ADIL π¦ δΈ° βΏ β‘ on Nostr: ππ Personal data protection during investigations for OSINT specialist. Part 1 ...
ππ Personal data protection during investigations for OSINT specialist.
Part 1 - Traffic tunneling.
Traffic tunneling in the context of data protection is necessary to hide the real IP address of your computer and many other network data about your connection + in our case it is also necessary to encrypt traffic from the Internet provider and everyone who is "sitting on the wire".
π‘ We will need a VPN + VPN bundle.
β Why not just VPN?
By means of a request to the provider/SORM - it is possible to obtain data about who was connected to this IP address (VPN) at that time and in response to this request you will be given away, and you will not even have to request data from the VPN itself or the data center where this VPN is located - deanonymization will occur bypassing this.
Why not links with anonymizers like TOR? (VPN + TOR, VPN + Lokinet, VPN + i2p, etc.).
1. Such connections often provide low connection speeds , which is not suitable for online investigations.
2. Such anonymizers (TOR, i2p, Lokinet) often have a "dirty" IP address - therefore, with such an IP address, it will be impossible to register accounts for investigations, and sometimes you will not even be able to simply access a website with such IP addresses.
3. Doubtful privacy of transmitted data - often the output nodes of such anonymizers are monitored for the purpose of intercepting data/deanonymization/theft of cryptocurrency, etc. Accordingly, the fact that you are digging on someone may become known to someone else.
So, we have decided on the type of protection.
Let's move on.
β How to set up?
There are 2 options:
1. Special clients of VPN services that have a double VPN function.
For example, the VPN provider iVPN has the ability to enable double VPN mode directly from the official client.
2. 1 VPN on the host - 2 VPN on the virtual machine for work.
βοΈ How to use?
Each investigation has its own IP address.
You can't use the same IP address for different investigations - otherwise the investigations can be linked together and it will be easy to understand that the same person is behind them all.
ββπ₯ Killswitch is a function that if the VPN is turned off, then the entire Internet on the computer is turned off. The Internet bypassing the VPN does not work. Be sure to enable this function in your VPN client (iVPN also has this function).
Before starting the investigation, visit the site - https://browserleaks.com it will show how your computer looks from the site. There you can check the IP address (so that it is from the second VPN) and check some device fingerprints. This is necessary for a check before the investigation - so as not to forget to turn on something.
Part 1 - Traffic tunneling.
Traffic tunneling in the context of data protection is necessary to hide the real IP address of your computer and many other network data about your connection + in our case it is also necessary to encrypt traffic from the Internet provider and everyone who is "sitting on the wire".
π‘ We will need a VPN + VPN bundle.
β Why not just VPN?
By means of a request to the provider/SORM - it is possible to obtain data about who was connected to this IP address (VPN) at that time and in response to this request you will be given away, and you will not even have to request data from the VPN itself or the data center where this VPN is located - deanonymization will occur bypassing this.
Why not links with anonymizers like TOR? (VPN + TOR, VPN + Lokinet, VPN + i2p, etc.).
1. Such connections often provide low connection speeds , which is not suitable for online investigations.
2. Such anonymizers (TOR, i2p, Lokinet) often have a "dirty" IP address - therefore, with such an IP address, it will be impossible to register accounts for investigations, and sometimes you will not even be able to simply access a website with such IP addresses.
3. Doubtful privacy of transmitted data - often the output nodes of such anonymizers are monitored for the purpose of intercepting data/deanonymization/theft of cryptocurrency, etc. Accordingly, the fact that you are digging on someone may become known to someone else.
So, we have decided on the type of protection.
Let's move on.
β How to set up?
There are 2 options:
1. Special clients of VPN services that have a double VPN function.
For example, the VPN provider iVPN has the ability to enable double VPN mode directly from the official client.
2. 1 VPN on the host - 2 VPN on the virtual machine for work.
βοΈ How to use?
Each investigation has its own IP address.
You can't use the same IP address for different investigations - otherwise the investigations can be linked together and it will be easy to understand that the same person is behind them all.
ββπ₯ Killswitch is a function that if the VPN is turned off, then the entire Internet on the computer is turned off. The Internet bypassing the VPN does not work. Be sure to enable this function in your VPN client (iVPN also has this function).
Before starting the investigation, visit the site - https://browserleaks.com it will show how your computer looks from the site. There you can check the IP address (so that it is from the second VPN) and check some device fingerprints. This is necessary for a check before the investigation - so as not to forget to turn on something.