IRC is not **** ANONYMOUS ****. Keep reading how to make it anonymous.
Many people are not aware of security problems while sending and
reciving files
(usualy known as 'trading' on mIRC), and since I am reasearching
many security
topics, I have decided to write this security file which could keep
you of you
jail. No bullshit!
1. Introduction
======================================================================================
I hope you are at least an mIRC user so you can understand what
FSERVE or DCC
send/get and FTP servers are. If you don't know, learn fast: they
are the net
protocols for file transfer between two computers that are connected
through
internet. But they are ALL UNSAFE. Why?
You might have feeling that you are safe on IRC and that nobody
knows your real
name since you nickname is not your real name and address, but....
The problem
is your IP number that is visible to ANY user (look on /whois your_nickname).
That IP number belongs to your ISP company and they know for 100%
sure, from
which phone number are you calling and which IP number are you using
for IRC and
all other Internet activity. With that information they can acctualy
SEE all
data that is passing to and from you.
Well, you think that they can't intercept your private messages
without a
warrant. But....... if you are trading/sending some files and if
your ISP
company, based on existing police warrant, is monitoring your friend
that you
trade with, then they SHALL remember you TOO and you will be reported
as his
'friend'. After few days, weeks or even months when police decide
to get in
action against your friend they will visit YOU too (no matter if
you are in
another country then your friend, you will be visited by local police).
What
will happend? They will get a warrant to search your ENTIRE house
and they will
take your computer(s) and everthing other that is suspicious to
them no matter
are you guilty or not and then you have only to wait several months
or years for
them to complete investigation so that they can return you your
computer(s). The
only thing left to you is to pick a good lawyer.
2. WHAT TO DO?
======================================================================================
**************************
Solution A) OpenSSH
**************************
Use secure Internet protocols like SFTP. SFTP is implemented into
OpenSSH
project which includes both secure ftp SERVER and CLIENT utility
(no Win98/95
version). Your ISP and police will see scrambled data going between
you are and
your 'deviant' friend, and they will know EXACT identity of both
of you, but
they could NOT tell to understand what were you sending to each
other!!
To download Windows2K/NT version of OpenSSH server+client go to
:
http://www.networksimplicity.com/openssh/
For other OS go to (there is no Win95/98 version):
http://www.openssh.com
***************************
Solution B) PGP mirc-script
***************************
Currently there is no Win95/98 version for OpenSSH, but the only
solution would
be using PGP encryption. And I hope I will find some other utilities
for next
edition. Someone might write PGP on-the-fly encryption script for
mIRC.......
Homesite: http://web.mit.edu/network/pgp.html
Since there are many PGP pages, and some people are thinking that
the
only realy secure PGP version is v2.6.2, be carefull what you download
and from where you download. I am suggesting to download all utilities
from realy democratic countries (not from: USA, western European
countries, poor countries that are depending on those rich
countries......)
***************************
Solution C) Legal Trick
***************************
If you have Win95/98 and you haven't solved secure file transfers
there is one
plain trick that you could use to fool the cops. This is just last
resort idea.
First: don't run RATIO ftp or fserve. Keep it open (but set password)
so that
'anybody' who knows your password can freely download anything from
it. Second:
put note on your site: "entering this site is forbidden by
the owner and if you
proceede it would be considering like tresspassing private property,
leave now".
So, police can't sue you for trading (file swaping is considering
just like a
real trade, you recive something in return for offered goods). The
only thing
police can sue you against, is the POSSESION of 'stuff' and the
charges for
possesing that stuff is depending on your local laws. But if you
are using some
encryption utility (read bellow) on your PC, they won't be able
to get it.
***************************
If you have any new solutions for secure file transfers, MSG ME
on mIRC.
3. ENCRYPTION UTILITIES FOR YOUR PC DATA (this is not for internet
traffic encryption)
======================================================================================
Utility No.1 : SCRAMDISK
***************************
Excellent data encryption utility. Working through big file containers.
Specialty: it can encrypt entire PARTITIONS
Homepage: http://www.scramdisk.clara.net/
NOTE: there is new product on their site: DriveCrypt. Haven't
checked.
Be carefull, it is not yet checked. In any product, there could
be
backdoors so it is important to wait a few time before using it.
Utility No.2 : BestCrypt
***************************
Excellent data encryption utility. Working through big file containers.
Specialty: SWAP FILE encryption
Homepage: http://www.bestcrypt.com/
Accessing files that are into those encrypted 'file containers'
is achived
through new drive letter that will appear when you enter required
password.
Encryption is fast and I hope unbreakable (there is always chance
for breaking,
but make it minimal). Also, you can install all your software (except
Windows)
into those encrypted 'file containers'. This is recommended because
of possibile
logs that some programs are writing to disk (or at least install
your internet
utilities into encrypted file containers). Once you install above
utilities, you
will use them for ever.
Gift for you if you are still reading this: you can make 650MB
'file
containers', burn them onto CD and send it to a friend and when
he recives it,
you can send him a password through some secure ways (I am recomending
you to encrypt
your message with your friends PGP public key when you are sending
him your password).
4. EXTRA WARNINGS
======================================================================================
NOTE for password choosing: when you are choosing password for
any special
encryption utility, and you are planning to protect realy important
datas, don't
use WORD, use complete SENTENCE as a password.
Be carefull with FTP utilities. There are few that only encrypts
FTP COMMAND channel,
but not DATA channel, which is the most important.
Also, forget protecting behind proxies since all traffic that is
passing through
your computer and proxy server is NOT secured (encrypted!) unless
you are using
payed proxies (which MAY encrypt traffic).
5. The End
======================================================================================
If you have any suggestion, please be free to msg me.
I am not affiliated with any site that I mentioned, including any
other that I
haven't mentioned.
Put this message to your ftp/fserver and mark it as FREE download
Keep trading......... files are not hurting anybody except to those
rich idiots.
|