Download S4H Linux for Raspberry Pi 2 & 3

School for Hackers Linux

We maintain a special build of Fedora Linux for Raspberry Pi with the Security Spin packages pre-installed, plus some accessories and services already set up, to make using your Pi as a hacking and security-testing platform easy. It’s a great OS for students and teachers of hacking and security, and saves both a lot of time building a stable, updateable toolset.

These OS images (and a growing heap of goodies) are available to registered students of School for Hackers. Use the Register link at the top of the page to create an account, then log in to see extra menu items and pages. Then visit our Setup page for instructions on how to load the image, change passwords, connect via VNC or SSH and get started with the Security Lab tools: https://schoolforhackers.com/set-up-your-fedora-pi-card/.

You can use our School for Hackers Linux on a Raspberry Pi, as a Virtual Machine or directly installed onto your laptop. We’re building our hacking lessons for exactly this platform, so for the most part you’ll find everything pre-installed (except where we need to teach you how installation works). We recommend it as the best OS for our School for Hackers students.

[ Hacker Night School ] :: [ Hiding Your Ass ] :: [ Using a VPN ]

Starry Sky (Htet Aung)
This entry is part 5 of 7 in the series [ Hacker Night School ]

Starry Sky and Glenn Norman discuss using a VPN or proxy server

Now take the Quiz:

1. What of these statements is the most accurate description of a proxy.

a. Hides your IP address
b. Makes it look like you’re coming from a different IP address
c. Makes your web traffic (ports 80 and 443) look like it’s coming from a different IP address
d. Makes ALL your network traffic look like it’s coming from a different IP address

2. What exactly does a VPN do?

a. Hides your IP address
b. Makes it look like you’re coming from a different IP address
c. Makes your web traffic (ports 80 and 443) look like it’s coming from a different IP address
d. Makes ALL your network traffic look like it’s coming from a different IP address

3. Will a proxy hide your IP if you are:

Yes    No    Streaming video
Yes    No    Downloading a torrent
Yes    No    Using instant messaging
Yes    No    Watching Flash

4. Will a VPN hide your IP if you are:

Yes    No    Streaming video
Yes    No    Downloading a torrent
Yes    No    Using instant messaging
Yes    No    Watching Flash

5. Suppose you have been given a penetration testing contract to test the security of a company’s web applications. Which type of service would give you sufficient privacy, usually at no cost, and sometimes with superior speed?

a. Proxy server
b. VPN
c. macchanger
d. Burp Suite

6. Your next pen testing contract has you scanning your client’s internal and external networks and computer systems. You’ll be using lots of non-web tools like nmap and hping3. Which type of service will give you the level of concealment you’ll need when using any networking protocol?

a. Proxy server
b. VPN server
c. Working from the nearby Starbucks
d. Kali Linux

7. How should you check to see if your proxy or VPN is working?

a. Check your external IP address after starting the VPN
b. Check your external IP address before starting the VPN
c. Both, and make sure they’re the same!
d. Both, and make sure they’re different!

8. Which would be the safest country for you to get your VPN from?

a. USA
b. Switzerland
c. China
d. Russia

Answer Key:

1: c
2: d
3: No, no, no, no
4: Yes, yes, yes, yes
5: a
6: b
7: d
8: b

[ Hacker Night School ] :: [ Hiding Your Ass ] :: [ Using a Proxy Server ]

Glenn Norman
This entry is part 6 of 7 in the series [ Hacker Night School ]

One of the trickiest things about hacking is knowing what kind of anonymity tool to use, when. If what you are doing involves only the Internet (i.e. web pages and web sites), the right anonymity tool is a proxy server. “Proxy” means “stand-in” or “intermediary” (look it up; research is your specialty, right?), and a proxy server is just that: it makes your requests on your behalf, and hides your identity.

Cool, right? The thing to remember is that proxies (like TOR) only manage http(s) traffic. The instant you download and click on a .torrent file, or watch any video in any format, you’ve just jumped out of http(s), and into a different protocol that won’t be managed by your web proxy. And that’s what we really mean here: not just proxy but web proxy.

If you want to run all of your external network traffic through an anonymizing system, that would generally be a VPN, which can be a pipeline for literally everything you do outside your cable/DSL modem. But for a good discussion of when and why you should use a web proxy, check out the article linked below. It is, to a degree, an advertisement for a TOR alternative, but we all know how to filter out the advertising, right?

http://www.makeuseof.com/tag/x-reasons-using-anonymising-proxy-server/

And:

https://www.torproject.org/

https://geti2p.net/en/