LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   What data my computers gives away on internet boards? (https://www.linuxquestions.org/questions/slackware-14/what-data-my-computers-gives-away-on-internet-boards-903285/)

veeall 09-15-2011 11:40 PM

What data my computers gives away on internet boards?
 
Hi! Are there any linux tool to monitor what data my computer gives away when, for example, posting something on a public webpage? I-m concerned about ip, e-mail, mac-addresses, etc. Can i somehow see how a webpage sees me - an user?

Richard Cranium 09-16-2011 12:00 AM

tcpdump (part of slackware) and perhaps wireshark (part of slackbuilds.org).

ponce 09-16-2011 12:14 AM

hope these two can be useful

http://en.wikipedia.org/wiki/List_of_HTTP_header_fields

http://pgl.yoyo.org/http/browser-headers.php

Woodsman 09-16-2011 12:15 AM

How much information you provide is controllable only to a certain point. For example, unless you use something like TOR you can't hide your IP address from destination servers.

Most of the information you provide is done through browser cookies, Flash cookies, JavaScript, and Java. You can eliminate 90% of what anybody can learn about you by disabling JavaScript and Java. Using white lists to control JavaScript, Java, and cookies is a smart policy to control information flow.

Any time you enter data in an online form then you are providing information. Only you can control what you provide.

MAC addresses are not routable across subnets. Once your data packet goes past your home router or ISP modem, the MAC address is no longer discoverable. That can be bypassed by enabling JavaScript or Java, which allows scripts to snoop your system. Therefore only allow JavaScript and Java at trusted sites.

You can send data to a destination site encrypted if that site supports SSL/https.

Email passwords typically are sent in clear text. A packet sniffer like Wireshark will show as much. Using email security such as SSL/TLS will hide passwords, but your mail provider must support that. Emails that are sent without encryption are viewable and readable by anyone who intercepts the packets.

If you want to see what information your web browser is revealing, try these two sites:

http://ipinfo.info/html/privacy-check.php

http://www.whattheinternetknowsaboutyou.com/

Try using those sites with and without JavaScript or Java enabled and you'll see the difference.

Flash cookies are not controlled by web browsers but there are tools and methods to prevent data collection through those. If you don't use flash cookies at all then the simplest way to stop them dead is to create two zero-byte files in your home directory named $HOME/.adobe and $HOME/.macromedia. If you need to enable flash cookies for specific web sites then you'll need to investigate other methods of house-keeping and control.

Web browsing history can be tracked through the browser's history cache. There are ways to control that too.

Others can add more information. I'm just touching the tip of the iceberg but hopefully you are now fully paranoid. :D

Richard Cranium 09-16-2011 12:44 AM

Actually, email itself is sent in clear text unless you encrypt it yourself. Even if the various email servers encrypt it on the wire, the text will be sitting on a machine somewhere until it is delivered to the destination inbox.

veeall 09-16-2011 02:32 AM

So, if i have two computers behind the same router and i post a comment on a public website, then go over to another computer and post a comment from there, can a website tell that i've been posting from different computers.

The reason i'm asking is because my post about legitimacy of bank loans system(you know, the conspiracy talk :)) got banned on a news site and i received warning about it on one computer, but not on another. It got me thinking what this website sees about my computer and is there a way to review the data to be send, before actually sending it.

Thanks for all the links!

Edit:
Quote:

Originally Posted by Woodsman (Post 4473180)
MAC addresses are not routable across subnets. Once your data packet goes past your home router or ISP modem, the MAC address is no longer discoverable. That can be bypassed by enabling JavaScript or Java, which allows scripts to snoop your system. Therefore only allow JavaScript and Java at trusted sites.

I guess this is how that website is differentiating my computers, through javascript or something, cookies.

Edit2: :) whattheinternetknowsaboutyou.com: Congratulations, we did not find anything in this category in your browser history. - With slackware and opera.

'tcpdump' is maybe too techie for me, i guess it's the same kind of app as netwatch. I like how all these lines of text roll, but understand just a little.

Edit3: I'm checking wireshark too, maybe i'll learn something, at least it helps to proceed in paranoia. :)

tronayne 09-16-2011 05:55 AM

Using Firefox (or SeaMonkey)?

Get the [I]NoScript/I] add-on.

While you're at it, get the AdBlock+ add-on, too.

Not using Firefox or SeaMonkey?

Start.

Hope this helps some.

H_TeXMeX_H 09-16-2011 08:05 AM

The only thing that you cannot stop websites from viewing is your IP, but tor can help here.

Since you are from Estonia, I hear they have a national internet e-ID:
http://www.activistpost.com/2011/09/...tronic-id.html
I'll bet you that is another thing that gives you away.

Woodsman 09-16-2011 10:39 AM

Quote:

So, if i have two computers behind the same router and i post a comment on a public website, then go over to another computer and post a comment from there, can a website tell that i've been posting from different computers.
Yes. Home router/switches use network address translation to track which computer behind the router is sending and receiving packets. Fundamentally the router has two interfaces: one for the LAN and one for the other side. On both sides the router has its own IP address. On the internet side that IP address is what is seen downstream. Further, the ISP assigns an IP address to each connection. All computers behind that router are seen by others on the internet as using that same IP address.

If you move to a different house and use a different computer there, then the IP address will be different and people downstream in the internet will not see that as the same connection.

If you move to a different house but use the same computer then you can be identified if you do not clear cookies or fail to use a different login ID at forums.

If you have JavaScript or Java enabled in a web browser then the game changes because scripts can identify the computer and user. That is why I recommended testing those privacy sites with both enabled and disabled. Then you can see the difference in information transmitted. That is why white lists are important. For Firefox, the NoScript add-on will help create white lists for trusted sites.

Most discussion forum software looks at cookies and IP addresses to identify the user. If you are trying to circumvent that then use two different login IDs at different IP addresses. You can set up different user profiles if you are using Firefox.

Disabling JavaScript and Java prevents a significant majority of privacy concerns. That is the way I have Firefox configured. I never allow Java in my normal surfing sessions and I allow JavaScript through NoScript only for a few trusted sites. I likewise use a white list for cookies and except for a few discussion forums only allow session cookies. I explicitly prohibit cookies from known tracking sites such as Google. I use dnsmasq with a second hosts file to block undesirable IP addresses and advertisements.

With that said, discussion forums are the property of other people. Asking to be a member of a forum means accepting their policies for usage. Moderators have standing to warn users about violations. If you visit a friend and the friend asks you to remove your shoes you comply because that house does not belong to you. :)

Quote:

The reason i'm asking is because my post about legitimacy of bank loans system(you know, the conspiracy talk ) got banned on a news site and i received warning about it on one computer, but not on another. It got me thinking what this website sees about my computer and is there a way to review the data to be send, before actually sending it.
Look first for the simplest answer. The difference could be as simple as how you worded both comments and how the moderators viewed those different posts.

Quote:

I guess this is how that website is differentiating my computers, through javascript or something, cookies.
Disable JavaScript for that web site, allow session cookies only, and set up two different web browser profiles to appear as two different users. Yet even then many people can't fool others because of their writing style. This is especially challenging when participating on forums where English is required to be used and that language is not the user's native language. :)

To be in cognito requires significant discipline. Most people are horrible at being transparent. :)

bosth 09-16-2011 10:51 AM

You can set up a Privoxy proxy server on your home computer. There's a SlackBuild and the default configuration is a good starting point.

veeall 09-16-2011 11:41 PM

Quote:

Originally Posted by H_TeXMeX_H (Post 4473561)
Since you are from Estonia, I hear they have a national internet e-ID

Yes, i've already developed distrust for that one, though it is good for bank operations and managing taxes. :)

Thanks, Woodsman, for advices, i keep them in mind next time when ranting, unfortunately, websites block commenting without cookies and javascript enabled.

Thanks for all the tips and programs mentioned! I'll plan to investigate into this proxy and tor thing.

Martinus2u 09-17-2011 02:28 AM

Quote:

Originally Posted by veeall (Post 4473295)
So, if i have two computers behind the same router and i post a comment on a public website, then go over to another computer and post a comment from there, can a website tell that i've been posting from different computers.

yes, your browser can be fingeprinted. You can check how unique your installation is here:

http://panopticlick.eff.org/

Even without Javascript and Java you leave a fairly unique fingerprint with every HTTP request. With Javascript or Java you can be safely recognized.


All times are GMT -5. The time now is 01:56 PM.