by-aster.irate2
http://www.cyberguerrilla.org/?p=3322&page=2http://www.cyberguerrilla.org/?p=3322&page=3http://www.cyberguerrilla.org/?p=3322&page=4http://www.cyberguerrilla.org/?p=3322&page=5http://www.cyberguerrilla.org/?p=3322&page=6http://www.cyberguerrilla.org/?p=3322&page=7http://www.cyberguerrilla.org/?p=3322&page=8http://www.cyberguerrilla.org/?p=3322&page=9http://www.cyberguerrilla.org/?p=3322&page=10http://www.cyberguerrilla.org/?p=3322&page=11http://www.cyberguerrilla.org/?p=3322&page=12http://www.cyberguerrilla.org/?p=3322&page=13http://www.cyberguerrilla.org/?p=3322&page=14http://www.cyberguerrilla.org/?p=3322&page=15http://www.cyberguerrilla.org/?p=3322&page=16http://www.cyberguerrilla.org/?p=3322&page=17http://www.cyberguerrilla.org/?p=3322&page=18https://twitter.com/#!/Pirata13https://twitter.com/#!/Pirata13http://www.cyberguerrilla.org/?p=3322&page=3http://www.cyberguerrilla.org/?p=3322&page=4http://www.cyberguerrilla.org/?p=3322&page=5http://www.cyberguerrilla.org/?p=3322&page=6http://www.cyberguerrilla.org/?p=3322&page=7http://www.cyberguerrilla.org/?p=3322&page=8http://www.cyberguerrilla.org/?p=3322&page=9http://www.cyberguerrilla.org/?p=3322&page=10http://www.cyberguerrilla.org/?p=3322&page=11http://www.cyberguerrilla.org/?p=3322&page=12http://www.cyberguerrilla.org/?p=3322&page=13http://www.cyberguerrilla.org/?p=3322&page=14http://www.cyberguerrilla.org/?p=3322&page=15http://www.cyberguerrilla.org/?p=3322&page=16http://www.cyberguerrilla.org/?p=3322&page=17http://www.cyberguerrilla.org/?p=3322&page=18https://twitter.com/#!/Pirata13http://www.cyberguerrilla.org/?p=3322&page=2


2/32

/// 0 1 Obtaining Tor Browser ///The first step to becoming secure and anonymous online is to setup and install something called 3T-*4.3T-*4 is short for 3The -nion *outer4. The concepts behind T-* were first implemented by the )nitedStates 5ilitary, and these principles have been used to create an e'tremely secure mechanism for beinganonymous online. In fact, millions of people world6wide use T-* to browse the internet and communicateanonymously.

T-* wor#s by heavily encrypting your communications so that no observer can see what website you arereally going to, and what information is really being sent. It all appears as a bunch of random characters toany observer. ou simply use the T-* web browser (ust as you use any other web browser. T-* ta#es careof the rest.

%owever, T-* by itself is not enough. &ven when using T-*, a user can be compromised in a number ofways. 7irst, some websites can be set up to attempt to reveal someone8s true I address their true identity/by tric#ing their web browser or other software to transmitting that information. 7or this reason, anyonewho uses T-* will recommend that no one have (avascript or flash turned on while browsing T-*. In thisguide however, I will show you a much better solution.

The second issue is that of human error. &ven if you have T-* installed, you may accidentally forget whichbrowser to put in a lin#. ou may also accidentally clic# on a lin# from another program, such as a chatprogram. That program might then load the lin# you clic#ed on into a non6T-* browser. !hen you areusing T-*, you must be careful 0constantly0 that every lin# goes into the right browser, and that you do notaccidentally clic# the wrong lin#.

So then, let8s begin. -btaining the T-* Browser is easy. Simply go to the following website:

http122www3torpro4ect3org

-nce here, you may feel free to read more about what T-* is and how it wor#s, or you may proceed toimmediately download T-*.

%ere is how to do so:

1. Clic# on 39ownload T-*4, or 39ownload4.

2. ou will see te't that says, 3The Tor Browser Bundle contains everything you need ;uste'tract it and run. +earn more .=?@en6)S.e'e It is -A if the number isnot e'actly =.>.=?, there are new versions of Tor from time to time. 1t the time that this guide

was written, =.>.=? was most current. By the time you are reading this, a more current versionof T-* may e'ist..*un this file..ou will be prompted to e'tract this to a directory. By default, it will be set toC:D)sersDouD9ownloads This is perfectly -A. ou can also choose a different directory if you

wish.

8. Clic# 3&'tract4

That8s it. T-* Browser is N-! installed. Time to test it outE

Ne't F : )sing and Testing Tor Browser for the first time GGG
http://www.torproject.org/http://www.torproject.org/


3/32

/// 5 1 Using and Testing Tor Browser for the firsttime ///Now you have successfully downloaded and installed the Tor !eb Browser Bundle. ou are no doubtan'ious to begin using it. 7irst, clic# on the 3start4 menu icon, the icon in the lower left of your screen withthe windows logo. -n the top right will be a listing that says 3ou4, 39ocuments4, 3ictures4, 35usic43ou4 of course will be replaced by your user name. Clic# on 3ou4, the top most lin#. This will open up

your main user folder.

Now, locate the folder called 39ownloads4 and double clic# on it.

Now, inside the 39ownloads4 folder, double clic# on the folder called 3Tor Browser4.

+astly, double clic# on the application: 3Start Tor Browser4

!hen you do, you will see the "idalia Control anel appear, and you will observe as you connect to the T-*networ#. !hen this is complete, your web browser will open up and will automatically connect to the webaddress: chec#.torpro(ect.org

This is to confirm that you are in fact using T-*. If you have followed this guide correctly, then you will seethe following green te't, or something similar:

Congratulations. our browser is configured to use Tor.4

Now you can use this web browser the same as any other. ou can go to any website you wish, and neitheryour IS or anyone else will be able to see where you are going, or what you are doing. %owever, there arestill issues that need to be resolved, so don8t begin browsing (ust yet.

000000000000000000000000000000000000066666 %-.O)T(7T S($TY 7OT 666660000000000000000000000000000000000000If you fill out a form containing your email address, your name, or any other sensitive information whileusing the T-* browser, be aware that sometimes it is possible for an observer to see that information.

!hen using T-*, use it to access websites and content that you are 0not0 connected to via your realidentity or any user name or nic# name which lin#s to your real identity. +et T-* be for anonymous

browsing solely. 9o your online ban#ing, or any other activities involving your real identity using yournormal web browser.000000000000000000000000000000000000

Ne't: > : Securing our %ard 9rive GGG


4/32

/// 8 1 Securing Your Hard Drive ///Being able to browse anonymously is one thing. %owever, you may choose to download and save sensitivecontent or material to your computer which you wish to #eep private. This may include reading sensitivedocuments, viewing pictures, or storing any #ind of sensitive data.

If you save 0anything0 to your computer8s hard drive, then it is possible for someone who has confiscated

your computer to determine what it was you saved. This is often true even if you delete the content. 7ore'ample, suppose I use the Tor Browser and I navigate to a website containing a sensitive document that I

wish to read. If I saved that document somewhere on my hard drive, then it is possible for someone else tofind it. If I 0delete0 that document, it may still be possible for someone to retrieve it.

7urther, even if I never save it to my hard drive but I simply loo# at it using my word processing software, itmay still be saved in a number of ways including:

=. -ften programs #eep records of file names. The file name alone is often enough to incriminate someone.

F. -ften programs #eep parts of the content viewed saved for various reasons, such as for searching. Thiscan include random e'cerpts of te't, thumbnails of images, and more. -ften this 3partial4 data is more thanenough to prove what the original data was. -ften the 3partial4 data is itself incriminating.

>. Sometimes, especially if you are running low on system memory, your operating system may choose touse your hard6dis# as a temporary *15. This is #nown as 3S!14. Normally, whenever you turn off yourcomputer, whatever was in *15 is deleted. %owever, the data that goes to your S!1 may persist and itmay be possible for someone to see what content you had open in your programs if that information issaved in *15.

Henerally spea#ing, you 0must0 have a plan to secure any content that is saved to your hard dis#. Therefore,this guide would be incomplete if we did not thoroughly address this. 7irst, there are two #inds of suchcontent:

=. 9eliberately saved content.F. Inadvertently saved content.

9eliberately saved content refers to content that you have chosen to save on your hard dis# so that you canaccess this content later. !e will

address how to do this later in the guide.

Inadvertently saved content refers to content that is saved by programs you use, or your operating system.ou have no way to even #now what this content might be. Therefore, this is the most dangerous. ou maybrowse and find a doen sensitive documents, utterly delete them, and some program may have saved thefile names and e'cerpts of the data. This will render your previous efforts futile.

Content that is inadvertently saved to your hard dis# comes in two flavors:

=. Content that is saved to your S!1 space.

F. Content that is saved by applications running on your computer, including your operating system.

The surest way to prevent content from writing to your S!1 space is to disable your S!1 spacealtogether. This may result in your computer

running a bit slower than normal, and may mean that you cannot use ram intensive games and applicationsduring the time your S!1 is disabled.

Therefore, if you use this method, simply turn bac# on the S!1 when you want to use those ram intensiveapplications. 1lso, you may choose notto ta#e this step.

= J %ere is how to disable your swap space if you are using !indows :

000 19"1NC&9 INST*)CTI-NS B&+-!. SAI T%IS I7 -) 1*& N-"IC& -* )NC-57-*T1B+&!IT% T%IS -&*1TI-N 000


5/32

0This step is recommended for advanced users only. If you are not comfortable doing this, you may safelys#ip this step.0

Instructions are less verbose than usual, as these steps are intended for advanced users only. If you do notfully understand these instructions, s#ip this step.

=.7rom Control anel, go to 3System and Security4.F.Clic# on 3System4, and then choose 31dvanced system settings4 in the left6most menu.>.)nder the 31dvanced4 tab, under 3erformance4, clic# 3Settings4.K.)nder this 31dvanced4 tab, under 3"irtual 5emory4, clic# 3Change4.L.)nchec# 31utomatically manage paging file sies for all drives4..Select 3No paging file4..Save, reboot, and follow these same first L steps to confirm that 3No paging file4 is stillselected. This means that you have successfully disabled your swap. This means that0nothing0 from *15 will be inadvertently saved to your hard drive

To resume using S!1 again, simply clic# 31utomatically manage paging file sie for all drives.4 ou canswitch between these two modes as you desire.

Henerally spea#ing, your computer will run fine without a swap file, provided you have enough *15.

000 &N9 -7 19"1NC&9 INST*)CTI-NS 000

The ne't issue we need to address is how to prevent applications andMor your operating system from savingcontent inadvertently that you do not wantsaved. 7or this, we are going to set up a 3"irtual 5achine4.

1 3"irtual 5achine4 is li#e a computer inside of your computer. &verything you do inside the "irtual5achine vm for short/ will be fully contained withinitself and no one will be able to see what the vm has been doing. Ideally, you want 01++0 of your sensitivecomputer usage of any #ind, T-* or N-N T-*, to ta#e place within a vm. In this way, you can #eepeverything private that you wish while still using your computer fully and getting the most out of it.

9on8t be afraid of this sounds complicated. This guide will ta#e you through every step slowly andmethodically. Before we can set up a vm however, we need to ta#e another step.

Ne't: K : Setting up TrueCrypt, &ncrypted %idden "olumes GG


6/32

/// 9 1 Setting up TrueCrypt, ncrypted Hidden!o"umes ///If you save anything on your computer, it is li#ely that you do not want (ust anyone to be able to see what

you have saved. ou want a way to protect thatinformation so that you can access it, and absolutely no one else e'cept those you trust. Therefore, it ma#essense to set up a system which protects your information and safeguards it against prying eyes.

The best such system for this is called 3True Crypt4. 3True Crypt4 is an encryption software program whichallows you to store many files and directories inside of a single file on your hard drive 7urther, this file isencrypted and no one can actually see what you have saved there unless they #now your password.

This sounds e'tremely high tech, but it is actually very easy to set up. !e are going to do so, right now:

=. Ho tohttp122www3truecrypt3org2down"oadsor go tohttp122www3truecrypt3organd clic# on39ownloads4/

F. )nder 3+atest Stable "ersion4, under 3!indows M"istaMMFOOOP, clic# 39ownload4

>. The file will be called 3True Crypt Setup .Oa.e'e4 or something similar. *un this file.

K. If prompted that a program needs your permission to continue, clic# 3Continue4.

L. Chec# 3I accept and agree to be bound by these license terms4

. Clic# 31ccept4

. &nsure that 3Install4 is selected, and clic# 3Ne't4

?. clic# 3Install4

Q. ou will see a dialog stating 3TrueCrypt has been successfully installed.4 Clic# 3-A4

=O. Clic# 3No4 when as#ed if you wish to view the tutorialMuser8s guide.

==. Clic# 37inish4

1t this point, TrueCrypt is now installed. Now we will set up Truecrypt so that we can begin using it to storesensitive information.

=. Clic# the 3!indows +ogo4M4Start4 button on the lower left corner of your screen.F. Clic# 31ll rograms4>. Clic# 3TrueCrypt4K. Clic# the 3TrueCrypt4 application

1nd now we can begin:

=. clic# the button 3Create "olume4F. &nsuring that 3Create an encrypted file container4 is selected, clic# 3Ne't4>. Select 3%idden TrueCrypt volume4 and clic# 3Ne't4.K. &nsuring that 3Normal mode4 is selected, clic# 3Ne't4L. Clic# on 3Select 7ile4

Note which directory you are in on your computer. +oo# at the top of the dialog that has opened and youwill see the path you are in, most li#ely the home directory for your user name. 1n input bo' is providedwith a flashing cursor as#ing you to type in a file name. %ere, you will type in the following file name:

random.t't
http://www.truecrypt.org/downloadshttp://www.truecrypt.org/downloadshttp://www.truecrypt.org/http://www.truecrypt.org/http://www.truecrypt.org/downloadshttp://www.truecrypt.org/


7/32

ou may of course replace random.t't with anything you li#e. This file is going to be created and will beused to store many other files inside.9o N-T use a file name for a file that already e'ists. The idea here is that you are creating an entirely newfile.

It is also recommended though not re$uired that you 3hide4 this file somewhere less obvious. If it is in yourhome directory, then someone who hasaccess to your computer may find it easier. ou can also choose to put this file on any other media, it

doesn8t have to be your hard dis#. ou could for e'ample save your Truecrypt file to a usb flash drive, an S9card, or some other media. It is up to you.

. -nce you have typed in the file name, clic# 3Save4. 5a#e sure 3Never save history4 is chec#ed.?. Clic# 3Ne't4Q. -n the 3-uter "olume4 screen, clic# 3Ne't4 again.=O. The default &ncryption 1lgorithm and %ash 1lgorithm are fine. Clic# 3Ne't4==. Choose a file sie.

In order to benefit the most from this guide, you should have at least =O gigabytes of free dis# space. If not,then it is worth it for you to purchasesome form of media such as a removable hard drive, a large S9 card, etc./ in order to proceed. TrueCryptcan be used on all forms of digital media not (ust your hard dis#. If you choose to proceed without obtaining

at least ten gigabytes of dis# space, then select a sie that you are comfortable withsuch as =OO 5B/.

Ideally, you want to choose enough space to wor# with. I recommend FO HB at least. *emember that if youdo need more space later, you can always create additional TrueCrypt volumes using e'actly these samesteps.

=F. Now you are prompted for a password. T%IS IS "&* I5-*T1NT. *&19 T%IS C1*&7)++

666 )(D TH%S SCT%O7 C()$U::Y 666

666 The password you choose here is a decoy password3 That means, this is the password youwou"d give to someone under duress3 Suppose that someone suspects 666 that you wereaccessing sensitive information and they threaten to beat you or worse if you do not revea"the password3 TH%S is the password that you 666 give to them3 ;hen you give someone thispassword, it wi"" be near"y impossib"e for them to prove that it is not the )%'HT password3$urther, they cannot 666 even #now that there is a second password3

%ere are some tips for your password:

1. Choose a password you will N&"&* forget. It may be ten years from now that you need it. 5a#e itsimple, li#e your birthday repeated three times.B. 5a#e sure it seems reasonable, that it appears to be a real password. If the password is something stupidli#e 3=F>P then they may not believe you.C. *emember that this is a password that you would give to someone if forced. It is 0N-T0 your actualpassword.9. 9o not ma#e this password too similar to what you plan to really use. ou do not want someone to guess

your main password from this one.

1nd with all of this in mind, choose your password. !hen you have typed it in twice, clic# 3Ne't4.

=>. 3+arge 7iles4, here you are as#ed whether or not you plan to store files larger than K HIH1BT&S.Choose 3No4 and clic# 3Ne't4

=K. 3-uter "olume 7ormat4, here you will notice some random numbers and letters ne't to where it says3*andom ool4. Ho ahead and move your mouse around for a bit. This will increase the randomness andgive you better encryption. 1fter about ten seconds of this, clic# 37ormat4.

=L. 9epending on the file sie you selected, it will ta#e some time to finish formatting.


8/32

=. 3-uter "olume Contents4, clic# on the button called, 3-pen -uter "olume4

1n empty folder has opened up. This is empty because you have yet to put any files into your Truecryptvolume.

666 666 DO 7OT .UT (7Y S7S%T%! CO7T7T H) 666 666

This is the 39ecoy4. This is what someone would see if you gave them the password you used in the previousstep. This is N-T where you are going to store your sensitive data. If you have been forced into a situation

where you had to reveal your password to some individual, then that individual will see whatever is in thisfolder. ou need to have data in this folder that appears to be sensitive enough to be protected by Truecryptin order to fool them. %ere are some important tips to #eep in mind:

1. 9o N-T use porn. 1dult models can sometimes appear to be underage, and this can cause you toincriminate yourself unintentionally.B. 9o N-T use drawingsMrenderings Mwritings of porn. In many (urisdictions, these are (ust as illegal asphotographs.C. Hood choices for what to put here include: bac#ups of documents, emails, financial documents, etc.9. -nce you have placed files into this folder, 0N&"&*0 place any more files in the future. 9oing so maydamage your hidden content.

Henerally, you want to store innocent data where some individual loo#ing at it would find no cause againstyou, and yet at the same time they would understand why you used TrueCrypt to secure that data.

Now, go ahead and find files and store them in this folder. Be sure that you leave at least ten gigabytes free.The more the better.

!hen you are all done copying files into this folder, close the folder by clic#ing the 3'4 in the top rightcorner.

=. clic# 3Ne't4

=?. If prompted that 31 program needs your permission to continue4, clic# 3Continue4=Q. 3%idden "olume4, clic# 3Ne't4FO. The default encryption and hash algorithms are fine, clic# 3Ne't4F=. 3%idden "olume Sie4, the ma'imum available space is indicated in bold below the te't bo'. *ounddown to the nearest full unit. 7or e'ample, if =Q.Q HB is available, select =Q HB. If =F.O HB are available,select == HB.FF. If a warning dialog comes up, as#ing 31re you sure you wish to continue4, select 3es4F>. 3%idden "olume assword4

666 %-.O)T(7T )(D TH%S 666%ere you are going to select the )(: password . This is the password you will N&"&* reveal to 1N-N&else under any circumstances. -nly you will #now it. No one will be able to figure it out or even #now thatthere is a second password. Be aware that an individual intent on obtaining your sensitive information maylie to you and claim to be able to figure this out. They cannot.

It is %IH%+ recommended that you choose a K character password here. If it is difficult to remember aK character password, choose an ? character password and simply repeat it ? times. 1 date naturally hase'actly ? numbers, and a significant date in your life repeated ? times would do (ust fine.

NOOB asks: What is happening?

!ell N--B, TrueCrypt is creating the file you as#ed it to, such as 3random.t't4. It is building a filesystem contained entirely within that one file. This file system can be used to store files, directories,and more. 7urther, it is encrypting this file system in such a way that without the right password it will

be impossible for anyone to access it. To 0anyone0 other than you, this file will appear to be (ust a

mess of random characters. No one will even #now that it is a Truecrypt volume.


9/32

FK. Type in your password twice, and clic# 3Ne't4FL. 3+arge 7iles4, select 3es4 and clic# 3Ne't4.F. 3%idden "olume 7ormat4, as before move your mouse around for about ten seconds randomly, andthen clic# 37ormat4.F. If prompted 31 program needs your permission to continue4, select 3Continue4F?. 1 dialog will come up telling you that the hidden TrueCrypt volume has been successfully created. Clic#3-A4FQ. Clic# 3&'it4

CongratulationsE ou have (ust set up an encrypted file container on your hard drive. 1nything you storehere will be inaccessible to anyone e'cept you. 7urther, you have protected this content with T!-passwords. -ne that you will give to someone under threat, and one that only you will #now. Aeep your realpassword well protected and never write it down or give it to anyone else for any reason.

Now, we should test B-T% passwords.


10/32

///


11/32

ou can tell that it is dismounted because the drive letter inside of 3TrueCrypt4Rs control panel will appearthe same as all of the other drive letters, with no information to the right of the drive letter.

ou should practice 5ounting and 9ismounting a few times with both passwords to ma#e sure youunderstand this process.

-nce you have copied filesMfolders into the hidden volume, do 0N-T0 touch the files or folders in the outervolume anymore. *emember that both volumes occupy the same single file, and therefore changing theouter volume can damage the hidden volume. -nce you have copied filesMfolders into the outer volumeduring the installation process, that is the last time you should do so. 7rom that point forward, use -N+the hidden volume. The outer volume e'ists only as a decoy if you need it.

Ne't:. Securing your 9is# GGG


12/32

/// >3 Securing your Dis# ///This is an involved step which many people may not be able to do right away. If you cannot do this stepimmediately, then see section .

1t this point you should understand how to create and use TrueCrypt hidden volumes in order to safeguardany sensitive information. Therefore, you should 0N-T0 #eep any such sensitive information on your hard

dis#.

1t this stage, there are two possibilities:

=. ou have never had any sensitive information on your hard dis#. In this case, read this section but youcan certainly s#ip it.F. )p until now, you have stored sensitive information on your hard dis#. If so, then you 5)ST read thissection.

If you have ever used this computer to access sensitive information, then all of the security and precautionsin the world are totally useless and futile because all someone has to do is access what is left of thatsensitive information. I cannot stress this enough.

ou can have the most secure TrueCrypt volumes, use T-*, and be the safest most secure user in the world.If you have not made sure that 01++0 remnants of any sensitive information are )TT&*+ *&5-"&9from your hard dis#, then all of that effort is totally pointless. ou 5)ST ta#e these actions to safeguard

your hard dis#, or otherwise you might as well throw away this guide and follow none of the advice herein.

7irst, I understand that it is troublesome to have to re6format a computer, to bac# everything up, andreinstall everything. %owever, if you have ever had sensitive information on your machine, that is what youhave to do. Ta#e the following steps:

=. -btain a removable hard drive or usb flash drive large enough to store anything you need to save.F. Set up a Truecrypt hidden volume on that hard drive big enough to hold all of that information.>. Set up the Truecrypt outer volume as in the previous section. )se the previous section as a guide if youneed to.K. Be sure you the hidden volume will have enough space to store all that you are bac#ing up.L. Copy 1++ data you need to bac# upMsave into that hidden volume.

666 %-.O)T(7T, )(D TH%S 666

. -nce you have copied everything you intend to copy. dismount your hidden volume, reboot yourcomputer, and re6mount your hidden volume to ma#e sure everything is there.. Now it is time to re6format your entire hard drive. *e6install your operating system of choice such as

!indows /, and start with a clean slate.?. -nce you have reinstalled your operating system from scratch, follow sections one through five of thisguide to reach this point, and then proceed.

If you have ever used this system to access sensitive information, then you must assume that thesensitive information or remnants of it can be 0anywhere0 on your hard dis#. Therefore, you need tomove 0&"&*T%INH0 you intend to save into the hidden Truecrypt container. ou do not #now wheresensitive data might be, so you are assuming it can be anywhere. This way you still have 1++ of yourdata and you have lost nothing.

1 good analogy is to'ic waste. ou don8t #now which barrel might contain the to'ic waste, so you treat01++0 the barrels as potentially to'ic. This is thesurest way you can protect yourself.

ou might be saying, 3I have family photos, music, movies that I would have to move to the hidden

volume.4 That is perfectly fine. *emember that you can access that hidden volume (ust as if it was adrive letter. In fact, ideally, 01++0 of the content on your computer assuming you value your privacy/should be protected anyways. ou lose nothing by securing all of that data.


13/32

/// ?3 Temporari"y Securing Your Dis#, Shredding$ree Space ///+i#e the previous section, this section applies -N+ I7 there is some ris# that sensitive data has ever beenstored or accessed on this computer. If you are =OO sure that sensitive information has never beenaccessed using this computer, then you can safely s#ip this and the previous step.

If you are not prepared to ta#e the actions in the previous step yet, then you should follow the steps in thissection until you can. %owever, you 5)ST eventually ta#e the actions in step si' above. 9o not assume youcan findMdelete all sensitive content. +ists of file names, image thumbnails, randomdata, and more 01*&0 sitting on your hard dis#. Someone who #nows how to find it, !I++. That willrender all of your other precautions totally futile.

1s soon as you can, follow the instructions in step si'.

5eanwhile, here is how you can temporarily safeguard yourself until you are able to follow thoseinstructions.

=. Ho through your hard dis# folder by folder, deleting or moving to a Truecrypt hidden volume/ any filesthat you believe are sensitiveMris#y.

F. !hen you are totally sure that you have deleted all such files, go to the following

)*+:http122www3fi"eshredder3org

>. Scroll down and loo# for the button called 39ownload 7ile Shredder4 do N-T clic# any other button,as the page may have ads on it that appear to be download lin#s.

K. Save the file.

L. *un the file, most li#ely titled: file@[email protected]'e

. 3!elcome to the 7ile Shredder Setup !iard4, Clic# 3Ne't4

. Select 3I accept the agreement4 and clic# 3Ne't4

?. It will choose where to install it, clic# 3Ne't4

Q. Clic# 3Ne't4 again when prompted for the Start 5enu folder.

=O. 3Select 1dditional Tas#s4, Clic# 3Ne't4 again

==. Clic# 3Install4

=F. &nsuring that 3+aunch 7ile Shredder4 is chec#ed, clic# 37inish4

=>. ou should now notice that 37ile Shredder4 is running. ou should see the program in your tas# bar.Clic# on it to bring up the control panel if it is not up already.

=K. -n the left is a lin# that says 3Shred 7ree 9is# Space4, clic# it.

=L. Choose the drive letter for your hard dis#, typically C:, as well as any other drives you wish to shred thefree space.

=. under 3Select Secure 1lgorithm4, select 3Secure &rasing 1lgorithm with passes4 and clic# 3Ne't4

=. Clic# 3Start4

This will ta#e some time to finish. -nce you have finished shredding your free dis# space, it will beimpossible or nearly impossible for someone to find one of your deleted files and piece it bac# together tosee what it once was. %owever, this is N-T enough.

Aeep in mind that there may still be records of the file names that were deleted, partial data from thosefiles, image thumbnails, and more that may be enough to incriminate you. This is only a temporary step youhave ta#en, and you absolutely must ta#e the actions in step above in order to be truly safe.

Ne't:?. Installing "irtualBo'
http://www.fileshredder.org/http://www.fileshredder.org/http://www.fileshredder.org/


14/32

/// @3 %nsta""ing !irtua"Bo&1nd now we get to the fun part. !e are going to create a secure environment for you to browse the internetand communicate in a way that is totally anonymous and untraceable. ou will have a setup that is sosecure as to be virtually impossible to brea#.

=. 7irst, go to the following )*+:http122www3virtua"bo&3org

F. Select 39ownloads4 in the menu on the left.>. )nder 3"irtualBo' platform pac#ages4 is 3"irtualBo' K.O.K for !indows %osts4, ne't to that is3'?MamdKP. Clic# that.

K. Save the file. It should be titled similar to: 3"irtualBo'6K.O.K6O==6!in.e'e

L. *un the file.

. 3!elcome to the -racle "5 Setup !iard4, Clic# 3Ne't4

. clic# 3Ne't4

?. Clic# 3Ne't4

Q. 3!arning: Networ# Interfaces4, clic# 3es4 but be aware that your internet connection will betemporarily reset for a few seconds.

=O. Clic# 3Install4

==. 1 dialog saying 31 program needs your permission to continue4 may appear, clic# 3Continue4.

=F. -ne or more dialogs as#ing if you want to install 3device software4 may come up, select 3Install4 eachtime.

=>. -ptionally chec# the bo' 31lways trust software from -racle Corporation.4

=K. 3-racle "5 installation is complete4, Clic# 37inish4 ensuring that 3Start -racle "5 after installation4is chec#ed.

Now we have the software we need in order to set up and run virtual machines. -n your tas# bar to the farright, you should notice "irtualBo' running. Clic# on the 3"irtualBo'4 icon if needed in order to bring the

"irtualBo' control panel into view.Now it is time to set up a virtual machine. 7or this, we need to obtain two files. -perating systems, such as

windows, are typically installed using a C9 or 9"9. ou put the C9 or 9"9 into your computer, you boot itup, and you follow the instructions in order to install the operating system. "irtual machines

wor# similarly. Before we can use a virtual machine, we have to install an operating system on it.

%owever, we are 0N-T0 going to use !indowsE !e are going to use +inu'. 9o not be afraid if you have noe'perience using +inu'. I assure you that this will prove to be painless. !e actually need two different+inu' operating systems in order to have a secure system. Before we go through the steps of setting this up,I want to describe to you what we are doing.

*emember earlier in the guide I e'plained that one of the downsides to using Tor Browser from your maincomputer is that you might accidentally put a lin# into a non6Tor browser. The problem with your computerright now is that you can access tor sites, or non6tor sites e$ually well. That means that you have to bee'tremely careful to ensure that you are using Tor.

1n analogy would be to say that you are typing on a #eyboard with red and green #eys. ou have to becareful to only hit the green #eys. If you accidentally hit a red #ey, then you could compromise your securityand anonymity. That is 0not0 a good position to be in. The purpose of setting up a virtual machine is toma#e certain that you cannot accidentally reveal your identity or compromise your security.

The computer you are using now has two ways of accessing the internet: T-*, and Non6T-*. The virtualmachine we are setting up however will only be able to access the internet using T-*. No other way period.That means that no matter what you do, no matter how hard you try, you will N-T be able to accidentally
http://www.virtualbox.org/http://www.virtualbox.org/http://www.virtualbox.org/


15/32

access any website e'cept through T-*. This 0guarantees0 that whatever you do on that virtual machine isgoing to be through T-*.

So how do we achieve thisU There are a number of ways to do so. The method presented in this guide is notthe only good way, however I do believe that it is both easy to set up and also friendly to users who may nothave a great deal of *15.

7irst, we are going to set up two different virtual machines. -ne of them will e'ist for the sole purpose ofma#ing sure that the other one does not accidentally connect to the internet e'cept through T-*. This

virtual machine re$uires very little. ou will not be using it for anything. It will simply act as a gate#eeper toensure that the other "irtual 5achine is safe.

The second virtual machine will be what you use for internet browsing, chatting, etc. This virtual machinewill be configured in such a way that it can only use T-* and nothing else. The way we will achieve this is toforce this second virtual machine to go through the first virtual machine for all internet connections.

9o not worry if this seems complicated. 1s with the rest of this guide, I am going to wal# you through stepby step e'actly what to do.

7irst, we have to obtain the operating systems we will need. In this case, we are going to use 39amn Small+inu'4 yes that is it8s real name/ for the firewall and we are going to use 3)buntu4 for the main system. Theadvantage to using 39amn Small +inu'4 is that we only need >F 5B of ram and no dis# space to have aneffective firewall.

+et8s set up the firewall first:

Ne't:Q. Installing a 7irewall GGG


16/32

/// A3 %nsta""ing a $irewa"" ///1. 7irst, go to the following )*+: http122www3damnsma"""inu&3orgthree +8s/

F. Scroll down until you see a lin# that says 39ownload4

>. )nder 3Current 7ull 5irror +ist4, clic# any that wor#. Some may not wor# at any given time. If onedoesn8t wor#, simply hit bac# on your browser and try another one.

K. 1t the time of this guide, the following )*+ wor#ed:ftp:MMftp.is.co.aMlinu'MdistributionsMdamnsmallMcurrentM

L. Ho to the 3current4 directory if not already in it.

. Clic# on the file called: dsl6K.K.=O.iso If you cannot find this file, choose the file closet to it. 1 higherversion number is fine. The file will probably be about LO 5B

. The file should ta#e about L6=O minutes to download based on your connection.

1t this point, you should have the file either 3current.iso4 or 3dsl6K.K.=O.iso4 or something similar/ fullydownloaded and saved into your 9ownloads directory.

Now, go ahead and open up "irtualBo' again, most li#ely by clic#ing it on the tas# bar.

?. Clic# 3New4 at the top left, an icon that resembles a many6pointed round star.

Q. 3!elcome to the New "irtual 5achine !iard4, clic# 3Ne't4

=O. 3"5 Name and -S Type4: )nder 3Name4 type in: 7irewall

==. 7or -perating System, choose 3+inu'4

=F. 7or 3"ersion4, choose: 3-ther +inu'4

=>. Clic# 3Ne't4

I7 T%& 1B-"& ST&S !-*A&9 7-* -), SAI T%IS 5INI6S&CTI-N/

If you had trouble with the above steps, read this mini6section/!ith mirrors, it is often the case that a particular mirror site doesn8t wor#. 1t the time of this writing,several mirrors wor#ed. I am providing detailed instructions for each mirror./1bove I have already provided instructions for the mirror/ftp:MMftp.is.co.a

5I**-*:http122gd3tuwien3ac3at2opsys2"inu&2damnsma""Ho to this )*+, and under 3Subdirectories4 clic# on 3current4/ if available, select the file called3current.iso4 provided the file is at least KQ 5B in sie/ If not, then choose the closest file to dsl6K.K.=O.iso, a higher version V is fine.

5I**-*:http122ftp3be"net3be2pac#ages2damnsma"""inu&2

go to 3current4 directory, obtain either 3current.iso4 if KQ 5B or higher/ or find file closest to 3dsl6K.K.=O.iso4/

5I**-*:http122ftp3heanet3ie2mirrors2damnsma"""inu&3org2go to 3current4 directory, obtain either 3current.iso4 if KQ 5B or higher/ or find file closest to 3dsl6K.K.=O.iso4/
http://www.damnsmalllinux.org/http://gd.tuwien.ac.at/opsys/linux/damnsmallhttp://gd.tuwien.ac.at/opsys/linux/damnsmallhttp://ftp.belnet.be/packages/damnsmalllinuxhttp://ftp.belnet.be/packages/damnsmalllinuxhttp://ftp.heanet.ie/mirrors/damnsmalllinux.orghttp://ftp.heanet.ie/mirrors/damnsmalllinux.orghttp://www.damnsmalllinux.org/http://ftp.heanet.ie/mirrors/damnsmalllinux.orghttp://gd.tuwien.ac.at/opsys/linux/damnsmallhttp://ftp.belnet.be/packages/damnsmalllinux


17/32


18/32

/// 03 $irewa"" Configuration ///1t this stage you should be loo#ing at the des#top for 39S+4 9amn Small +inu'/.

I need to tal# about the mouse first. This particular virtual machine as well as your main operating systemwindows/ both want control of your mouse. Both cannot have control of your mouse at the same timehowever. Therefore, you have to choose whether the mouse will be used by your virtual machine, or by

!indows. !hen you clic# into your virtual machine, it has the effect of passing control of the mouse to thevirtual machine. That means you cannot move your mouse cursor past the boundaries of that virtualmachine. In order to give mouse control bac# to windows, enabling you to move your mouse cursoranywhere, simply press the right ctrl #ey on your #eyboard. That is to say, you have two ctrl #eys. -ne onthe left of your #eyboard, and one on the right. ress the ctrl #ey that is on the right of your #eyboard. This

will give mouse control bac# to windows.

ractice this a bit. ractice clic#ing into the window, moving the mouse cursor around, pressing right ctrl,and moving the windows mouse cursor around. Het the feel of it.

ou should see a window that loo#s something li#e a web browser, with some te't in it including wordssuch as 3Hetting Started with 9S+4. 7irst, close that window.

If your mouse is not wor#ing, read this mini6section./

7irst, clic# inside the window that your virtual machine is running in/. Now try moving your mouse cursor.If you do not see the mouse cursor moving around, then press *IH%T CT*+ W I/. Now move your mousecursor again. If you notice that you are moving your 3main4 mouse cursor over the window, but you do notsee the 39S+4 blac# mouse cursor moving, then clic# again into that window. If you do this a few times, youshould notice that the mouse begins to wor#. ou may have to press *IH%T CT*+WI a couple of times toget the mouse to wor#.

=. -nce the mouse is wor#ing inside of your virtual machine, go ahead and close the window entitled3Hetting Started with 9S+4

If you cannot see the full virtual machine window, for e'ample because your screen resolution is set so thatsome of the window goes too low, read this mini6section/.

7irst, press *IH%T CT*+WI until you have your main windows white mouse cursor bac#/. Now, clic# on

35achine4 in the menu at the top of the window.Select 3Switch to Scale 5ode4/

Clic# 3Switch4/

Now you will have converted your firewall window to a smaller sie, and you will be able to resie it. oumay need to press 3right ctrl4 to get a windows mouse cursor which you will need in order to resie this

window/. Now simply resie it to the sie that wor#s for you, and then clic# into the window to be able touse the blac# mouse cursor inside the virtual machine. I recommend you ma'imie this window to ma#esure you can read everything clearly.

F. *ight clic# anywhere on the des#top, go to System a red folder/, go to 9aemons, ssh, and start.

>. *ight clic# again anywhere on the des#top, go to Shells 6< *oot 1ccess 6< Transparent

K. Now you have a window that you can type in. Type e'actly as shown below into this window, and hitenter:

passwd

-nce you type this and hit enter, it will as# you for a password. This is a password for full access to thefirewall. 5a#e it at least ? characters in sie.

66 %-.O)T(7T1 Do not forget your firewa"" password3 You wi"" need it "ater in the guide3 666

!hen you have successfully changed your password, it will say 3assword changed.4

L. Now type e'actly as shown below, into the same window:


19/32

ifconfig eth= =O.O.>.=

. It will not say anything after you hit enter, it will (ust return you bac# to the prompt.

Now our firewall server is ready. !e want to save this state so that we can get bac# to it easy in the future.ress *IH%T CT*+WS

. Now you will be loo#ing at a window that says 3Ta#e Snapshot of "irtual 5achine4. ;ust clic# 3-A4

?. Now, let8s test this out to confirm it wor#s as we e'pect. Ho ahead and close the virtual machine byclic#ing the 34 in the top right corner. 1 menu will come up. Select 4ower off the machine4 and clic# -A.9o N-T chec# the bo' called 3*estore current snapshot4.

1nd now you should be once again at the "irtualBo' manager. ou will see 37irewall Shapshot =/, owered-ff4

Q. 5a#e sure that 37irewall Snapshot =/, owered -ff4 is selected. 1t the top right of your "irtualBo'5anager is a button that says: 3Snapshots =/4. Clic# it.

=O. Clic# on 3Snapshot =P, the top6most selection. This will highlight it.

==. Now right clic# it, and clic# on 3*estore Snapshot4

=F. 1 dialog bo' will come up as#ing if you are sure, clic# 3*estore4

=>. Now clic# the 3Start4 button at the top with the large green arrow.=K. 1ny dialog bo'es that come up with a chec# bo' saying 39o not show this information again4, simplychec# the chec#6bo', and clic# -A. 9o not worry about any of those.

*emember, if you do not have immediate control of the mouse inside the virtual machine, simply press*CT*+WI press right ctrl and 3I4 at the same time/ and clic# into it until you have mouse control.

Now your firewall is good to go. 1ny time you need it, (ust go to the "irtualBo' 5anager and follow steps Qthrough =K above. ou do not have to go through the whole setup process again at any time in the future.

our firewall is ready.

Ne't:==. Installing )buntu GGG


20/32

/// 003 %nsta""ing Ubuntu ///Now we are going to set up the main machine that you will be using T-* with.

=. 7irst, go to this )*+:http122www3ubuntu3com

F. Clic# on the lin# 39ownload )buntu4

>. Clic# 3Start 9ownload4 This download should ta#e =O6=L minutes/

K. The file name is going to be similar to: ubuntu6=O.=O6des#top6i>?.iso

Now we wait

!hile you are waiting for the file to download, go ahead and ma#e sure that your 3hidden volume4 ismounted in TrueCrypt to a particular drive letter. 7or e'ample, -: ou will need that for the ne't step.

L. *eturn to your 3"irtualBo' 5anager4. It doesn8t matter if the firewall is running or not.

. Clic# 3New4 the blue round star6icon in the top left/ again.

. 3!elcome to the New "irtual5achine !iard4, clic# 3Ne't4

?. 3"5 Name and -S Type4, under 3Name4, type 3rimary4

Q. Ne't to 3-perating System4, select 3+inu'4

=O. Ne't to 3"ersion4, select 3)buntu4 and Clic# 3Ne't4

==. 35emory4, by default it selects L=F 5B. This is fine. FL 5B is the 5INI5)5. The more memory youallocate, the better the virtual machine will function. Clic# 3Ne't4

=F. 3"irtual %ard 9is#4, 5a#e sure 3Boot %ard 9is#4 is chec#ed. 5a#e sure 3Create new hard dis#4 isselected. Clic# 3Ne't4

=>. 3!elcome to the Create New "irtual 9is# !iard4, clic# 3Ne't4

=K. 3%ard 9is# Storage Type4, select 37i'ed6sie storage4 and clic# 3Ne't4

=L. 3"irtual 9is# +ocation and Sie4, to the right of the te't bo' containing 3rimary4 is a folder icon. Clic#

the folder icon.=. Now we have to select a file for the new hard dis# image file. -n the bottom of this dialog it says 3Browse7olders4, clic# on that.

=. Now clic# on 3Computer4 in the menu to the left.

=?. Scroll to where you see the drive letter you mounted, and double clic# on it. &': +ocal 9is# -:/

=Q. Now clic# 3Save4

FO. By default ?.OO HB are selected. That is fine. If you have enough space on your hidden volume, increasethis to =O HB. -therwise, ? is fine.

F=. )nder 3+ocation4, it should say -:rimary.vdi where -: is replaced by whatever drive letter youmounted your TrueCrypt hidden volume to.

FF. Clic# 3Ne't4, then clic# 37inish4

Now we wait for "irtualBo' to create the hard drive we as#ed for. This may ta#e a few minutes.

Aeep in mind this entire virtual machine as well as any of its contents are going to reside within the hiddenTruecrypt container. This ensures e'tra security.

F>. !hen this is done, you will see a 3Summary4 window. Clic# 37inish4.

FK. Now, right clic# on 3rimary, owered -ff4 in your 3"irtualBo' 5anager4, and clic# 3Start4

FL. 1gain we are at the 37irst *un !iard4, clic# 3Ne't4
http://www.ubuntu.com/http://www.ubuntu.com/http://www.ubuntu.com/


21/32

F. 3Select Installation 5edia4, under 35edia Source4 is a pull down menu. Clic# the 3folder icon4 to theimmediate right of that drop down menu.

F. +ocate 3ubuntu6=O.=O6des#top6i>?P or the similarly named file/ from your 9ownloads directory, orwherever you saved it. Clic# on it, and clic# 3-pen4

F?. Clic# 3Ne't4

FQ. Clic# 37inish4

Now simply wait. our )buntu virtual machine will be loading up. This may ta#e a few minutes. 9on8tworry if you see all #inds of strange messagesMte't. It is normal.

1fter a few minutes, you should start to see the )buntu des#top load. )nli#e your firewall, you will noticethat you do not have to clic# the mouse inside the window. It automatically happens. This is going to bemuch easier than the 37irewall4 step.

-nce everything has loaded, you will be loo#ing at a window that says 3Install4 with a button that says3Install )buntu4. If you cannot see everything, press *CT*+W7 to go full screen/. ou can return to

windowed mode by *CT*+W7 again. 1ny dialogs can be closed, and you can chec# the bo' that says 39onot show me this again.4

>O. Clic# 3Install )buntu4

>=. Chec# 39ownload updates while installing4>F. Chec# 3Install this third6party software4. Clic# 37orward4

>>. &nsure 3&rase and use entire dis#4 is selected, and clic# 37orward4. *emember, this is N-T tal#ingabout your hard dis#. It is tal#ing about the ?6=O gigabyte virtual dis#.

>K. Clic# 3Install Now4

>L. Now you will be guided through a series of installation related screens. The first screen as#s you toselect your timeoneMtime. Select your choice and clic# 37orward4

>. Now #eyboard layout, again select your choice and clic# 7orward. If you are unsure, leave it as is or clic#37igure out #eyboard layout4

>. 3!ho are youU4 7or 3our name4 type in: mainuser

>?. !hen you type in 3mainuser4 the other bo'es will fill in automatically. Now clic# in the te't bo' ne't to3Choose a password4.

>Q. 9o N-T use the same password as the firewall. Come up with a different password.

KO. &nsure that 3*e$uire my password to log in4 as well as 3&ncrypt my home folder4 are selected andchec#ed and proceed.

Now simply wait until the installation is finished. The installation may ta#e a while, and it may appear tostall at some points. 1s long as the ubuntu mouse cursor shows an animation that is turning around incircles, the installation 0is0 wor#ing. Simply wait until it is done. If after an hour or two the progress barhasn8t moved at all, then go ahead and re6start the installation starting from step FK after closing the

window and powering down the virtual machine/.

9epending on your computer, it could ta#e F6K hours. 5ost li#ely, it will ta#e about an hour. -nce finished,you will see a dialog that says 3Installation Complete4 with a button that says 3*eboot Now4. 9o N-T pressthe 3*eboot Now4 button. Close the R8 on this window, and ower 9own.

K=. Now, right clic# 3rimary4 and go to 3Settings4.

KF. Clic# on 3Storage4 in the left menu. Then clic# on the 3ubuntu6=O.=O .iso4 under where it says 3I9&Controller4

K>. To the right it says 31ttributes4 under that it says 3C9M9"9 9rive : 4 to the immediate right of that isa C9 icon. Clic# it.

KK. Select 3*emove dis# from virtual drive.4


22/32

KL. Clic# 3-A4

K. Now, ma#ing sure that 3rimary4 is highlighted, clic# the 3Start4 button at the top with the large greenarrow.

Now we wait for your newly installed )buntu machine to boot up.

K. 1fter a few minutes, you will see a dialog appear that says 3mainuser6"irtualBo'4. Ho ahead and clic# on3mainuser4 which has the 3person icon4 to the left of it.

K?. Now it will prompt you for your password. &nter the password you used in the installation process.

KQ. 1fter a minute or so, you should hear a nice login sound, and you should be fully logged into yourvirtual machine.

LO. Aeep waiting, and a dialog will appear that says 3Information available4 and 3*ecord your encryptionpassphrase4 Clic# on: 3*un this action now4

L=. Type in the same password you used to log in. 1fter that window closes, clic# 3Close4 in the dialog bo'.

CongratulationsE ou have now set up a virtual machine as well as a firewall to protect it. Now we need tofinish configuring the primary virtual machine.

Ne't:=F. )buntu Initial Setup GGG


23/32

/// 053 Ubuntu %nitia" Setup ///-A, now that we have installed )buntu, we need to set it up so that we can use it fully. This also meansma#ing sure we can see flash on websites such as ouTube.

=. 7irst, we have to install any updates that are pending. 1t the bottom of your screen, you should noticewhere it says 3)pdate 5anager4. Clic# on that.

F. Now, clic# on 3Install )pdates4. If you did not see 3)pdate 5anager4, then s#ip these two steps.

>. 1ny time an administrative tas# is re$uired, you will need to type in your password. This is the samepassword you used to log in.

Now we wait, this is going to download any necessary security updates to ma#e certain we are using themost currentMsecure setup possible. This may re$uire downloading hundreds of megabytes. ;ust go aheadand let it do that, and when everything is downloaded and updated, proceed to the ne't step. !hile you

wait, )buntu may go into screensaver mode. If so, (ust move the mouse and it will as# you for yourpassword. That will leave screensaver mode.

If the updates are more than a hundred megabytes, it will ta#e $uite a while. It may ta#e up to F6> hoursdepending on your computer and internet connection. Nonetheless, this step is critical. 9o not s#ip theupdates. Besides ensuring that your setup will be secure, the updates also ensure that all of the applicationsare up to date and thus most li#ely to function correctly. ;ust go ahead and watch a movie for a couplehours, and then return and chec# on it.

1fter all of the updates have been downloaded and installed, the 3)pdate 5anager4 window will now say3our system is up6to6date4 at the top. 7urther, it will say: 3The computer needs to restart to finishinstalling updates.4. Ho ahead and press the R8 in the top right corner of the window, and choose RSend theshutdown signal4. If prompted, clic# 3Shut 9own4. -nce it has fully shut down, the window will disappearand you will be bac# at the "irtualBo' manager. Ho ahead and right clic# on 3rimary4 and clic# 3Start4.This will restart the virtual machine.

If a virtual machine fails to shutdown after =O minutes or so, then go ahead and close the window again bypressing the R8 but this time choose 3ower down4. If it still will not shut down, then "irtualBo' may havecrashed. If so, (ust follow these instructions:

7ollow the steps in this mini6section if a virtual machine fails to shutdown, or you need to completelycloseMrestart "irtualBo'/.

7irst, press 3CtrlW1ltW9elete4, and then clic# 3Tas# 5anager4/. Ne't, locate the process that is runningthat starts with 3"irtualBo'4. *ight clic# that process, and clic# 3&nd rocess Tree4This should force the window to close/.

Now, restart "irtualBo' by going to your start menu, 1ll rograms, -racle "5 "irtualBo' "irtual Bo'/.

Now you will have the "irtualBo' manager up again. To restart the )buntu machine, simply right clic# on3rimary4 and clic# 3Start4.

-nce your rimary vm has rebooted, you will be again at the login screen. %ere as before, clic# on3mainuser4 and then enter in your password. Now your primary machine is fully up to date. *emember, bepatient. It may ta#e a few minutes before your virtual machine has fully booted. 7irst you will see the

bac#ground image and a mouse cursor that can move around, ne't you should hear the login sound play,and finally you will see the menu at the top and bottom of your virtual machine window. 9epending on thespeed of your computer, this may ta#e =O minutes or more. ;ust be patient. 9on8t worry if your virtualmachine appears to be running too slow, we will speed it up.

Now your "irtual 5achine is set up and ready for use.

Ne't:=>. Installing Huest 1dditions GGG


24/32

/// 083 %nsta""ing 'uest (dditions ///In order to ensure that the "irtual 5achine runs smoothly as possible, we are going to install someadditional software to the virtual machine.

=. Ho to the 39evices4 menu at the top of your virtual machine main window 5achine, 9evices, %elp/, andgo to 3Install Huest 1dditions4

F. Ho to the 3laces4 menu at the top of your virtual machine 1pplications, laces, System/, and clic# on3"[email protected]@O==FP the number may be different/.

>. 1t the top this new window will be the te't 3The media has been determined as 3)NI software4. Clic#on 3-pen 1utorun rompt4

K. 1 new dialog may appear saying 3This medium contains software intended to be automatically started.!ould you li#e to run itU4 Clic# 3*un4

L. &nter your administrative password the one you use to log into )buntu/ and clic# 3-A4

. Now the "irtualBo' Huest 1dditions installer will begin. This may ta#e some time, so (ust rela' and wait.9epending on your computer, this may ta#e >O minutes or more.

. !hen this is finished, you will see the te't 3ress *eturn to close this window.4 Ho ahead and do so.

?. -nce that window has closed, go ahead and press the R8 to close the entire virtual machine window.Select 3Send the shutdown signal4 and clic# 3-A4.

Q. 1 dialog bo' will appear. Clic# on 3Shut 9own4, the top most option.

1t this stage it is a good idea to further optimie our virtual machine. !hen you initially installed it, youmost li#ely selected either FL 5B or L=F 5B of *15. If you have enough *15 to spare, then I highlyrecommend you increase that to at least = HB. %ere is how to do so:

=. 7irst, right clic# on 3rimary, owered off4 and go to Settings.

F. Select 3System4 from the menu on the left.

>. Increase the 3Base 5emory4 to either =OFK 5B = HB/, or some higher value you are comfortable with.

It is also a good idea to increase the video memory available to the virtual machine.

K. Select 39isplay4 from the menu on the left, still inside of 3Settings4

L. Increase the 3"ideo 5emory4 slider to the right as far as you are comfortable with. 7or e'ample, =F? 5B.

. Chec# the bo' 3&nable >9 1cceleration4.

. Now clic# 3-A4 at the bottom.

Ho ahead and start up )buntu again by right clic#ing 3rimary, owered off4 and clic#ing 3Start4

!hen )buntu loads up, go ahead and log in as before using your password. Now wait until )buntu is fullybooted and the 31pplications laces System4 menu is visible.

ou will probably notice that your virtual machine loads up and runs faster than before.

%ow well your virtual machine runs depends on how good your computer is. rimarily, *15 and processorspeed are the most significant factors. If your computer is modern enough, you should be able to use

websites with flash and even watch videos, such as on ouTube, with no problem. If your computer is not asmodern, you will still be able to browse websites but may not be able to watch videos. ou should still beable to use most flash based websites however.

666 %-.O)T(7T1 Do 7OT browse sensitive content YT3 (t this stage, your virtua" machineis not yet configured to use TO)3 666

Ne't:=K. Installing I*C -ptional/ GGG


25/32

/// 093 %nsta""ing %)C *Optiona"+ ///000 This section is entirely optional. If you are not interested in installing I*C, s#ip this section. 000

To install I*C on your new virtual machine, follow these steps:

=. Ho to the 31pplications4 menu, and go to 3)buntu Software Center4

F. Type 3#virc4 in the search bo' field in the top right.

>. !hen the results return, select the one called: 3A9&6based ne't generation I*C client4 or 3A" I*C4.

K. Clic# 3Install4

L. &nter your password when prompted.

. !hile it installs, you will notice a progress bar. This may ta#e a few minutes depending on the speed ofyour internet connection.

. -nce it is finished installing, the progress bar will go away. Ho ahead and close the 3)buntu SoftwareCenter4.

ou are probably used to the closeM minM ma' buttons being on the top right, as is the case in !indows. ouwill find them in the top left instead. If you don8t li#e this, don8t worry. ou can change it later.

Now, let8s go ahead and set up A"Irc.*emember, you are N-T truly anonymous yet.

?. Clic# on 31pplications4 in the top menu.

Q. Ho to 3Internet4

=O. Clic# on 3A"Irc4

==. 3A"Irc Setup4 will appear. Ho ahead and clic# 3Ne't4 to begin.

=F. 3Store Configuration in 7older4, clic# 3Ne't4

=>. 3lease choose a Nic#name4. ou can leave this e'actly as is, or you can choose a Nic# name then clic#3Ne't4.

666 %-.O)T(7T )(D TH%S 666

=K. Now you are as#ed to pic# a theme, select 3No theme4 then clic# 3Ne't4

=L. Now clic# 37inish4 to leave the A"Irc Setup

=. 1 new window will appear having a list of servers, clic# 3Close4

Now let8s connect to the 37reenode4 I*C networ#. By now, you may have many $uestions about how to use)buntu. The Ubuntuchatroom on 7reenode is a great place to start, and where you can as# $uestionsrelated to how to use )buntu and "irtualBo'. lease remember, you are N-T anonymous yet and anything

you say can be matched to your I address. Aeep the conversation related to technical help, or (ust learning)buntu.

9o N-T discuss T-*.9o N-T discuss 1N sensitive material.

*emember, this chatroom consists mostly of people who have set up )buntu for other reasons. Therefore,they will be able to help you configure it, and answer many $uestions about how )buntu wor#s.

9o N-T pic# a nic# name you have ever used before, or a nic# name that can help someone determinewho you are. 1lso, do N-T fill in any other details such as location, age, real name, etc. +eave everythingelse as is.

ou are N-T 1nonymous yet.
http://search.twitter.com/search?q=%23Ubuntuhttp://search.twitter.com/search?q=%23Ubuntuhttp://search.twitter.com/search?q=%23Ubuntu


26/32


27/32

/// 0. 1fter entering your password, you will be at a new prompt which loo#s li#e this:rootXmainuser6"irtualBo':YV

K. Now, either type or copy6paste the below te't into this window and then hit enter:

echo 3deb http:MMdeb.torpro(ect.orgMtorpro(ect.org e'perimental6lucid main4 [ sudo tee 6aMetcMaptMsources.listsudo apt6#ey adv J#eyserver #eyserver.ubuntu.com Jrecv6#eys ??999?Q

L. 1fter you do this, you should see the following at the bottom of your window:

gpg: Total number processed: =gpg: imported: = *S1: =/

. Now, we should be able to install tor. In this same window, type the following commands, one at a time:

apt6get updateapt6get install vidalia privo'y tor

. press and enter when prompted/

Now we need to obtain the Torchat installation file, follow these steps:

?. In 7irefo' on )buntu, go to the following )*+: http122code3goog"e3com2p2torchat

Q. -n the left under where it says 39ownloads4

=O. -ne of the files listed will end in .deb, for e'ample torchat6O.Q.Q.deb. Clic# on that file name.

==. -n the ne't page, again clic# on the file name. This should begin the file download.

=F. By default, )buntu wants to open this file using the 3)buntu Software Center4. This is correct.

Now wait until the file finishes downloading, and then the 3)buntu Software Center4 will appear. 7ollowthese steps:

=. ress 3Install4

F. Type in your password when prompted.

1fter a short wait, Torchat will be installed.

To start Torchat, go to 31pplications4 6< 3Internet4 6< 3Torchat Instant 5essenger4

Ne't:=. Creating T-*6-nly Internet &nvironment GGG
http://code.google.com/p/torchathttp://code.google.com/p/torchat


28/32

/// 0>3 Creating TO)On"y %nternet nvironment///)p until now, we have been using our "irtual 5achine to access the internet directly. This was necessary sothat we could install updates, software, andget a feel for how to use )buntu.

Now it is time to force )buntu to connect to the internet using T-* -nly. 1t the end of this phase, your)buntu virtual machine will be usable as a secure and anonymous T-* based browsing environment. It

will be 0impossible0 for you to access the internet e'cept through T-*, and therefore you can restassured that anything at all you do online through the )buntu virtual machine will be through T-*.

7irst, we need to shut down any running virtual machines. If 3rimary4 is running, clic# the R8 in the topright to close it. Select 3Send shutdown signal4and then select 3Shut 9own4 when prompted. If 37irewall4 is running, go ahead and close it in the same

way, but choose 3ower off4.

1fter a minute or so, you should be bac# to your "irtualBo' 5anager, with neither virtual machine running.

=. *ight clic# on 3rimary, owered -ff4 and go to 3Settings4

F. Select 3Networ#4 from the menu on the left.

>. Ne't to 31ttached to4 is a pull down menu. *ight now it is set to 3N1T4. Choose 3Internal Networ#4 andclic# 3-A4

K. Clic# 37irewall4 to highlight it, and then clic# on 3Snapshots =/4 in the top right.

L. *ight clic# on 3Snapshot =P and then select 3*estore Snapshot4. Select 3*estore4 if prompted.

. *ight clic# 37irewall4 and clic# 3Start4

Now your 7irewall will be resumed e'actly where it had been previously set up. The last command enteredshould still be visible.

Before you proceed, ma#e sure that T-* is running on your main !indows computer. If it is, you will seean 3-nion4 icon visible in your tas# bar. Clic# on that icon and you should see the 3"idalia Control anel4.5a#e sure that it says 3Connected to the T-* Networ#4. If so, you are ready to proceed. If not thenplease see section F : 3)sing and Testing Tor Browser for the first time4 to re6start T-*. -nce T-* isrunning, proceed.

+et8s restart )buntu:

. *ight clic# 3rimary4 and clic# Start. +og in as normal.

?. 1fter fully logged in, open 37irefo'4 by clic#ing the orange 37irefo'4 logo at the top, ne't to 3System4.

Q. Try to go to any website, such ashttp122www3goog"e3com. Try at least >6L different websites. oushould not be able to connect to any of them.

Note: If you attempt to go to websites you have already been to using )buntu, they may appear to loadbecause they are cached.

=O. In 7irefo' on )buntu, go to 3&dit4 and 3references4==. Clic# on the 31dvanced4 icon

=F. Clic# on the 3Networ#4 tab

=>. )nder 3Connection4 it says 3Configure how 7irefo' connects to the internet4. To the right of that is a3Settings4 button. Clic# that button.

=K. Select 35anual pro'y configuration4

=L. Ne't to both 3%TT ro'y4 and 3SS+ ro'y4 type in: =F.O.O.=

=. Set the port to ?==? for both 3%TT ro'y4 and 3SS+ ro'y4
http://www.google.com/http://www.google.com/http://www.google.com/


29/32


30/32

)buntu machine is your main computer. They would be totally unable to compromise your identity basedon this alone.

%owever, #eep the following in mind. If someone were to gain access to your )buntu machine, they!-)+9 be able to see anything you have used it for or any files you have saved. Therefore, I recommendfor the sa#e of absolute security, do not store anything on your )buntu virtual machine that identifies you.This is (ust a precaution. It is virtually impossible that someone would manage to remotely gain access to

your )buntu machine.

Ne't:=. Heneral 9aily )sage GGG


31/32

=== 17. General Daily Usage ===5uch of this guide has involved detailed one6time setup processes. 7rom now on, all you have to do when

you want to use T-* from your )buntu virtual machine is to follow these steps. &very step listed is a stepyou have already done, so feel free to re6visit earlier sections if you need help.

=. Start TrueCrypt, and mount your hidden volume which contains your virtual machine.

F. Start "irtualBo'

>. Start TorBrowser Bundle.

K. Clic# 37irewall4 to highlight it, and then clic# on 3Snapshots =/4 in the top right.

L. *ight clic# on 3Snapshot =P and then select 3*estore Snapshot4. Select 3*estore4 if prompted.

. *ight clic# 37irewall4 and clic# 3Start4

. *ight clic# 3rimary4 and clic# Start. +og in as normal.

?. Ho to 31pplications4 6< 31ccessories4 6< 3Terminal4

Q. Type in: sudo bash and hit enter/

=O. Type in your password if prompted.==. Type in the following commands e'actly as shown below or copy paste them/:

ifconfig ethO =O.O.>.FMetcMinit.dMpolipo stopMetcMinit.dMtor stopMetcMinit.dMprivo'y stop

Note: the last three commands, those beginning with MetcM are only necessary if you installed Torchat/

=F. our terminal window should still be open. Type in the following command e'actly as shown or copypaste it/:

ssh 6N 6+ QOLO:=O.O.F.F:QOLO rootX=O.O.>.=

=>. Type 3yes4 if prompted. !hen prompted for the password, give your 7irewall password. Not your)buntu password.

=K. In your terminal window, go to 37ile4 and 3-pen Tab4.

=L. Now, type e'actly as shown below to open the second tunnel:

ssh 6N 6+ ?==?:=O.O.F.F:?==? rootX=O.O.>.=

=. *eturn to 7irefo'. Ho to the 37ile4 menu and unchec# 3!or# -ffline4 if it is chec#ed.

=. Ho to the )*+:http122chec#3torpro4ect3org

If you see the te't: 3Congratulations. our browser is configured to use Tor4 then you are all setE

&n(oyE

hew, now i have it complete E I admit its $uite e'tensive, not to say enormous, but its the best how6to onanonymity and other safety procedures i have found so far. It secures your sys blac#6hat style\\ :

http122en3wi#ipedia3org2wi#i2B"ac#HatBriefingsfor those of you who don8t #now blac# hat \\/

ou don8t have to do all steps at once. ou can do a little of it every time you have an hour or two to spare. Ithin# for the whole procedure you will need roughly ?6=F hours. I thin# its written in a way everybodyshould be able to follow. If there are still steps unclear (ust as#, i will see if i can help you. BT! this is

written for noobs, but the tips here are interesting for almost everybody.
http://check.torproject.org/http://check.torproject.org/http://en.wikipedia.org/wiki/Black_Hat_Briefingshttp://en.wikipedia.org/wiki/Black_Hat_Briefingshttp://check.torproject.org/http://en.wikipedia.org/wiki/Black_Hat_Briefings


32/32

.S.: -nce you have installed T-* you can get access to T-* hidden services and other interesting deep6web pages. If you want some lin#s for your first steps into this hidden part of the internet (ust as# me. Ifthere is a lot of re$uests i will write an e'tra thread with the most important websites in the deep web. -nething before you get started : most deepweb pages aren8t online FKM. So if you cant reach a certain website

be patient and try again and again till you get access. 1nother thing : you will find websites that are prettyshoc#ing and disturbing. In QQ.L you will see beforehand what you find on those sites, so if you don8t wantto see certain things don8t #lic# on the lin#s.

Now that you have a really secure system, you should #now what to do when the shit hits the fan and youare arrested or your home gets searched. our system is secured in a way they cant brea#, so the only thingthat can incriminate you now is your testimony.

These FouTube videosare F lectures on behavior towards the police in such situations. art one is doneby a criminal defense attorney, part F by a very e'perienced police officer. They both tell you about thetric#s the police uses and how you should react

tldr: say nothing and as# for a "awyer, (:;(YS Eou cannot improve your situation with anythingyou say this is counter6intuitive, but the attorney here has in his whole career N&"&* heard of single casewhere a suspect could help his case by tal#ing to the police, but he could name many cases where they madematters way worse/ but you can ma#e it a lot worse, so shut the hell up and wait for your lawyer.

&ven him being a defense lawyer wouldn8t tal# to the police under any circumstances. ou can tell yourstory before court 1N9 N&"&*, )N9&* N- CI*C)5ST1NC&S, B&7-*& T%1T E &ven the cop in lectureF says N&"&* T1+A T- T%& -+IC& EEEEE

T%& &N9

PS: thx Master Pirate for putting this guie together. an fu!" the po#i!e. an fu!" !apita#is$.

%&
http://www.youtube.com/watch?feature=player_embedded&v=6wXkI4t7nuchttp://www.youtube.com/watch?feature=player_embedded&v=6wXkI4t7nuchttp://www.youtube.com/watch?feature=player_embedded&v=08fZQWjDVKEhttp://www.youtube.com/watch?feature=player_embedded&v=6wXkI4t7nuchttp://www.youtube.com/watch?feature=player_embedded&v=08fZQWjDVKE

Ultimate Guide for Anonymous and Secure Internet Usage.pdf

Documents

Transcript of Ultimate Guide for Anonymous and Secure Internet Usage.pdf