How exactly does iesnare work?

Pages: [1]
Author Topic: How exactly does iesnare work?  (Read 1838 times)
freaked
Newbie
*

Karma: 0
Posts: 32


View Profile

freaked

How exactly does iesnare work?
« on: April 07, 2016, 11:19:30 AM »

As I understand the most important piece of information they get is my MAC number as this cannot be changed when opening future accounts.

So even if I use a tool such as betterprivacy which deletes all flash cookies at the end of each session, the fact that iesnare was on my system for even a split second means that the bookmaker now has my mac address and if I have previously set up an account from the same device with the same protection against it they can immediately link both.

So I need to use an alternative method to never let this system access my device.

Am I correct with everything here?
Logged
blackjim
Newbie
*

Karma: -2
Posts: 36


View Profile

blackjim

Re: How exactly does iesnare work?
« Reply #1 on: April 07, 2016, 12:32:31 PM »

I very much doubt you can get a MAC address of a network adapter using JS within the browser.

http://stackoverflow.com/a/7923/2759625

Maybe in the IE "world", but not in modern browsers.
And a MAC address is easy to fake. https://www.google.co.uk/#q=change+mac+address+network+adapter
Logged
freaked
Newbie
*

Karma: 0
Posts: 32


View Profile

freaked

Re: How exactly does iesnare work?
« Reply #2 on: April 10, 2016, 11:20:12 AM »

So iesnare uses JavaScript to get onto our device?

Is it a flash cookie or is it a program that is stored in a flash cookie?
Logged
blackjim
Newbie
*

Karma: -2
Posts: 36


View Profile

blackjim

Re: How exactly does iesnare work?
« Reply #3 on: April 10, 2016, 12:44:35 PM »

So iesnare uses JavaScript to get onto our device?

Is it a flash cookie or is it a program that is stored in a flash cookie?
Cookies are key/value pairs stored in the browser. ( https://en.wikipedia.org/wiki/HTTP_cookie )
They are set by the server and JS running in the browser. Flash can access cookies via JS.
But a cookie can only hold a value, like number or text. It cannot "run a program".
Also, you can delete them as soon as you leave a page ( just use "incognito/privacy" mode )

Any page that you visit with your browser, probably uses JS to enable some functionality.
( you can turn JS off in your browser, so none of the JS code will be executed, but then most pages won't function properly )
Some pages ( like the bookmakers' ) might use JS to also pick on some data about your machine. But browsers, for security reasons, sandbox every page, so the data it can sniff on are limited.

There are many silly "what is your browser" pages ( like this https://www.whatismybrowser.com ) which seem to be knowing a lot about your machine.
But they infer most of the info.
For example, accessing a site via VPN, can mask your real public IP. So "location" will be not real.
Masking the user-agent can throw off anything that is inferred from that, etc.
So, it's complicated to know how each sites gathers data and what you need to change.

The more you can mask/change, the better. But it depends on what you are trying to hide.
Logged
ludako
Newbie
*

Karma: 3
Posts: 82


View Profile

ludako

Re: How exactly does iesnare work?
« Reply #4 on: April 10, 2016, 02:18:58 PM »

Opening future accounts is easy. Here's the steps I use:
1.Turn IPv6 OFF:
Open Network and Sharing Center->Change adapter Settings->Choose the active connection->Properties->Remove tick from "Internet Protocol Version 6(TCP/Ipv6).
2. Go to Start->Control Panel->Internet Options->Delete Browsing Data->Delete everything.
3. In the browser you are using go to Settings->Privacy->Delete Browsing Data->Delete everything.
4. Download this program: https://technitium.com/tmac/
Start the program, just choose 'Random MAC Address' -> 'Change Now!'.
If you lose internet connection, turn your router off for a minute.
5. Change IP.
Ask your ISP or just check if your IP is dynamic. If nothing works just make your mobile phone a hotspot using mobile data and connect your PC to that hotspot. Always check your IP if it's changed or not.

GL!
Logged
NDR
Newbie
*

Karma: 2
Posts: 40



View Profile

NDR

Re: How exactly does iesnare work?
« Reply #5 on: April 10, 2016, 07:19:56 PM »

check your details here:

whoer.net/extended

check2ip.com

ipleak.net


dont forget to turn web RTC off:

about:config

media.peerconnection.enabled

from true to false.

Logged

pls excuse my bad english
freaked
Newbie
*

Karma: 0
Posts: 32


View Profile

freaked

Re: How exactly does iesnare work?
« Reply #6 on: April 11, 2016, 06:15:33 AM »

The 3 sites NDR linked have a lot of data about me, can any site I visit see this? 
My OS, browser, scripts, plugins and system time and language?
Very worrying if so.
Logged
ludako
Newbie
*

Karma: 3
Posts: 82


View Profile

ludako

Re: How exactly does iesnare work?
« Reply #7 on: April 11, 2016, 10:56:38 AM »

The 3 sites NDR linked have a lot of data about me, can any site I visit see this? 
My OS, browser, scripts, plugins and system time and language?
Very worrying if so.
Yes, every site can see this.
Just to let you know that these stats are not individual and everyone in the world can have the same OS,browser,scripts, etc.
Nothing to worry about if you follow my steps.
GL!
Logged
freaked
Newbie
*

Karma: 0
Posts: 32


View Profile

freaked

Re: How exactly does iesnare work?
« Reply #8 on: May 21, 2016, 08:43:33 PM »

Opening future accounts is easy. Here's the steps I use:
1.Turn IPv6 OFF:
Open Network and Sharing Center->Change adapter Settings->Choose the active connection->Properties->Remove tick from "Internet Protocol Version 6(TCP/Ipv6).
2. Go to Start->Control Panel->Internet Options->Delete Browsing Data->Delete everything.
3. In the browser you are using go to Settings->Privacy->Delete Browsing Data->Delete everything.
4. Download this program: https://technitium.com/tmac/
Start the program, just choose 'Random MAC Address' -> 'Change Now!'.
If you lose internet connection, turn your router off for a minute.
5. Change IP.
Ask your ISP or just check if your IP is dynamic. If nothing works just make your mobile phone a hotspot using mobile data and connect your PC to that hotspot. Always check your IP if it's changed or not.

GL!


Having taken these into account, here are mine (for a macbook). Some steps go into more detail here http://arbusers.com/index.php/topic,4031.0.html

1. Set layout.css.visited_links_enabled to false to stop CSS tracking
2. Go through noscript whitelist ensuring everything there is safe
3. Change my fingerprint by downloading irrelevant addons and updating my browsers (and possibly operating system)
4. Make sure adobe flash storeage limit is at zero
5. Check if MAC address is spoofed in terminal, by entering sudo ifconfig en1 ether aa:bb:cc:dd:ee:ff, then ifconfig en1 | grep ether. Make sure it corresponds to my device on http://aruljohn.com/mac.pl
6. Wifi – network preferences – tcp/ip – configure IPv6 – off (it's always like this anyway)
7. Delete all history from every browser on my device - create and delete an evercookie (http://samy.pl/evercookie/) on each browser to ensure this works
8. Change IP address

Anything else I should add? Anything unneccesary?


dont forget to turn web RTC off:
about:config
media.peerconnection.enabled
from true to false.

Is the only security threat of webrtc to show my ip address? Because I simply change my ip each time and the above setting affects some sites when it is set to false.
Logged
Pages: [1]
Print