For example JAP[1]. There are couple of those projects, some more or less well working.
To be on the safe site, make sure you are datapiping through lots of servers under your control - which don't implies they are owned by you. And would be an advantage if those servers are in countries which are not that famous for their legal actions like Panama, etc.

That's very interesting, I should learn more about these ... Guess I should move to Panama lol

Yes it is, thanks. But it's never enough
If I keep asking, I won't stop lol

Can I be called CISSP as well?
Damn, I wish lol

You don't need any linux knowledge for it. And where do you get the right to say they are incompetent idiots? I don't say they are smart and clever, but what do you want to do against e.g. a VPN tunnel?  Blocking 1723? Well, what if I remap to another port? The whole "security" concept is gone. There is no chance to prevent against malicious stuff like that my friend. No matter if it is Etisalat or any other telecommunication provider.

I never stated Linux was a required pre-requisite. I merely implied that the average Linux user is bound to be aware of that option. I publicly claim they're incompetent just to tick them off, but they're generally stupid anyway. There are a lot of exploits that are capable of being used against Etisalat, but those that do take such kinds of action usually are never apprehended unless they do something serious because they have too many people to go after. Etisalat messes up a lot with proxy caching and such, and we all remember that incident where people could log into other Gmail accounts.
Of course, no ISP, hacker, programmer, corporation, or any such entity is without fault, it just happens that we conveniently blame Etisalat because we hate them for blocking completely rational sites and being the most expensive telecommunications company in the world.

I agree with xaitax on most of his points about anonymity. Strictly speaking, there's no need to bother with anonymity unless absolutely required. Often, being paranoid in situations that don't require paranoia are the situations that trip you up.

Uh, yeah, and most of these 'gurus' that you claim aren't really gurus at all, just living, breathing textbooks. The second they encounter a situation they haven't studied about before, they hyperventilate.
There are very few people, as xaitax said, who are actual experts at hacking and/or forensics, and they tend to get the majority of their knowledge from practical experience. The best way to learn is by doing, not by imprinting photocopies of the book in your head. Seriously, very few of white hats that you encounter, regardless of the stack of certificates they possess are actually *knowledgeable* in their field.

Remember, folks, the number of books you study and certificates with your name branded of them are *not* a measure of knowledge.

For example JAP[1]. There are couple of those projects, some more or less well working.
To be on the safe site, make sure you are datapiping through lots of servers under your control - which don't implies they are owned by you. And would be an advantage if those servers are in countries which are not that famous for their legal actions like Panama, etc.

It is "helpful" somehow. I didn't deny. But they just blur your tracks. The connection to the server itself is still established. And *this* is the bad and dangerous part in the story.

Same as above. I don't disagree completely. But there are couple of things you must have in mind. CCTV, registrations, etc. It is not helping you by 100% in achieving your goal in which you are interested. And this is to cover your tracks completly.

It is a mixture of both. I think we agree that you can hide your ass very well if you want.
And thoose forensics "gurus" seem not be one that good, if they don't get you. There are just a few people around who make *real* expert forensics. In the Netherlands is a company for example which is extremly good.
On the other side, there are extrem good guys out there, anyway.

I hope it is more clear now what i meant.

Rgds,
Alex

[1] http://en.wikipedia.org/wiki/Java_Anon_Proxy

What other software can be used?
I would imagine that a combination of different technologies will make it even better. If you agree, what do you recommend?

I don't get you here. Check number 2 & 3 in the warning section: https://www.torproject.org/download.html.en#Warning
What do you think?

I don't get this either. As far as I know, location is very important. Can you explain why you don't agree?

Why these advanced gurus didn't "own" those Blackhats who screw around without being tracked?
Are you going to blame the gurus for not being as guru as they should be or it’s just that the hackers/crackers were really good?

Thanks.

AdmiralA
Course, Etisalat blocks that, but any Linux user with a tiny chunk of common sense can bypass those incompetent idiots.

You don't need any linux knowledge for it. And where do you get the right to say they are incompetent idiots? I don't say they are smart and clever, but what do you want to do against e.g. a VPN tunnel?  Blocking 1723? Well, what if I remap to another port? The whole "security" concept is gone. There is no chance to prevent against malicious stuff like that my friend. No matter if it is Etisalat or any other telecommunication provider.

linuxhat

1.) There is and will be no 110% or even 100% anonymity. As hard as you try to cover your tracks, you cannot make it. There are good chances with some kind of software like TOR.

2.)

This is just security by obscurity and won't help you anyhow.

What for? Just works in LAN/WAN environments. But if you are in there anyway, you are already tracked.
MAC is nothing working for Internet (have a look at ISO/OSI) and how routing works.

Same. Security by obscurity.

If you expect amateurs doing the after-hack research you might be successful.  But (advanced) forensic techniques will own you.

/xai

I've got 2 questions:

1/ Since you are an expert, why don't you elaborate on the anonymity part and what we should do to be 110% anonymous
You can also be kind to post a new topic about it.

2/ What do you think of below, do they make any difference in security?

It's amusing, once Etisalat sponsored hack.ae, but blocked all the links required as resources. How amusing is that? Hypocrisy, much?

Also, Zak, 3:45 AM is the time hackers are UP, man ;D It's the time to be awake, not sleeping.

I'll see ya in the next meet-up ... You can tell me more about your experience

I've found that it has a very strange learning curve - it takes a really long time to understand how simple it is 

And I'm sure there are other ways, probably disabling Java, JavaScript, cookies, Changing Mac Address, physical location like doing it from an internet cafe, clearing logs after the hack is complete leaving a back door.

I'm not sure if this is correct but maybe someone can add more stuff.

And thanks for the video. I love it.

Are you into security? Linux? Programing?

Also interesting http://www.youtube.com/watch?v=GVmLUODNyvo [DefCon]

Wanna share with you some videos on how pen-testing is done.

Part one: http://www.ethicalhacker.net/content/view/227/24/

Part two: http://www.ethicalhacker.net/content/view/238/24/

Hopefully one of the members will give us a session on how this is done and how we can learn more about it.

Damn, it's 3:45am ... I better go get some sleep!!!

Cheers,
Zak