Today there will be a story about how to protect yourself when communicating in Jabber.
Communication plays a key role in our business. We must be constantly online.
But how to avoid potential identification when you use a Tor connection to Jabber
and you need to surf the web for yourself without turning it off. Like ordering a pizza?
(joking)
But jokes aside, a real example. You are under Tor, logged into Jabber and you urgently need
to ssh to your private server. How to avoid potential identification?
At the time of this writing, chatmask.com and jabb3r.de do not have a Tor entry point.
Well, then we'll make our own.
We will need:
Save the received Endpoints.
Client setup:
We register in the Jabber client in the Host (SRV) column the generated domain in accordance with the server used.
JID (that is, the Login itself) is left as is, it should look like this [email protected] or [email protected].
Naturally, for the client to work, its traffic must be proxied through Tor.
Important:
After installation, clean up all the logs, and do not go to this VPS anymore and do not use it for any business.
If you ever need to get back to this VPS, use only the received Endpoint to log in via ssh.
That's it, don't forget about network hygiene and change your
UPD exit nodes often:for those who do not want to bother themselves or just for the sake of the test.
On the plus side, everyone who uses these entry points will receive one output,
dynamic ip-address for all users, which will significantly reduce the attack surface for deanon.
Communication plays a key role in our business. We must be constantly online.
But how to avoid potential identification when you use a Tor connection to Jabber
and you need to surf the web for yourself without turning it off. Like ordering a pizza?
(joking)But jokes aside, a real example. You are under Tor, logged into Jabber and you urgently need
to ssh to your private server. How to avoid potential identification?
At the time of this writing, chatmask.com and jabb3r.de do not have a Tor entry point.
Well, then we'll make our own.
We will need:
- VPS with minimal features
- OS based on Debian (Ubuntu for example)
Save the received Endpoints.
Client setup:
We register in the Jabber client in the Host (SRV) column the generated domain in accordance with the server used.
JID (that is, the Login itself) is left as is, it should look like this [email protected] or [email protected].
Naturally, for the client to work, its traffic must be proxied through Tor.
Important:
After installation, clean up all the logs, and do not go to this VPS anymore and do not use it for any business.
If you ever need to get back to this VPS, use only the received Endpoint to log in via ssh.
That's it, don't forget about network hygiene and change your
UPD exit nodes often:for those who do not want to bother themselves or just for the sake of the test.
On the plus side, everyone who uses these entry points will receive one output,
dynamic ip-address for all users, which will significantly reduce the attack surface for deanon.