The invention dynamically obscures network and transport layer addresses of packets to achieve anonymity, including authentication privacy, as well as protection against tracking and traffic correlation and certain classes of network attacks by combining both intrusion protection with anonymity, avoiding the use of a separate management unit outside the host for distribution of obscured addresses. The invention enables a host to automatically configure obscured addresses and determine the obscured address of the intended recipient without outside involvement, computing addresses based on a set of parameters, and to operate without re-authentication whenever an address changes. The invention enables encryption of the packet payload to prevent traffic correlation. The technology of the invention can be implemented embedded on a host device or as a connected gateway device and requires negligible configuration and is therefore transparent to hosts.