007 Stealth Browsing with FireFox/Moz

[Nick W]

Okay,

So, i've become a privacy nut in recent months and I thought i'd share a little knowledge for anyone using FF/Moz that doesnt already know this stuff. As far as i've been able to test/see this will make you invisible and untraceable You effectively become a ghost..

There are a couple of reasons you might want to do this:

• SERPS check paranoia
• Inventive marketing
• Competition scoping
• or just that everybody really is out to get you.

If you want complete, total 007 untraceable stealth kung fu browsing then do this:

• Grab FireBird or Mozilla
• Get an account with a decent proxy provider (search for it and click the adwords ads - the free ones are monkey #£@!,) More on proxies in the kung fu link above.
• Set up a profile (tools - profiles - manage profiles and call it kung fu or whatever you want. Switch to that profile.
• Download the exellent Switch Proxy and User Agent Switcher extensions and install them. With the proxy one, i suggest that you use the text file of proxies option, it allows you to specify unlimited amounts of proxies and switch proxy every X seconds. Even better if they come form different countries...
• Then type this in the browser address bar 'about:config' - no quotes - thanks to NFFC for that...
• Find the line 'network.http.sendRefererHeader' and set it to 0 to stop people seeing where you've come from - you might also want to set the 'network.http.sendSecureXSiteReferer' to false. I've no idea what that does but it looks naughty to me..
• Then go to Edit - Prefs - Privacy and disable JS and Cookies
• Go to Edit - Prefs - Advanced and disable Java - if you have java enabled your proxies are useless.

Once you've done all that, you'll need to configure the switch proxy and user agent switcher extensions, they're dead easy, just read the help text...

If anyone can spot somthng i've either left out, or have not thought of, please tell, as far as i can see that will do it but it's amazing what details I can get hold of from a simple php script on my sites, so others can too.

Have fun with all the new toys!

Nick

[Mikkel deMib Svendsen]

If you live in the city you can also just connect from one of the many unsecure wireless networks. Usually there is one close by. Also works for file sharing

[Nacho]

Quote:

Originally Posted by Nick W

total 007 untraceable stealth

For those of us fans, we all know you're talking about the latest from MI6:

right?

[kenpomachine]

You can also set the no referrers or spoof referrer/browser in the prefs, so they don't know which site were you visiting previously.

[Nick W]

Thats actually mentioned in my original post ;-)

Nick

[Mikkel deMib Svendsen]

Quote:

spoof referrer/browser in the prefs

Now we are getting to the fun part!

I admit it, i did visit some of my competitors with a Google referrer showing some pretty obscure searches. Sorry, I couldn't help it. However, this is only funny if you know your target monitor logfiles.

I actually had a tool on my website where you could select user agent, refeers string and target URL and then go there but I moved it to a private area

[Nick W]

Back when i did client work I liked to go download competitors sites with wget -r and UA strings like "Stinky McButt Wipe 2.3".

Juvenile? Certainly. Fun? I thought so... hehe..

Nick

[rcjordan]

I like to use the googlebot UA --lots of interesting stuff out there meant for gbot.

[Nick W]

Do people actually cloak that way? - Sheesh... how dumb can you get?

My mission for sometime has been learning how to spoof IP's to spot cloaked sites but its way more involved than just sending your IP as somthing else... virtually impossible unless you're a real network whizz and have at least 2 seperate IP's...

Nick

[rcjordan]

>Fun? I thought so... hehe..

Yeah, when you know someone reads their logs you can send them some interesting referral strings.

[jesterbr549]

Read this string and just wanted some info if you all can help.

Is it possible for someone to be visiting my website without leaving a trace of their visit at all.

I am not talking about an 'alias' IP address, or even no IP address (I've seen both on the IP tracker I use on my site).

I am talking about NO TRACE - zip, zero, nil, nadda

James Bond my *** - these people make him look like a boy scout (that would be (D) in the original post above for any one that's wondering).

Any comments would be appreciated.

And any advice...

[Nick W]

Welcome to the forums jester..

No, not possible. If you have reasonable tracking software or even just have your apache logs properly configured there is always some 'trace' - even if it's only the 200 /page.html with no images, referer or anything there will always be a record of the get/post request.

If there is no trace, what makes you think anyone is there at all? ..........spooooooooky!

Nick

[jesterbr549]

Cause they are like real bad germs.

You can't see em, but you know they're out there, and you can see the 'effect' of their passing.

Thanks for your help. I am basically computer illiterate so will accept your learned opinion.

But are you totally sure?

If so, then I would have to assume my site is being hacked by professionals...

[Nick W]

>>But are you totally sure?

1000%


>>If so, then I would have to assume my site is being hacked by professionals...

OK, come on, enough with the cloak and dagger crap

Tell us what's happening, let's see if we cant get to the bottom of this mystery

Nick

[jesterbr549]

Your choice of words is right on the money, Nick, and I am quite sure that you all don't want to get involved in this one.

I just needed some professional information from someone who knew what they were talking about.

I already knew they were hacking my site, and as hard as you may find this to believe, I am 95% sure that Total Stealth is possible.

"When nothing fits all the facts, then whatever theory that fits all the facts, no matter how implausible, must be the truth."

One guess where that quote comes from...

[Nick W]

>> I am basically computer illiterate

If thats the case then I have the time, inclination and curiosity to help. Just give the basic outline. Im sure there's a reasonable explanation for whatever you are seeing.

Nick

I've created a pre-built profile for use with Portable Firefox that accomplishes everything listed above and includes a Sample List of anonymous proxies set for 60-second rotation. Feel free to check it out.

http://johnhaller.com/jh/mozilla/por...fox/#anonymous

Hello All,
I feel I'm in WAY over my head here, as I have just recently become extremely interested in internet privacy. However, I've spent the past few days reading up on stuff as much as I could, and playing with the new Portable Firefox with the invisibility profile, with some proxy lists that I made from StayInvisible.com. Anyway, it's been working great, but I have some questions. I'm looking for a good secure email that I can use with Portable Firefox, but in the meantime I have a web based account that requires cookies to access. In the profile that I got the cookies are completely disabled. If I set them to be accepted just from that site, and then deleted when I complete my Firefox session, is it correct that they will only be held in memory and not written anywhere? And also, will that in any way jeapordize my "invisibility" on the net? One thing I was just curious about, my school can track internet activity, using a cache server and some stuff that I don't understand yet, is it likely that Firefox with the SwitchProxy running from the USB drive will be invisible to my school system? And finally, has anybody heard anything about when there might be a Portable Firefox capable of running on Mac as well as Windows? (My school computers are primarily Macs). Anyway, if anybody has any answers, or anywhere that I can go to read up more on internet invisibility, I'd appreciate it a lot, I'd like to learn as much as I can! :-) Thanks!
BassBoost

Quote:

Originally Posted by Bassboost

If I set them to be accepted just from that site, and then deleted when I complete my Firefox session, is it correct that they will only be held in memory and not written anywhere?

Yes, that is correct.

Quote:

Originally Posted by Bassboost

And also, will that in any way jeapordize my "invisibility" on the net? One thing I was just curious about, my school can track internet activity, using a cache server and some stuff that I don't understand yet, is it likely that Firefox with the SwitchProxy running from the USB drive will be invisible to my school system?

Well, they will see all your connections, since it is there network and they know where you're connected from (maybe). Further details would require a network admin's advice.

Quote:

Originally Posted by Bassboost

And finally, has anybody heard anything about when there might be a Portable Firefox capable of running on Mac as well as Windows? (My school computers are primarily Macs).

Well, I just spoke with the Portable Firefox development team... that would be me... and it isn't likely any time soon. Despite numerous calls for Linux and Mac assistance with the project, I've gotten no offers.

Quote:

Originally Posted by CritterNYC

Well, they will see all your connections, since it is there network and they know where you're connected from (maybe). Further details would require a network admin's advice.

Another newbie question, then, if you'll humor me: Will they see "all your connections" to the sites you're visiting (say, Gmail), or only your connections to the Proxy Server. I guess a more basic version of the question is, does this (or any other common) privacy tool shield your privacy primarily against the sites you're visiting, rather than against the network on which you're operating? Being new to this entirely, I thought it was both.