Greythorne's Privacy Nexus

[ Quick Privacy Switchboard ] [ IP Spoofing ] [ Encryption Notes and Chat ] [ SSH Connections ] [ Instant Messengers ]
[ Mail2News and Mail Relays ] [ Proxy Tools ] [ IRC ] [ Firewalling ] [ Intrusion Detection ] [ Getting Online Privately ]
[ Router Tricks ] [ Useful Tools ] [ Data Recovery ] [ Cleaning Tracks Off Your System ][ Spyware ] [ Antivirus ]
[ Making Safe Anonymous Payments By Mail?!? ] [ How (And Why) I Do Things To Protect Myself ]
[ Send Me A Message ] [ What's New ]


This section is for web based tools that are available to us, I prefer the direct approach. Most of these are ready-to-use right as you click the link.
Also be sure to read the privacy policies at a site before using - some have much different protection policies than others.

Quick Privacy Switchboard - Direct Links To Online Tools
@nonymouse anon web email @nonymouse anon web surfing @nonymouse anon news posting
Anonym anon web email (German) Anonym multiple anon surf tools (German) Jetropolis anon news posting
Freedom Remailer anon web surfing Xganon anon news posting
Global Internet Liberty Campaign Guardster anon web surfing List groups anon and encrypted
Internet Mail Network (Must Register) Megaproxy anon web surfing * (fee) anon (*=Use Together)
Jetropolis anon web email anon encrypted web surfing * (fee) encrypted
Paranoia anon encrypted Remailer anon web surfing (no ssl)
Riot anon encrypted web email ProxyOne anon web surfing
SneakEmail (Disposable Email Addresses!) ProxySpinner anon web surfing (German)
Downloadable E-Mail Software ProxyWeb anon encrypted web surfing
Anon and PGP Encrypted JackBNymble Rewebber anon web surfing
Anon and PGP Encrypted Private Idaho SafeHouse anon web surfing More Anonymous Web Browsing
PGP Encrypted Zendit plugin for Outlook SnoopBlocker anon encrypted web The-Cloak anon encrypted web
Encrypted PGPi - Works with Outlook Surfola anon web surfing The-Cloak anon web surfing (no ssl)

Downloadable Anon Web Software: Stealther at A4U (English,Arab,German)  

Ultimate Anonymity (Encrypted Anon Email and Web, Regular and SSL encrypted Proxies) - Plus resources much like this site
Does not keep logs of anyone using their services and accepts payments via money order.
(very cheap fee of $14.95 for a permanent anonymous account)

I think my site (this privacy nexus) has more - but the safety of their service is what you are paying for here - plus they have
some good instructions for those who don't already know how ...and I do use their services myself.

Find files on the net in a Kazaa/Napster styled search using the eMule software and the FileDonkey website that integrates with it

Tired of popup ads? This little proggy seems to do a really good job getting rid of them.

Fravia is still online! -- Visit him at SearchLores or
His classic anonymity lab page is as always an excellent resource

If you linked here from somewhere else, you can go to my link menu (see top of page) here or here.

My updated PGP public key is here.

Thanks go out to all of you friends who have been aiding me in my projects and my old friends on the net. Among others, in no particular order: (cheezy GREETZ section here)
Pipacs, Razzi, Crackz, Letterman, Devine9, Muad`Dib, Dynm8, Chrizz, Flugh, Wulfric, Carpathia, Pr1mus, Elessar, Potsmoke, and of course Fravia :)

Check out the METASPLOIT page to get some useful reversing tools that let you get INSIDE windows


Those of you who have been in contact with me lately are aware of my interests in anonymity and other security issues. This page is for that reason, and for the people who have wanted to hear more about some handy tools or options that are out there. If you have anything to add, please feel free to contact me, I would love to include more information from the ever increasing world of the web. As with everything, there is always some risk, though with some of these things available to us, that risk can be seriously reduced if not completely alleviated. This is a work-in-progress, more to be added.

MOST INTERESTING: <-- Real IP Spoof and Sniffers

This site has some very effective software (overwhelming ARP data to mask your IP
(and MAC Address) on a local network)

STERM, CAIN, and IRS on this site use this technique effectively

They make use of the WinPCap Ethernet Packet Drivers -- WinPCap Home

CAIN - Spoofing Net Sniffer and grabs passwords for several popular apps [EXCELLENT!]
IRS - Scans a machine for TCP flaws

I have tested them (STERM the most) on both Windows XP and Windows Server 2003
THIS IS THE REAL DEAL! - Zone Alarm reports the false IP instead of the real one

Make sure to read the instructions, each file uses a reg key to set the MAC address
to mask your network card as well as the IP

They actually took the time to make a presentation to teach you a bit of the workings.

Most software I have seen fails to live up to it's name - this does what it says
That's what I mean by the REAL DEAL.

Remember that i am advocating privacy here, not havoc.

Intrusion Detection Software (IDS) can often detect a change in a MAC address.
(The physical hardware address of your network card; almost like a fingerprint.)
Though in a grid of machines getting pseudo-random IP addresses when plugged into
the network and one of them is using an unidentifiable IP address for some tasks,
It can be very difficult to track down which machine is reporting the altered MAC.
especially when not in the same physical location.

Make sure to set a different MAC and IP address than any existant on the local network
(editable from the registry... read the Docs for each separate application for the keys)
because if there are two machines on the same net with identical ones, the net can freeze.
The important thing is to set the MAC to something different than your own ethernet card
is fingerprinted with, so you are not identified that way when the admins look at logs.

One application ( ) has an anonymous surfing feature that was not planned...
A vulnerability and exploit data that was posted to the security mailing lists causes it to not even log when you using their service
You can subscribe to these lists at


NewsLeecher app download area - fun application for download from usenet newsgroups

Anonymous Encrypted Web Surfing Tip For Use With
Make a Link Button on your web browser or bookmark one of these links:
(both of these have a address bar that shows at the top of the page so you can go anywhere)

SSL Anonymous Google Search As Proxified Start (scripts and cookies allowed*)
*Scripts and cookies are allowed by default in this link so you can use sites that need them in order to login etc...

SSL Anonymous Google Search As Proxified Start Page (no scripts or cookies allowed for more security)
For those of you who don't know how to make a link button in your web browser to a link, do this:
For Internet Explorer (MSIE): (In the menu at top of the browser check: "View -> Toolbars ->Links" if your Links are not showing up)
Use your mouse to drag one of the links (drag & drop) onto the Links bar at the top of your web browser

For Netscape 6+: Use your mouse to drag one of the links (drag & drop) onto the Bookmark bar at the top of your web browser

For Opera: (In the menu at top of the browser check: "View -> Personal Bar -> at TOP" if your personal links are not showing up)
Click to go to the link you want, then choose the Bookmarks menu option at the top, enter the Personal Bar folder, and in the little pop up menu click: Add Page Here


  I like the way these people think. Check out
their 10 myths about encryption to see why.

PureNoise is a SOCKS 4/5 proxy application that works to encrypt irc chatting as a firewall/proxy running on port 663

for example:

Set firewall (type=BOTH) in MIRC and tell it to use address (or localhost) and port 663

when you are chatting, unencrypted data starts with "--" (2 dashes)
to start encryption mode, type "===" (3 equal signs)
to end encryption mode, type "###" (3 number signs)

PureNoise handles all of the key generation by itself, you have no config needed.


(I tend to use PGP, RC4, and Blowfish for my secure software applications)

PGP Notes -- Version 8 at the PGP international download section supports RSA and also plugs into Outlook and Outlook Express.
Create keys using RSA legacy (2048 bit) to be compatible with all applications, or RSA (4096 bit) to handle newer apps.
I made keys for both security levels, so that all of you can CONTACT ME no matter what their software.

Recent Windows versions have built-in file and data encryption but I would feel better trusting PGP or BestCrypt for this task.


NOTE: SSH.COM now has a good free SSH terminal client which also installs an SSH ftp (file transfer) client as well
The non commercial one in their downloads section is limited but still a very nice free application



If you want to connect to a machine where you have to type in a password, BE CLEAR ON THE FACT that the companies and
administrators, or anyone else using a sniffer to look on the network for passing data will see them IN PLAIN TEXT.
This means any data you are transferring is an open book for anyone on the network to see if they are looking.

The first solution, SSL web browsing, is covered already, but for remote terminals (client-server applications) we need something
more than a web proxy. If we already have a machine we access remotely as a server, we need just the client software.

Free client software (PuTTY) is available for Windows based machiness.
Either download (includes FTP software) it HERE or to check for new releases go to the PuTTY Home Page
There is quite a bit there, but putty ssh client and ftp client are probably all you need for general purposes.

If you have a web site on the server you can access, MindBright came up with a great Java applet SSH client
so that you can make an encrypted link via SSH to your machine from virtually any web browser on the planet.

Your MindTerm Web Page Link To Your Account:

Unzip this file into your web directory, change the name '' in ssh.htm to match the domain name
of the machine you are trying to contact, and presto, as long as that machine supports ssh you are all set.

Most Linux machines and most other unix based servers out there have ssh server support.
If you are connecting to a machine running a windows based operating system, all is not lost:

Excellent Windows Software Source:

Van Dyke Technologies supplies Vshell (server), SecureCRT (SSH Client), and SecureFXP (SSH FTP Client)
for Windows operating systems (ssh1, ssh2 and more). Vshell needs WinNT, Win2000, WinXP, or Win2003.
It doesn't matter which version of windows you have to run a client program however.


PSST encrypted Instant Messenger software available at SourceForge
Connect to the IP of a friend directly encrypted, no setup needed.
(they need support to add features)

Hush Messenger encrypted Instant Messenger is free from the makers of HushMail
You create a HushMail account with them here (used like screen names on AIM and your also get encrypted email)

AIM and MSN Messenger tend to get hacked pretty regularly though lately the worst has been YAHOO Messenger
in that there exist hacks that allow people to walk right into your system past a firewall if it is not RECENTLY updated.
There is a web page script hack out for AIM that steals passwords from users for example.
Considering that most IM's are plaintext, I prefer to only use them for situations that do not require security.
AIM is creating an SSL certificate based pay-based add-on so it is looking at least somewhat promising.

For the most part, I have had to disconnect myself from the IM software on the net for both security and time.
Can't get much done while sending messages back and forth ;)


With DejaNews ("Google Groups" now that Google owns it) we have a virtually permanent record of news postings...
complete with the email address and name of the individual who posted the message. With that kind of information
longevity, it should not be considered dumb to find a way to post without making permanent tracks if not wanted.
If you think otherwise, look back on something you wrote when you were much younger, and imagine how it could be
a tad embarrassing to have everyone see it today...

Web based anon web2news posting, like in the switchboard (above) are great for simple messages, but are not really
capable of handling more complex possibilities, and often can be down -- so email gateways can be a solution disappear.

This section is not meant as a reinvention of the wheel, but as an update since these types of servers

Mail2News Instruction Sources

Fravia's Classic Anonymous Mail and News Page (has instructions and gateway addresses to try) - Secure website with full mail2news instructions
EZ Mail2News Instructions from a WebTV user (a group of users who definately need this ability) ??? (Seems to try and connect but may be down)

Mail2News Gateway Email Addresses

In (as opposed to just
'nospam' mangles your email address in postings to help you avoid getting spammed

Be sure to realize that only some mail2news are anonymous by default, but using an anonymous mailer will get the desired result.

Anonymous Remailers, Tools, and Much more information are HERE at the G.M.S. Freedom Project

And also at Electronic Frontiers Georgia

They have an extensive set of Anonymous Remailer Lists

Also check out the Anonymous Remailer FAQ

While we are discussing email... you might want to know HOW TO Retrieve FTP Files By Email


Proxy Forum (Large List of Many Proxy Types such as SOCKS) and another comprehensive one at
Free SOCKS Proxy checker software and list Anonymizer's privacy scanner Leader's privacy scanner
SurfSafe - Free HTTP Proxy List OpenProxies - Free HTTP Proxy List OpenProxies - 10 Daily emailed to you
Free Public HTTP Proxies AllProxies - Free HTTP Proxies Stay Invisible - Free HTTP Proxy List
Proxomitron - Free Proxy Software Proxomitron Plug-In Filters JunkBuster - the old favorite proxy
MultiProxy - (Has a proxy list, and the proxy software has a good proxy tester that will verify anonymity of your whole list)

Beware of a German Proxy called JAP which was originally a very nice Java Proxy...
(Java Anonymous Proxy)
It was court ordered to have a Back Door and sends data to the German Police
Read More about this serious problem HERE, HERE, or HERE

IRC PROXIES (How yours truly moved out of the dark ages)

[ You should check out the Invisible IRC Project, it definately looks like a good tool in the making ]
[ Also check out Ultimate Anonymity - offers many different services ]

Many tricks are available, though lately it is nice to get a BNC (bouncer) to proxy into IRC using nearly any popular client
PsyBNC is very nice (though complicated to configure) and remembers your data such as the last chat rooms you were in
Be sure to get the syntax right on the 'change password' feature... if you don't do it exactly right it can screw up the PsyBNC server
If you can possibly do it, and locate fast ones, using a couple bouncers at once makes it less easy to track you

It really doesn't matter which type(s) you use, but some have more options than others.
Most of the time you must be trusted by someone who can give you a password to a BNC to get access,
but proxying by any method will keep most script kiddies (among others) from messing with you easily
OR you could go to a place like and pay for a BNC package at $2 per month (no kidding!)
Their rates on just about any internet service are unbelievably low

By getting out of the dark ages... I mean that I used ssh connections chaining from one unix box to another
and using text based IRC links. Sure it was protective, and people thought I was logging in under my real ident,
but features such as DCC file transfer were completely unavailable

Sometimes I would in the past use a WinGate proxy to bounce into IRC and protect my IP from easy viewing
It is increasingly harder to find useful wingate proxies however - but they are handy when you find them
You can search for them on a batch of IP's with the wingate scanner (originally found here among other small apps) carries many texts, including wingate proxy usage instructions, though many things there are dated

It is also possible to use other types of sites on the net as proxies as well, though not all servers will accept
them. Dnam8 made a good observation that if you find a domain name or ip address that you can FTP to, it will often
also allow you to use it as a proxy. MIRC settings for basic proxy usage are like so:

- set the 'FIREWALL' option -
choose the BOTH + PROXY choices (don't choose SOCKS)
assume port 80 (many use other ports but this one is a good bet)

[ You CAN use a proxy AND BNC's at the same time for more security ]

If you are using a scripting IRC program like MIRC, a handly little script called proxy monitor watches when people come online
and reports to you which proxy connection they are using. When you run it, you tell it which ports to watch in several boxes.
Try these - though people can use many others: 6667, 1080, 80, 8080, 3128
Many proxies are not accessible to you - specifically if they have password access, but occasionally you can use it too.

since the topic came up...
(And since they are 'kissing cousins' to proxies...)


Try using two at once like ZoneAlarm AND BlackICE [together].
They do some different tasks that complement eachother.
BlackIce asks you whether to allow execution of programs where ZoneAlarm checks only net accesses.
Other firewalls also do this, such as TINY FIREWALL (This one has a ton of features!)
Besides, if one is disabled by an attack (such as a virus or trojan), the other still lives.
Do research regular on them however, you want to keep up do to date to avoid being hacked.

A good place to find many firewalls is here:

Linux users have the firewall IPChains among other firewall options.


Recently KAZAA (and others as well) media users have come under fire due to lawsuits from music artists.
PeerGuardian (a type of free firewall) was designed to combat the scanning of
individual machines by making a publicly updatable list of IP's that the software will block
whenever people find that they are being scanned by those IP's.
At last time I checked there were over 50,000 IP addresses blocked by PeerGuardian.

Download PEERGUARDIAN here


Akin to the firewalls is Intrusion Detection (IDS) -- basically because the firewalls not only block intruders
but inform you of ip addresses and ports where someone is attempting to break into your system.

There is much more to both types, but to protect yourself, you should be using both.

One IDS currently getting good reviews is Demarc's PureSecure IDS (Free for personal use of course)
It installs mySql Database on your machine for it's storage needs, and has a client application called 'Snort'
which allows you to access the machine where the IDS is installed whether you are running Snort
on the main machine (usually the server or gateway machine) or on one of the other local machines.
I find the tiny windows that open and close on occasion a little annoying, but it seems to do a very good job.

There have been people worried about a back door in Demarc's product, though from what I have read
those worries do not have any real merit. Granted, any public product will be actively assaulted by
the hacker community, but again, that is a problem that all firewalls or IDS software has to deal with.


The first thing I can tell you is to walk into a public library or other free net service location and see if their machines
will allow you to surf the net without having to identify who you are. Many are just windows based machines
or MacIntoshes that are always on and don't have any method of identifying the user. This makes life easy if many users are online.

Without going to a public place, there are still options!

Dialup accounts (and some cable and DSL modems) give you a random IP address when you log in.
When you log off then that address is free (unassigned) and gets put on the next machine that comes online with the service.

Think about this carefully... If you are using a service where you use a login and password to get in, YOU ARE LOGGED.

Cable modems tend to tell the ISP your data anyway. They tend to store the hardware address of your modem with your phone number
in their database at the main office. That is how they are able to look at the logs and see if your modem is having troubly remotely.

FOR BEST RESULTS use the dialup method here or cloning (in the next section)

Some dialup services are allowing people to try the service with no need for a credit card, and are allowing free internet time.
(Don't you just love a system where companies want to offer you free stuff to get you hooked?)

NetZero for one offers a 10 hour monthly free service and you can create your own login ID and information.

Remember that the smart thing to do when you are done with your online task is to hang up the modem to free up the ip
and ALSO delete the dialup software and user ID. Reinstall it next time you want to get online with a COMPLETELY DIFFERENT ID.

If at all possible, get a private unlisted number. Caller ID will not work on the other end.
If you do not have that, in the USA there is usually a way to disable remote caller ID by typing a code before the number.
Your phone company will gladly tell you what that code is because it is a service they offer to protect you...
and themselves so they don't get sued by people who don't know their phone number is so obvious.

In my area, *67 is the caller-id-disable command code... the counterpart to *69 (general caller-id command code)

[using the made up phone number (999) 999-9999 for the next examples]

In your dialup settings (windows machine example here) either set the number you call to *67,999-999-9999
or even better (because it protects ALL modem calls...) go into your modem dialup settings and enter
as the number for the blank that reads somethig like: 'i need to dial a number to get an outside line'
the comma is important and means 'wait a sec before dialing the next digits' because the command needs time to go through

(often cell phones can do this too... my service is like so: *679999999999 - no comma needed)

This is not as good as a private number

Private numbers tend not to send your phone number over the line.

You may not know that *67 styled codes do not always stop your number from being relayed...
It still can be sent, but the phone on the other end gets the order not to display the caller id data.
The authorities (not regular companies or people) have modified phones that ignore the code.

It is of course better to not even dial from home since there are other ways (ANI and Police Traces) to track you.

What ISP's will do if they can't otherwise track someone in particular

ISP's will often watch the logs when they are tracking someone by a username to see if that person logs in.
While logged in, the ISP can have the authorities trace the call and find your phone number.
It is of course nice if you are not at your home number.

Before there were free dialup accounts, and one wanted anonymity, it was much harder.
[This is what I did when I 'met' Fravia, so I am only talking about the mid 1990's]
Some of you already know how I handled that one...

I called a local university library and asked if they had a dialup number to access the card catalog.

Now many libraries have internet web browsers so it is not unusual.
Many accessed the net even back then, only just for specific applications.

The card catalog had a search engine in it, even though they were using text based web access only.
The administrator had disabled the TELNET:// command from the search tool and set it just to search LYCOS
and a few other well known engines. I had an idea that panned out nicely... you couldn't type it, but you could
click a TELNET link on a web page and it would in fact work. That option is not as easy now in most places.

So, on one of my "Greythorne" pages, i made telnet links (and of course many other types) to internet services I liked to use
and then registered that specific page on all of the search engines that the library was using.

Then all I had to do was dial the library card catalog service, enter the 'net search' for my own page
then go to any link I wanted [ Free Anonymous Internet! ]

Things like that are not illegal, and are available to the creative individual who spends time looking at what is out there.

Smart sysadmins tend to remove modems from the servers nowadays so it may not be available in your locality.
You just have to call and find out if that is available.


Above, in the section on CAIN and IP Spoofing, I brought up local network IP and MAC Address spoofing.
(Re-iterating here that MAC addresses are the unique hardware ID for your ethernet card... so a local net KNOWS you.)

This solution is one using hardware. On a network the sysadmins may not notice, or the network often just appears to have
a misconfigured router on it somewhere. You assign some MAC address to it and in most the IP can be set manually.
Some of my contacts set the data to match that of a machine in the local area.

Note: Cable modems reported to me by techs in the field do not do as well in that they have their own MAC address,
and the cable company uses that to identify the modem in use, DSL modems reported to me
however are different in that they report the MAC address of the machine they are connected to
So for the examples reported to me, DSL is spoofable and Cable modems are not.

IP6 will get rid of the chances for IP spoofing that exist like this but for now, IP4 allows a few tricks still.

There is a hack available for several types of cable modems where you set the router to have the same address
data as the machine at your ISP over the cable line in order to up the transfer rate, but I would definately consider long and
hard before doing it. If I were the sysadmin at a cable modem source ISP I would have a script watching such changes.

Anything you do should be checked by going online and checking your IP such as in the tools section below.

It would also be wise for you to reset your MAC and IP back to what they should be once you are done working.

Trickybit - See what email receipts reveal Tools-on-net - DOTLESS IP's and MUCH MORE SamSpade network tools
PGP encryption downloads at MIT, USA PGP International Downloads Xganon Search for PGP keys
HIDE-IT (quick-hide any window, runs in any modern windows version, runs in the taskbar next to the clock, great when boss is near) - The best domain information site I have ever seen
(I found this in the tracks of a would-be hacker who tried to mess with me)


These tools can be very handy but can also be your worst enemy when you wanted to delete something but not really 'erased.'

EnCase is used by law enforcement agencies to get evidence about people from data removed from their machines.
If someone has been using your PC it can be very handy to find out what has been done to it.
Go to in their downloads section to try out their software.

Easy Recovery Pro was very easy and helped me get back a ton of files after a system crash.
It works by dropping recovered files to a separate partition or an FTP location so it doesn't overwrite
unrecovered data with data that it is currently recovering.

There is also PC Inspector File Recovery by Convar (A German Company).

Another one with good reviews is VirtualLab Data Recovery though I have not tested either of these last two.

Erasure tools for cleaning up for secure deletion are in the next section.
Since recovery tools and erasure tools both are available to you, it is easy to test them against eachother.


With all that junk that tends to fill up our hard drives, data is recorded and stored all over our pc's about what we do and where we go.
These tools are my favorites for getting rid of those tracks.

Some classic specifics are described in Fravia's Anonymity Lab
OS's have been changed MUCH and new things added.
Software hasbecome available to make many of these tasks easier, such as removing tracks from specific applications.

Tracks Eraser Pro - These guys are great, like in Proxomitron, they have user-creatable plug-ins.
When you find a program that is not cleaned by T.E. Pro, go to OPTIONS tab and click the UPDATE button
and check for new plug-ins or read the docs on how easy it is to create (and post) your own.
You could also just go straight to their plug-ins download page to get the ones you want.

Evidence Eliminator - This one is also a very nice cleaner. Both T.E. and E.E. show you a running log
window of things they are doing to eradicate junk on your hard drive and in your registry.
It also has a way for you to create customized plug-ins with a downloadable plug-in creation tool.

The US Government has security regulations state that 10 complete erasures of a file will securely delete it.
[ This is done by overwriting a deleted file 10 times with ones and zeroes ]
Setting a program like Tracks Eraser to automatically do this is very nice for security.

If you are using MS-DOS you can still get the Real Delete TSR program to do this for that operating system.


If that wasn't enough, the deluge of spying ad software and also surveillance software on the net today
is enough to make anyone want to leave computers behind and become a monk. (Okay, maybe not EVERYONE...)

This section is for both removal and usage of these software types.


Software in this section (Quick Links)

Anti Ad-Ware Software: Ad-Aware, SpyBot Search&Destroy, Spy Sweeper

Anti-Surveillance Spy Software: SpyCop Privacy Scanner, Anti-Keylogger


Well, there are several pieces of software to help us fight this onslought of computer infecting privacy thieves
For the Ad software, there is Ad-Aware which gets rid of many of the latest junk advertisements that can hassle
you again and again by slowing down your machine and outright crashing applications. (msbb for example)

Another one, SpyBot Search & Destroy, has removed some that Ad-Aware didn't find.

You really ought to try Spy Sweeper, I am really pleased with it's results.

it is smart and tells you if the adware you are removing is going to stop a program from working,
and it lists the program that would be affected
It does a great job to clean drives and is updated much better than adaware or spybot s&d
It also installs an antivirus-like thing (anti-spy)
it only installs once for free, uninstalling and reinstalling will not work, it requires you to buy it

also make sure you are online when you install it the first time
because it will allow you on install to download the anti-spy updates
(like Norton and mcafee's auto update feature)
but if you install it and you are not live on the internet,
it will not allow you to download any updates unless you pay for it


For the more intrusive ones out there, here are some good ones (plus some field observations I have made)

These two I have had some interesting results with when doing contract work for a surveillance company (not kidding).
(For those of you who do that, be sure to research the latest infiltrative nasties in case the software doesnt see them yet)

I will say that I ran about half a dozen different scanning applications on the machine, but these next ones were
the only ones which found the offender: Spector from SpectorSoft (This was in early 2003).
They BOTH found an instance of SPECTOR on the client's machine, but with an interesting difference:

SpyCop Privacy Scanner found the software itself in the system directory:


Anti-Keylogger found the encrypted log files on the hard drive:

c:\windows\system\netext\*.tpr (file dates are false to fool the unsuspecting)

It was great from a reverse engineering point of view, in that it definately exposed the belly of the beast to use both of them.

SpyBot Search & Destroy also kills some of this kind of spyware, though Spector was not listed in their website.


Very often, especially if you have a lot of visitors, people could be using your machine for things when you aren't looking.

You should always know what goes on in your own computer.

If you do, however, know that the software is designed to write the data to a log, so MAKE SURE
you know where those logs are so you can remove them should the need arise.

Several of the more modern monitoring (and anti-monitoring) software (such as Spector) are available HERE
and a rather comprehensive collection is at

A couple more sites where you can get trial versions of these pieces of software:

Global Shareware Downloads - ExploreAnywhere Downloads

It would be worth your while to try them out and see if there are any that the scanners miss.


I don't need to describe this section, though I can say that I have extensively studied these things to learn their innards.
(I had about 5000 of the dang things on a zipdisk somewhere from a while back)

Some of you may remember my SYMBIOTE which was based on virus code to allow
programmers to add title pages and integrity checks to their programs easily.
It was designed to allow attachment of your own code to an MS-DOS .COM or .EXE file
No it isn't a virus, because once it is launched at a file, it combines itself but cannot replicate.
The funny thing is that because it does attach itself, virus scanners mistaken it for one :)

McAfee seems to be more of a memory hog than Norton Antivirus (trialware available)
Just be sure that if you use the Norton's Protected Recycle Bin with the corporate version
that you remember to empty that after you empty the regular recycle bin files.
It is a recycle bin for your recycle bin, so deleting things doesn't mean they go away.
I tend to turn that feature off - it is there for people who need backups of their work.

I have come to really appreciate the capabilities of F-PROT and some associates of mine
swear by AVP/KasperSky which also has 'anti-hacker' software.

You can also run a full online virus scan of your machine from Trend Micro if Java is enabled in your browser


Okay so I am having a little fun late at night, and wasting time on the web...
And many of you already have thought of this one...
But ANYWAY... this will work :)

1) Pay cash for a money order at a supermarket (best if you aren't a regular and there is a crowd)
This is smart to do in a different town, money orders tend to show their purchase location.

You don't have to sign a money order in front of the clerk, especially if you are in a hurry
(and cash can be too easily stolen from envelopes en route anyway)

When filling in the blanks, try using your other hand - Don't worry about bad handrwriting,
that is something that many people have anyway, and usually looks nothing like your own.

Money orders are like checks, only the recipient can cash them
and they are already paid for, so people are not going to turn them down

2) Type your letter, don't provide a return address
If you are really paranoid you should seal it with water dabbed on a tissue or
sponge rather than saliva that can be DNA tested ;)

3) Mail your letter using the 'Blue Box' public mail drop locations
This one is also best if you go to a different town since the postmark will show where it came from.

4) If you had to include contact info, there are many free email locations on the net

Other methods aren't quite so easy though I can't very well impress upon you how hard it is to have mail sent
to a home with no tenants and not get noticed at some point :)
(Hey, people do it! -- and no I am not one of them - this could get you into trouble so I would avoid doing it)

Ever wondered how people make anonymous donations?
Besides, some online services even allow check or money order purchases.

Well, there u have it!
( It is also legal. )
Have Fun!

Note - If you have any anonymity tips that I might find interesting, drop me a line,
I might even add them to the site.

(The Paranoia Principle?)

There have been many questions about my site directly from people I meet on IRC regarding what I feel safe with.
This section is a summary of this site, as well as some of my way of thinking.

First of all, I will not give you any information I wouldn't use - and will attempt to warn you about issues that may exist
should they come up - in any event (like the JAP proxy issue on this page for example ) that would not protect you.

That out of the way...

Many admins between you and some server on the net (specifically ones where you work or go to school) have running sniffers
watching data go by, and law enforcement and government people do the same. Personal privacy with any information
that you wish to send or receive is important to everyone, and snooping you in some cases is even legal even though it shouldn't be.

I have seen it and we know examples because of things that go across the news every day.

I don't go on IRC without going through a proxy -- as myself.
If I cannot get to a proxy in a hurry, I login under a different nickname
(sometimes a good idea anyway to see what is going on when you aren't there).
Much of the time I set a basic remote proxy in my IRC client, and go through a BNC proxy or two as well.

Just getting on IRC tends to mean people try to connect to my machine or network via my exposed IP, which is a real problem.
Many of them are trying to hack for information or to be able to use programs on my machine. Many surf IP's for free software.
Many just try to find out more about who I am.
(I know or have met people who have done all of the above)

Firewall software is a MUST here. Keep people out of your machine and you are much better off.
The last thing you want is a snooper placing a trojan on your system either directly or via email.
Virus scanners are the brothers of the firewalls and you really shouldn't get on the net without either one.

For any network access, I tend to try to find a place to connect to the net where it is public and people cannot watch my screen.

GOOD Encryption Is Best Served Anonymously.

No matter what I want to do on the net, if encryption is possible, I take it.
People can't snoop you if your message is unreadable.
If they can't even figure out where the message or connection comes from that's even better.
Sometimes you can have one or the other and not both when it comes to a specific thing you wish to do.

Basically: you have to think about what is the important issue for each different thing you wish to try:
Is it safe enough to connect and be seen as the person connecting... if they can't read my message...
OR is it safe enough to send a clear text message... if they can't figure out who sent it or where it came from?

If you do have to do something anonymously... BY ALL MEANS test the results if at all possible before you rely on something.

Read the documentation on the resources available to you - things DO change.
Some resources don't log you at all, some do but refuse to give anything away to protect your safety.
Some places only protect you if you are not doing specific activities through their service.
Many resources have a good amount of information regarding how they protect you and your right to privacy.
You just have to read the documentation which is usually available with the resource or on a website.

For web browsing, I tend to set a remote proxy in my browser, and then go to a secure place like

Also - vary which emailer, web anonymizer, news service, etc... you use.
If people around you notice that you use a certain service, it isn't all that anonymous anymore is it :)
So just change services regularly so there is no way for someone to single you out.

I do try to make anonymous payments when it comes to an online service that accepts money orders (when available).
Sometimes it is very necessary to prove I am who I say I am (say when purchasing something online) but the need
for encryption is majorly important. All of us are concerned about credit card purchases online so no example is needed.

Note: when you have to make a credit card payment -- DO NOT USE A PROXY!
It is best to do that direct and encrypted, because anonymity does not mean a hill of beans in this case.
Why? because a credit card has your name on it anyway, and a proxy is a relay to another location.
Someone at a proxy location can see your information - best to make an anon payment by mail or just go direct.

I use secure FTP and SSH for any transactions or file uploads so some sniffer can't read my passworded accounts.
when FTP is not available, it is often possible to use SZ and RZ (old zmodem protocol)
to upload or download through an SSH connection. It may be old but it is nice when the other is not available.

Major need to securely delete data on your machine for your personal safety:

I also use Tracks Eraser with plug-ins based on the software I use that leaves 'recently opened items'
traces that you see when you open a program. Data recovery software will scare you when you see
how much can be recovered from your hard drive that you had no idea was still there long after deletion.
I know of one specific case where someone went through all kinds of legal problems because someone sent
that person some unnacceptable material via email and had been deleted. That person had a hard drive crash,
had to have it taken to a data recovery service, and was turned in by someone at that service.
That person had not done anything wrong but it took years to clear up and much bad press was out there.
Keep your machine clean and that will not likely happen to you.

Remember that even the best of friends will be incapable of keeping your privacy if they are put in a bad enough bind.
I know that sounds terrible with the 'trust no one' philosophy, but it is a rare bird who will take the fall for someone else.
To keep friendships from being broken, and people from losing jobs or being kicked out of a college, etc... it is
just best to do whatever it is you feel you need to protect privately -- the least number of other people involved the better.
The number one fatal fault of a gifted hacker/cracker/virus-writer/political-minded/etc... is the need to brag.
That has gotten many to lose their jobs or even imprisoned.

Like I mentioned, most of the time it is just the need to keep people from snooping in your business,
but one can really learn a lot from those who have had public falls after being on top of the world.

Send Me A Message
(JavaScript must be enabled to avoid most spammers)

Your Name:

Your E-mail:

Your Message:


[ Quick Privacy Switchboard ] [ IP Spoofing ] [ Encryption Notes and Chat ] [ SSH Connections ] [ Instant Messengers ]
[ Mail2News and Mail Relays ] [ Proxy Tools ] [ IRC ] [ Firewalling ] [ Intrusion Detection ] [ Getting Online Privately ]
[ Router Tricks ] [ Useful Tools ] [ Data Recovery ] [ Cleaning Tracks Off Your System ][ Spyware ] [ Antivirus ]
[ Making Safe Anonymous Payments By Mail?!? ] [ How (And Why) I Do Things To Protect Myself ]
[ Send Me A Message ] [ What's New ]

[ Back to top of page ]


I am always open to suggestions and additions, and my email address is listed in the PGP public keyfile above if you need it.

Copyright ©2003 by Greythorne the Technomancer