Interesting things to know about.

[Костя]

CyberPack (IRF)

Creating an image of computer RAM.

In the investigation of information security incidents, experts sometimes encounter passwords and other information necessary for successful authorization or identification is not available in open form and stored in RAM.
When you turn off the computer, such information may be lost forever ...
But still there is a chance to get it.
When the operating system is rebooted using the Ctrl-Alt-Del combination (the so-called "soft reset"), the computer does not completely clear the RAM and the probability of losing the information sought is significantly reduced, which means it increases the chance of getting it.
It is just for creating the image (dump) of RAM when the operating system is rebooted that this distribution is intended. With it, you can create an exact image (dump) of RAM, with the exception of those 115 MB of RAM that the distribution itself will take at boot.
The resulting image (dump) of RAM can be written to external media and further analyze its contents.

✔ Work only in Live CD / DVD / USB mode without the possibility of installation.

Download version 32 bits [DLMURL="https://sourceforge.net/projects/ualinux/files/Ubuntu%20CyberPack/ubuntu-cyberpack-fmem-i386.iso/download"] https://sourceforge.net/projects/ualinux ... o / download [/ DLMURL]

Download version 64 bits [DLMURL="https://sourceforge.net/projects/ualinux/files/Ubuntu%20CyberPack/ubuntu-cyberpack-fmem-amd64.iso/download"] https://sourceforge.net/projects/ualinux ... o / download [/ DLMURL]

If it is interesting, then I will continue to talk about such "little things."

 

[Костя]

In connection with a huge number of comments, I will tell you about another interesting little thing.

This is a well-known Tails project, developed by the Tor team, designed to provide anonymous access to the Internet.

Tails is a special version of the Linux distribution from Debian, in which Internet access is possible only through the Tor network, while no session information is stored on the computer from which the Internet connection was made. Typically, the system itself is installed on a USB flash drive, from which the download occurs.

This option is especially convenient for accessing the network from a device that is in an untrusted environment.

Distribution fully Russified and has the ability to camouflage the appearance of the operating system Windows XP.

With its help, access to the TOR and I2P networks is possible, while all services are already configured, just start the desired program from the menu.

If you need to save any data (for example, password-login pairs), it is possible to create on a USB flash drive additional partition that is securely encrypted .

The distribution takes up one gigabyte, while in the standard version it contains an email client, news aggregator, Internet browser, office suite, IM client and a number of other programs.

By and large, if you need the ability to regularly visit Internet resources anonymously (including from different computers), while being confident in the correctness of the configured software, then the universal recommendation here is essentially the same - the Tails distribution. There are, of course, other worthy solutions for anonymous access to the Internet, but about them later.

In addition, given the prevalence of this distribution, the ability to determine a user by analyzing metadata (for example, left by the browser when visiting the UserAgent line), is significantly reduced, since the software for all users of this distribution (like the settings) is usually the same.

Download the distribution here:

https://tails.boum.org/

ps this post was written in Tails.

 

[Марат]

Thank you! Very useful stuff!)

 

[Плотников Юрий Михайлович]

Thank!

 

[Арсен]

Thank!

 

[Бедеров Игорь Сергеевич]

Thank you, we need and are interested in such things!

 

[Гудимов Анатолий Геннадиевич]

I look forward to continuing.

 

[Краев Евгений Леонидович]

Interesting! Thank! And what attracted the user Kostya to this forum and what caused the desire for soft help?

 

[Костя]

So, Tails is convenient - I launched it from a flash drive on a netbook, sat in an Internet cafe and you are almost invisible on the Internet. He pulled out a flash drive from the netbook - and "there was nothing."

But there are many other solutions that allow you to become invisible on the network. Here is another one of them - JonDonym.

Its main difference from Tails is its support, in addition to working with Tor, the anonymous JonDonym service and a number of interesting programs.

Like Tails, it is fully Russified and based on Linux.

A small overview with pictures is located here, I will not duplicate: https://zenway.ru/page/jondolive

So, if you looked at the review, it can be seen from it that in addition to Tor, this distribution supports an alternative anonymization service on the Internet - JonDo, which works on all operating systems - at least Windows, at least MacOS, at least Linux.

Offsite link: https://anonymous-proxy-servers.net/index.html

Ask why do we need JonDo, is there a Thor? But why. If you often used the torus to access the network, then you probably faced with the fact that a number of Internet resources recognize the output nodes of the Torah and block the ability to work with the subscriber’s site with such IP. JonDonym service uses other open proxies and servers that are not connected with Tor and you may be able to bypass protection from anonymous names. In fairness, I note that, for example, both Tor servers and entire subnets of open proxy servers used by JonDonym are blocked on Wikipedia.

What else is interesting in JonDonym?

There is a mail program there (except for a regular mail client) - Mixmaster.

This program is part of the unique Mixmaster project, which aims to preserve the ability to send e-mail through anonymous remailers, each of which erases information about the chain of previous mail servers. In this case, the letter can go up to a day! This is due to the fact that on a number of servers, in order to hide the exact time of sending and the impossibility of comparing the time of sending and the time of delivery, the letter can be tracked for an hour, two or more.

For example, a citizen sent a letter from an Internet cafe at 12 o’clock on January 19, and it was delivered at 6 o’clock on January 20. Try to compare here even in time.

Unfortunately, Mixmaster is a project abandoned since 2008 and in its working form can be found almost exclusively in JonDonym. Due to the incompleteness, a number of significant disadvantages are imposed.

1. The console interface. You have to press the letters in order to select the desired menu item.
2. The complete lack of Russification of the program.
3. The problem with the Russian encoding in the text of letters. Therefore, if we want to send Russian text, it is better to attach it as a separate text file as an attachment, otherwise the case of letters in the text of the letter is violated.

Yes, it is probably often easier to send anonymously through a fake account at mail.ru. But sometimes this is not entirely true - because then you can determine the country of the sender and the output node (IP) of the sender in the Tor / JonDo network.

Some tips for work.

and. When downloading, select the Russian language - everything will be Russified.
b. To be able to write in English, right-click on the Russian flag in the taskbar, select properties. In the window that appears, select the key combination option to switch the layout (for example, Alt + Shift), and add the desired layout - for example, USA.
in. To access the Internet, click on the icon like two small squares in the tray and select the automatic connection to the Internet. If the monitors connected and blinked, and then changed to the icon of the inserted plug, then everything is fine and the network is working.
b. To use the JonDo service, click the icon with the black man. For a payment request, click Maybe later.
d. to use the Thor service - start the Vidlia bulb from the desktop.

All the distributions I have described work fine both when booting from a flash drive and in virtual machines, for example VirtualBox.

Tails will give you a warning that it is running in a virtual machine, since in this case, theoretically, a virtual machine is an additional layer that can reduce privacy if compromising programs work on the main machine. There are, of course, solutions that guarantee anonymity when working from a virtual machine, but more on that later.

By launching JonDonym you can delve into it yourself, see the programs there for encrypting and hiding information.

And yes, a small moment - you know, why is the virtual keyboard included in all the distributions I have described?

Probably they themselves guessed it - to exclude the possibility of intercepting the entered password both by keyloggers, and by other, technical, methods. Passwords are recommended to be entered from the virtual keyboard.

So, you can download JonDonym Live CD from here: https://anonymous-proxy-servers.net/en/ ... _more.html

And as usual, this post is written from LiveDVD JonDonym.

Good luck and all the best and follow the topic - you will still learn a lot))

 

[Матушкин Андрей Николаевич]

Konstantin, thanks for working on the Forum!