Whoami is a comprehensive toolkit that can anonymize a running Linux session. It comes with scripts that can hide your machine’s real IP address, change its default DNS resolvers, and secure your browser. This article will show you how to install Whoami and run some of its modules to anonymize your Ubuntu system.
Note: Don’t confuse this with the whoami command that displays the username of the current user. Also, Whoami works for any Debian and Arch based distro.
Installing Whoami
The first step in obtaining the Whoami toolkit is to update your Ubuntu system and download the toolkit’s dependencies from apt:
sudo apt update && sudo apt upgrade sudo apt install tor curl python3 python3-scapy network-manager git make
Fetch the Whoami Git repository from the developer’s Github page:
git clone https://github.com/owerdogan/whoami-project.git
Create the folders that the Whoami Makefile expects on your system:
sudo mkdir -p /usr/share/kali-menu/applications
Install the software toolkit to your system by running make:
cd ./whoami-project sudo make install
Check if you’ve properly installed the toolkit to your system by running the following command:
sudo kali-whoami --status
Using Whomami to Anonymize Your Ubuntu System
With Whoami up and running, you can now start to harden your current Ubuntu session. To do this, run the Whoami toolkit with the --start flag:
sudo kali-whoami --start
This will create a restore point for your machine as well as load all the modules for Whoami in your current terminal session.
Changing the Hostname of Your Machine
One of the easiest hardening modules to use in Whoami is its “Hostname changer” tool. This allows you to change your system’s name which can be helpful if you’re in a public Wi-Fi network.
To start, type “7” then press Enter. This will add a new checkmark on the side of the “Hostname changer” label.
Press Enter to commit the new settings, then reboot your machine to apply it.
Confirm that your computer is now using a different hostname by opening a new terminal session.
To disable the modified hostname, run the --stop flag with the Whoami script, then reboot your machine.
sudo kali-whoami --stop sudo reboot
Changing the IP Address of Your Machine
Aside from altering your system’s hostname, you can also use Whoami to pass your local traffic through a Tor transparent proxy. This gives you an extra layer of protection by altering the IP address that you broadcast to your destination website.
To do this, disable the default ufw firewall for your system:
sudo systemctl disable --now ufw.service
Run the Whoami script with sudo privilages:
sudo kali-whoami --start
Type “3”, then press Enter to toggle the script’s IP changer module.
Press Enter again to enable the IP changer module on your current session.
Note: enabling the IP address changer module will disable internet connectivity for command line programs.
Check if your system is now reporting a different external IP address by loading an IP address checking website.
To disable the Tor transparent proxy, run the Whoami script followed by the --stop flag:
sudo kali-whoami --stop
Good to know: learn how Tor can protect your online privacy by hosting your own Tor website.
Changing the DNS Resolvers of Your Computer
DNS resolvers can be a privacy risk especially if you’re browsing on a public network where you don’t know who’s resolving web addresses for you. That said, the Whoami toolkit comes with a module that changes your machine’s DNS resolvers to a privacy-respecting alternative.
To use this, run the toolkit script with sudo privileges:
sudo kali-whoami --start
Type “4”, then press Enter.
Press Enter again to apply your new settings to your machine.
Refresh your system’s DNS cache by running the following command:
resolvectl flush-caches
Confirm that your machine is now using Whoami’s alternative DNS resolvers by doing a dig query:
dig maketecheasier.com | grep "SERVER:"
Securing Your System from Cold Restarts
Besides anonymizing your machine from network-related attacks, the Whoami script can also protect your system from anyone directly snooping its system files.
To do this, run the Whoami script with sudo privileges:
sudo kali-whoami --start
Type “2”, then press Enter.
This will tell the script to automatically delete any log files in the system before shutting the machine down.
Type “9”, then press Enter.
The “Anti-Cold Boot” module forces the system to wipe the data inside the active memory before shutting the system down. This will prevent anyone from reading anything substantial from your machine’s memory when it first boots up.
Press Enter to commit the changes and enable the modules.
FYI: learn how you can speed up your system by enabling ZRAM and Zswap in Ubuntu.
Hardening Your Firefox Browser with Whoami
While web browsers serve as a link between you and the internet, they are one of the largest privacy risks in a Linux machine. The Whoami script mitigates this issue by providing a privacy-oriented “user.js” file which significantly hardens a basic Firefox ESR install.
To do this, close Firefox ESR then run the Whoami script with sudo privileges:
sudo kali-whoami --start
Type “8”, then press Enter.
Press Enter again to enable the Browser Hardening module in your system.
Create a backup copy of the default user.js file on your system, then replace it with the script that came from Whoami:
sudo cp /etc/firefox-esr/syspref.js /etc/firefox-esr/syspref.js.bak sudo mv /etc/firefox-esr/whoami.js /etc/firefox-esr/syspref.js
Confirm that your new user.js file is working properly by opening Firefox and going to “about:config.”
Click “Accept the Risk and Continue”, then type privacy.firstparty.isolate on the page’s searchbar. Doing this should return a boolean variable with a value of “true.”
Learning how to anonymize your Ubuntu system with Whoami is just the first step in securing your digital privacy. Explore the wonderful world of security-oriented distros by installing some of the best Linux-libre systems today.
Image credit: Jefferson Santos via Unsplash. All alterations and screenshots by Ramces Red.
Our latest tutorials delivered straight to your inbox
