Silk Road forums
Discussion => Security => Topic started by: noneemous on September 29, 2012, 04:11 am
-
I'd like to use MAC client filtering as a layer of security on my router, which requires a whitelist of allowed MAC clients. Since Liberte randomizes MAC addresses, this poses a problem.
i think for a small time buyer, I'm better off protecting my WLAN security vs avoiding fingerprinting. So anyone know of a way to get a static MAC address or completely stop MAC spoofing in Liberte?
Also, a question regarding TOR on Epiphany. Prior to using Liberte, I had only used the TOR browser bundle to access the darknet. Is the TOR implementation in Liberte as secure as the TOR browser bundle?
-
Ok. first things first.
If you wanted to have transmission security and plausible deniability from everyone (not just the feds), then open your router up, use liberte or tails. This means that you have a perfectly good reason for vast amounts of encrypted traffic going over your network ("i swear i know nothing about wireless security officer!"), and if you are using liberte/tails then all that traffic is ENCRYPTED, so your neighbors cant possibly see it, neither can the feds. Also dont forget to use clearweb most of the time though, all your traffic encrypted is suspicious...
If you are more worried about neighbors/feds exploiting one of your machines (that connects through clearnet). wpa2 and mac address filtering all the way. Don't let anyone else onto your network.
Secondly I'm not sure but i think you could run it through a VM. this might mean that you could kill 2 birds with one stone, visualization and mac address problems. Don't hold me to that though.
And lastly, the anti browser fingerprinting of liberte is good. But its not great compared to the sheer number of people that use the browser bundle. Pretty hard to "fingerprint" your browser if your browser happens to be the one used by a gajillion people to access an encrypted anonymous network.
-
There's a few ways to accomplish this. Liberté only randomizes wireless connections, so you could always just connect to your network through ethernet.
But if you need wireless, you can always just change the mac address with the ifconfig command. ifconfig can only be run as the root user, and Liberté locks down root access a couple minutes after the system starts, so here's what I'd suggest:
Start Liberté, enter your password, and once it boots to the GUI, push "WindowsKey+Esc" and "Logout to shell" push the WindowsKey again until you see the root terminal. type "okroot" to unlock the root account (you can skip "okroot" if you're really quick about all this). As the root user, type the following
ifconfig wlan0 down
ifconfig wlan0 hw ether XX:XX:XX:XX:XX:XX (whatever mac address you whitelight on your router)
ifconfig wlan0 up
Then you can connect just fine. With this method you'll have to do this every time you start, and you can whitelight a different address than your normal one. I'd suggest putting the above code in a text file with "#!/bin/bash" at the top, so it looks like this
#!/bin/bash
ifconfig wlan0 down
ifconfig wlan0 hw ether XX:XX:XX:XX:XX:XX (whatever mac address you whitelight on your router)
ifconfig wlan0 up
Then save the file (for this example, name it "filename") change permissions to make it executable (right-click, Properties, Permissions, "Make this file executable") and store it in your persistent directory. Then you can change your mac to the one you whitelighted when you start the computer up by logging out to shell immediately, switching to the root terminal, and typing "./home/anon/persist/filename"
This way you can use a different mac address than the one your computer is hardwired to use, and you can connect with the same mac address everytime you start up.
There might be an option you can type during the GRUB bootloader to prevent it from randomizing the wireless mac address, but I'm not sure about that.
Hope this was helpful and easy to understand, I'm pretty high right now :p
-
Hey,
I tried to do this. I am using TAILS.
I made the file and stored it in persistent. I named it "C MAC".
I then made the file executable.
Then I opened a root terminal and typed:
./home/amnesia/Persistent/C MAC
(I also tried it without the . period at the front)
When I do this it comes back as:
bash: ./home/amnesia/Persistent/C: No such file or directory
What am I doing wrong? Any help is greatly appreciated.
When you type stuff in a terminal, you need to put either single ' or double " quotes around any file that has a space in it, otherwise it thinks you're trying to run the file 'C' with the option 'MAC'
Try this:
./home/amnesia/Persistent/'C MAC'
and it should work