Hackers's 10 commandments
1. Backup your DATA I recommend using either DES-algorithm, 3DES, AES or the famous twofish-algorithm as encryption method. Remember to make the encryption strong, I recommend using 254 bit encryption (not mounted). The reason you have to use such a strong encryption, is because we all want our privacy I guess.. And in any suspicious act of violence or nervous triggers, you can save your logs (hopefully not your logs), servers, scripts, API's, exploits, doxes, formulas, payloads etc. encrypted safely on your encrypted PATH, drive, folder or HDD for that matter. Now you are in full control, and you can mount and dismount as you please and sleep like a little princess, while your data is well encrypted. And in advance, using encryption makes it almost impossible for reverse_engineers, pen-testers etc. to break or attack the data.
2. Firewall issue There have been a lot of accidents while using the manufactured firewall which is built into your OS. I recommend, with vouches from many others, that you use "private" firewalls, paid or free ones. You can either download one or you could ask for one. Firewalls are set to analyze income and outcome IPv4/6 packets, traffic and to sort out any malicious or unknown packets or signaling activity. Firewalls manage to sort out malicious acts using servers/log scripts linked to it's GUI/Ti base, which has stored known malicious acts, and also updates itself to keep up-to-date. There are many functions, procedures in each firewall. Most common static procedures are checking and analyzing send and received packages, storing and checking file extensions, capacity changes and any malicious unknown act on the system OS.
3. Become anonymous While in cyber warfare you always have to think on how and what you would do in their position?? Most important thing to remember, is that you DON'T want to get caught doing what you do (black hat or white hat), and that you, your traffic, your data etc does not get stored in any lame .php script or other reverse_engineer booby traps. Don't use your real dynamic/static IP address brought to you by your ISP. If you get caught, stored, logged, back-doored or whatever, there are many techniques or ways to turn things around. Simple anon techniques ¤ Use proxy, HTTP, HTTPS or Socks|5 ¤ Bind your host IP to your MAC address and process a MAC spoof ¤ SSH tunneling (Secure shell tunneling), either using paid service, private lining to your web-host or private setup server ¤ Create either a host bot-net, API's or server lineups and triangulate using tunnel injection and use them as cover ups while browsing, pen-testing or exploiting (basically proxy layers)
4. Stay clean and anonymous This is the easy, but yet very important part. Never! use your real name, city, country, address, IP, phone number, e-mail, (email may link to other info if it gets cracked/phished) or post any info about family or relatives. Never use same password (store each one in a document on the encrypted drive). And don't use same user names over and over again. Any dox fool can link one account to another if its the same user name. Finally don't forget to clear off your logs when finished with what you are doing (good with paid VPN or VPS which does not store logs). And clear the logs manually on your OS as well.
5. Don't get hacked yourself Be aware of the war going on, on the web. Never visit links that can be related to phishing attacks, loggers, auto loggers, FUD crypt RAT/JDB or anything else. Scan every file you receive, if it's through FTP "port:21" or on some random website/host. Get yourself a key scrambler, to prevent logging. Add auto encryption on your browser GUI. Also get yourself a habit checking up URL before entering.
6. Secure download/torrenting The manufactured software on your computer/net use static ports, meaning that they don't change them. But that does not mean that we can't. Whenever you are torrenting, downloading, uploading etc. using either client GUI software or plain DOS prompt tunneling, be sure to change the ports, or connect to some server which encrypts your packets or allows safe and anon transfers. In any other case close any port other than the one you are using. There are plenty techniques to manipulate with a router, ports etc, making any port open for the needs of the hacker.
7. Be ready to be attacked It may come a day when you "hacked".... Which is almost a stupid saying now a days, because of all the script kiddies.. The word is actually infected I guess. But well, what do you do? you could ask for help, yes. Well I prefer a better solution, its called "brain function". Use Google, monitor and save the logs on your system and give it to some Malware Removal Specialist. Try analyzing your process list, startup services, outcome and income traffic. Use some JRT, off line boot scan, on line boot scan, traffic analyzing tool, and try to remember where, when and how it happened. Monitor your Internet connection, look for malicious IP's. If infected is the case, look for FTP emails, login credentials and so on using your favorite network monitoring GUI. Whenever you get infected, you have two options, taking the job in your own hands, or leaving it to others to analyze. I suggest your own mind, and I think that's the case for most on here. I myself don't allow anyone else managing my activity.
8. Social engineering The Internet, also known as cyber space is full of hackers, social engineers and computer specialists that would use any means necessary to get to you and your personal info (using social engineering, SME and doxing). I recommend everyone to learn yourself to be in their position "using social engineering", so that you may have the better mind when and if you become a target. Read, explore and educate yourself in these patterns.
9. Don't let the ISP The ISP stores all bandwidth packages, both income and outcome. Some USPS store up the drives for a week some for months (this meaning, all your FTP transfers, logs, connection's, downloads and URL`s visited are stored in their server. That is why, we use the way of the anonymous hacker. Control your DNS, control your ext|int IP, make it your playground.
10. Be anonymous in your environment The vulnerability of your friends know who you are and what you are doing in cyber space effects your work. here are some reasons : ¤ They can be linked to you (their messages on email etc can be traced to your country) ¤ Will fear you ¤ May tell other people about you and your work (many links)
I have used Kaspersky anti virus for a few years, and I'd recommend this product to everyone.
ReplyDelete