Instructables

Automatic Anonymous Wifi

Picture of Automatic Anonymous Wifi
This Instructable will demonstrate a method of automatic wireless anonymity using two security applications.
 
Remove these adsRemove these ads by Signing Up

Step 1: Downloading the applications.

Picture of Downloading the applications.
htw2.png
htw3.png
The two applications we will be using are called MadMACs and TOR.

When a computer connects to a wireless network it usually obtains an IP through a DHCP server, which is basically just a method of providing dynamic IPs so that everyone does not have to sit down and figure out what IP everyone else is using and then manually set one on their own machine. When a request is made to a DHCP server two pieces of information are recorded, your MAC address and your hostname. What MadMACs does is randomize both of these for you automatically every time you boot, or every time you manually tell the software to do so.

Once your computer is connected to the network, randomized or not, most of the traffic leaving your PC is in the clear. So any network admin, or *nix user with free software can eavesdrop on everything you do. TOR solves this problem through a suite of applications that anonymize your connection point and encrypt all your traffic.

So with both pieces of software installed you have hidden your identity from the network, and made all of your traffic unreadable by anyone else on the network you have chosen to connect to.

(Sorry, no how madmacs works, but then its pretty self explanatory)

Step 2: Installing and Configuring MadMACS

Picture of Installing and Configuring MadMACS
madmacs2.jpg
madmacs3.jpg
madmacs4.jpg
madmacs5.jpg
madmacs6.jpg
For the normal user the MadMACS installation is pretty straightforward.
You just click OK or YES for all of the options, making sure you select your wireless card for randomization.

At setup window 5 in the MadMACs program you are given the option of typing in a prefix for the the MAC address randomized. This just identifies the brand of the MAC to the DHCP server, you can find a database of prefixes here

Advanced, paranoid users :

For super paranoid users who rightfully do not trust precompiled code from virtually unknown publishers, the source is provided with the compiled program. I've made an instrutable on how to do this.

The compiler is available from AUTOIT, here. You want version 3.
powerfool3 years ago
About Pidgin....
the Torrify FAQ on https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorifyHOWTO/InstantMessaging specifically says: "Do not use the SOCKS 4 setting; this leaks DNS."

So probably it's not a good idea to go this way.
I'm also looking for how to configure Pidgin with Tor.
RelaxedSoup4 years ago
This will go great with my biquad antenna, now the coffee shops downtown will never know what hit them :P
cirrus20126 years ago
You forgot to mention the FACT that even though TOR dose encrypt all of its traffic from NODE to NODE with a different key between each node IT DOSE NOT HOWEVER ENCRYPT THE DATA ENTERING AND EXITING THE NODES! this being fact you are at the disposal of anyone interested in setting up a node to analyze the traffic. Dan Egerstan demonstrated this publicly just recently even though this has been know for some time, out of pure common sense. to over come this simply encrypt your dam connection on the way in! THIS IS THE ONLY EFFECTIVE AND SAFE WAY TO USE TOR! this info is clearly stated on there main website
tor 'does' encrypt data from the initial service running locally to the first point of entry to the 'mix', you must be confusing this with the exit node sending the request in the native format of the protocol used to make the initial request. ie, tor provides anonymity, not security. If you want security, then make sure that you are using a secure protocol.
The other part of TOR that is being missed here is that no single TOR node can be used to incriminate anyone.  The only node that can decrypt data is  the end node and this node is prevented from knowing the senders identity by the protocol. 

This works because the only information anyone can have is either(not both ever) your IP address(the entry node) or the data(the exit node).  This gives a level of anonymity since someone would have to be able to compormise your start and end node and identify your TOR route.  This is pretty much infeasable(notice I didn't use impossible). 

The tor software also incorporates plugins that prevents software like flash or java from running.  This is designed to prevent that software from embedding identifiable data into packets(mac, ip address, domain info, hardware ids, etc) that could compromise anonymity. 

All in all, if used right, TOR provides an excellent source for anonymous browsing.  In countries like the US this really isn't needed unless you are doing something illegal but some countries have strict censorship and it allows those people to bypass this and experience truth they way they want to see it.  

*It should be noted for perspective that in their country what they are doing is likely considered illegal whether WE think it should be or not.
fafnir665 (author)  cirrus20126 years ago
RE: Read the purpose.
dolcib6 years ago
How about a way to hack into secure networks
thats what im looking for too. all the strong signals are secured, anyone got any tips?
fafnir665 (author)  dolcib6 years ago
That could be a separate instructable, I really just wanted to focus on a simple way to mask yourself on open wifi networks that you might stumble onto.
muzac5 years ago
One thing that can definitely help with the TOR setup complexity is to download TOR Browser, which is a bundle with Vidalia, a pre-configured version of Pidgin (for IMs), and a pre-configured version of Firefox Portable. It doesn't interfere with current installations of Firefox, and it will automatically open and close Vidalia when you open and close the portable version.

Also, the portable version of Firefox seems to be configured to not log any history, cache, or cookies (it doesn't matter what the settings are set to in it as well).
fafnir665 (author)  muzac5 years ago
Awesome constructive comment. Thanks for the input!
roflwaffle6 years ago
I think changing your network card's MAC addy after boot would be a good idea before connecting to any unknown wifi APs. IIRC privoxy should forward all traffic through tor and will deal w/ DNS requests. Some web browser plugins can also be used to betray your location. Tor isn't perfect, and an attacker wth sufficient resources can demonstrably compromise the network. Tor also publishes a list of their exit nodes IIRC, so someone can just blacklist all of those in order to have users connect through some other method besides tor.
matseng6 years ago
Remember that your DNS requests is not handled by TOR and can be intercepted like any other local traffic. This means that your local sysadmin can still see that you surf to stileporn.com regardless of TOR or not.

Additionally TOR doesn't give encrypted end-to-end connections. As soon as your traffic exits the last point of the links of TOR-machines you are unencrypted on the internet as usual. The guy that runs the end-node can see all your passwords to http-sites and your login/passwords for your mail.

So in some cases you are more secure using your local ISP directly than routing it through the TOR network. I rather trust my local ISP to not listen in to my traffic and using that gained information in a bad way than I trust a random guy that runs a TOR exit node that he might have setup just to sniff peoples passwords.

But if you are only using HTTPS-sites, and you use a mail-client and -server that allows for encrypted logins/passwords you should be safe using TOR.
fafnir665 (author)  matseng6 years ago
Yeah, but the whole idea here is to hide yourself from the random wifi network you connect to on the side of the road, or the wifi youre leeching off the network next door. True at home I don't use any of this, those examples are just for testing. PLUS if you set it up correctly it does handle DNS, and for most people they only have to worry about DNS when browsing online sites, and the TOR button described in step 4 covers this. Here is a relevant quotes : "Using Privoxy is necessary because browsers leak your DNS requests when they use a SOCKS proxy directly, which is bad for your anonymity. Privoxy also removes certain dangerous headers from your web requests, and blocks obnoxious ad sites like Doubleclick." This is the reason we install the whole suite and not just the tor anonymizer. Plus, most websites and programs no longer send their credentials in the clear anymore, the traffic the exit node would be able to sniff would be instant messenger logs and unencrypted web traffic, which is generally inconsequential. But really, all this is beyond the scope of this Instructable, all I was really trying to accomplish is 'automatic anonymous wifi' which is what this provides at your entry point.
Fair enough, I missed the picture with the privoxy - I usually read the text, not look at pictures :-)

But still I think it's important to educate people that TOR is not something that magically encrypts their traffic and makes them 'secure' on the net. Remember what happened to all dos embassies a month ago?

Most websites doesn't have https-pages for logging in. Some, like banks , gmail, hotmial and facebook does, but take intructables.com for instance. No https nor any encryption done in the javascript on the login-page. All info is sent in cleartext. Most "forums" and other lower level membership sites doesn't have any https for login.

And both the mail itself and the authentication credentials are in cleartext 99 times out of 100%.

But, as you said, if this instrucable is "How to leech your neighbours wifi without exposing yourself to him" and you don't care about security then this is a fine instructable.

_soapy_ matseng6 years ago
What happened to all dos embassies a month ago? Were they forced to use a mouse? Windows 3.1?! VISTA!?!?!
matseng _soapy_6 years ago
Nah, they got forced to use DOS 2.11 for the rest of their life. :-) But maybe VISTA would be a more suitable punishment for their stupidity.

Rogue Nodes Turn Tor Into Eavesdropper's Paradise
fafnir665 (author)  matseng6 years ago
Its also worth noting that while someone can sniff an exit node, every new connection uses a new path. So static connections like Aim, or MSN will use the same exit node for the duration of your session, while websites that are not using ajax or the like will use a new exit node for every page viewed.
fafnir665 (author)  matseng6 years ago
True enough. TOR is experimental software that adds a layer of anonymity at least at the entrance node. For web surfing, to insure anonymity at the exit node someone could use sites such as http://www.conceal.ws/ which are supposed to encrypt all traffic between your PC and the site. Or another site similar that you trust. Though, if someone at an exit node was determined enough they could still eavesdrop, it just makes it a bit more difficult.