Daze Posted August 13, 2020 Share Posted August 13, 2020 Here are the best ways to stay safe online: 1- Use a VM whenever possible, this can avoid malicious sites. You can find free ones on youtube which are completely safe. 2- Download using a VM. If you cannot or would rather not use a VM when surfing, you can always install Sandboxie and run downloads through it in a safe environment (https://www.sandboxie.com/) 3- VPNs. VPNs are always great to use to protect your own network from ddos attacks and encrypt your traffic. I'd highly advise Octovpn: https://partner.octovpn.com/565 Feel free to suggest and add other ways or ask any questions (Usually responds every 1-3 days) 2 Quote Link to comment Share on other sites More sharing options...
Athena Posted August 14, 2020 Share Posted August 14, 2020 Nice thread 1 Quote Link to comment Share on other sites More sharing options...
Gwap Posted August 14, 2020 Share Posted August 14, 2020 (edited) Lol, there is a lot more to do to be able to be ‘’safe’’ on the web. Edited August 14, 2020 by Gwap Quote Link to comment Share on other sites More sharing options...
Myztxc Posted August 15, 2020 Share Posted August 15, 2020 On 8/13/2020 at 2:18 PM, Daze said: Here are the best ways to stay safe online: 1- Use a VM whenever possible, this can avoid malicious sites. You can find free ones on youtube which are completely safe. 2- Download using a VM. If you cannot or would rather not use a VM when surfing, you can always install Sandboxie and run downloads through it in a safe environment (https://www.sandboxie.com/) 3- VPNs. VPNs are always great to use to protect your own network from ddos attacks and encrypt your traffic. I'd highly advise Octovpn: https://partner.octovpn.com/565 Feel free to suggest and add other ways or ask any questions (Usually responds every 1-3 days) lit, thank you Quote Link to comment Share on other sites More sharing options...
Athena Posted August 15, 2020 Share Posted August 15, 2020 On 8/13/2020 at 10:18 PM, Daze said: Here are the best ways to stay safe online: 1- Use a VM whenever possible, this can avoid malicious sites. You can find free ones on youtube which are completely safe. 2- Download using a VM. If you cannot or would rather not use a VM when surfing, you can always install Sandboxie and run downloads through it in a safe environment (https://www.sandboxie.com/) 3- VPNs. VPNs are always great to use to protect your own network from ddos attacks and encrypt your traffic. I'd highly advise Octovpn: https://partner.octovpn.com/565 Feel free to suggest and add other ways or ask any questions (Usually responds every 1-3 days) Honestly, I recommend not downloading anything you don't trust fully Quote Link to comment Share on other sites More sharing options...
Myztxc Posted August 15, 2020 Share Posted August 15, 2020 4 minutes ago, Athena said: Honestly, I recommend not downloading anything you don't trust fully Well yea, but if theres someone that just insists on downloading something, he's trying to say at least get on a vm and not take the risks Quote Link to comment Share on other sites More sharing options...
Barcode Posted August 15, 2020 Share Posted August 15, 2020 never know when you might need that v bucks generator, lmao Quote Link to comment Share on other sites More sharing options...
Athena Posted August 15, 2020 Share Posted August 15, 2020 3 minutes ago, Barcode said: never know when you might need that v bucks generator, lmao lmao, true that Quote Link to comment Share on other sites More sharing options...
Daze Posted August 15, 2020 Author Share Posted August 15, 2020 On 8/14/2020 at 2:53 AM, Gwap said: Lol, there is a lot more to do to be able to be ‘’safe’’ on the web. It's a method to stay safe. Obviously i'm not saying you can hop on the dark web with this and come out unscathed. Feel free to list some possible ideas so i can add them to the thread Quote Link to comment Share on other sites More sharing options...
Barcode Posted August 15, 2020 Share Posted August 15, 2020 this was kinda made for general browsing and downloading softwares, not for really anything bigger Quote Link to comment Share on other sites More sharing options...
CanalesOcultos Posted August 20, 2020 Share Posted August 20, 2020 (edited) On 8/13/2020 at 4:18 PM, Daze said: Here are the best ways to stay safe online: 1- Use a VM whenever possible, this can avoid malicious sites. You can find free ones on youtube which are completely safe. 2- Download using a VM. If you cannot or would rather not use a VM when surfing, you can always install Sandboxie and run downloads through it in a safe environment (https://www.sandboxie.com/) 3- VPNs. VPNs are always great to use to protect your own network from ddos attacks and encrypt your traffic. I'd highly advise Octovpn: https://partner.octovpn.com/565 Feel free to suggest and add other ways or ask any questions (Usually responds every 1-3 days) I have a few issues with this tbh. Sandboxie is super easy to detect, most commercial malware easily detects it's running in this and many have even found ways to beat it. If we take a stroll over here https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18748 sandboxie basically said because you can run a command and completely escape their controls over the sandbox, it was within the realm of expected use. If you wanna have some fun, seriously just scan registry permissions within a sandboxie setup, and watch for when you actually make changes to the host without being noticed. /sigh/ Even if you containerize, which is all sandboxie functionally does (see also comodo's ransomware protection), absolutely everything and run it in a vm, then you're victim to oversimplifying. As such, you'll grow accustom to providing real information over a known bad environment ruining the entire purpose. VPNs can mitm your traffic just as much as "encrypt" them. As well nearly every vpn provider thats ever said they don't keep user logs has been hacked and proved lying (see, hidemyass). It's much more advisable to use ssl everywhere within your container within your vm if you're trying to encrypt. Personally I'd advise AGAINST octovpn because sites like https://wtfismyip.com/ can easily still grab internal ip and often ipv6 of users, websites like ebay can detect real ip based on wasm and local fingerprinting. Another objectively safety idea is limiting scripts running to those you know or trust which there are many extensions for every browser for this but very few browsers natively give you that control to block. Just for a malware c2, at minimum, I'd run with two vm, one being host only networking, the other having all traffic through tor. The host only network on, would be my c2 with a socks proxy to a port on the other. The other, would then have network traffic through tor and run an ssh proxy for a socks tunnel to MY OWN cloud instance, docker instance, or ovh. Ps, fuck ovh. There I said it. Anyway, this gives me complete control of my own, scalable infrastructure, if someone owns my c2 service they won't likely hit anything in my real network, if they gain root to my vm and then vm escape, well that's a risk I'm willing to take with a dumpster laptop. That seems a bit dramatic so lets try another scenario, you're just a privacy focused gamer who thinks "omg someone gonna does the bootingz of me" and therefor you get convinced to use a vpn or ovh (or any cloud services for proxy or vpn). Any vpn that someone else controls automatically has you agree to their certificate and their certificate authority, meaning once it's saved on your computer you /won't/ be hassled by most any certificate errors because you already agreed to trust those. Grounds for mitm attacks, any vpn ever. Most of these free vpns you can hop on and use bettercap still to do a mitm attack. most cheap ones don't actually encapsulate all your traffic and ipsec or not only encrypts between you and them, not from them outbound. My suggestion for handling these is you go hitup riseup's vpn service. Donate while you're at it. It's one of the few that doesn't have data leaks (re, wtfismyip.com link I posted earlier doesn't leave data behind, other tools like ebay's fingerprinting can't determine local ips). Once you understand how all this works, you'll see just grabbing a sandbox or just grabbing a vpn isn't inherently safe or in many cases even safer way to browse the internets or play games. Sometimes all you've done is cause more problems for yourself. But keep learning, and don't get settled on one thing like that. Edited August 21, 2020 by CanalesOcultos 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.