Jump to content

Vpn Failsafe And Layering


whitehat
 Share

Recommended Posts

I've been really frustrated over the past couple of years by VPN's disconnecting and leaking real IP's. It's never been a life or death issue for me, but it's plenty annoying and when I introduce people to the concept of a VPN or proxy and set them up with it I really want it to work without betraying them.

I know that disconnects happen, especially when you've been connected for long periods of time. Can't change that. But is there some way to tell Windows, OS X, and/or Linux that "when this VPN [or proxy] gets disconnected I want you to disconnect from the Internet/Access Point and do not send any traffic unless I've reconnected?".

Also, I'm wondering if it's possible to get some additional layers, like with a simple proxy chain. I've never heard of anyone getting a chain of VPN's to work, although I used to do VPS + VPN pretty easily. How about proxies + VPN? If I tell application X, like a torrent client or email program or whatever, to use this HTTP or SOCKS5 proxy while my OpenVPN is running then will the traffic going to application X pass through both the OpenVPN and proxy or will the proxy essentially operate independently of the VPN?

What I mean is, normally the VPN knows your "real" IP as well as the server IP is assigns to you. The same is true of a SOCKS 5 or HTTP proxy. But can we make it where traffic goes from you to the VPN then from the VPN to the proxy, such that the proxy never sees your real IP and the external Internet never sees the IP of the VPN?

Edited by whitehat
Link to comment
Share on other sites

Wow! This looks extremely interesting; I'm going to have to go over it and try out the commands soon.

You're right of course, there's always a significant tradeoff of speed for security. I really just want to figure out how to properly anonymize like this, just for some unknown/unlikely possible future need, not for regular usage. Like if I go overseas and need to send some politically sensitive data home some day. Or if they leak a new "Tron" movie, I might not be able to resist downloading it :)

For the record I did find a bit of a second-rate solution to my other problem, which was that if the VPN disconnects you might not want your real IP to be exposed to the torrent or whatever servers you're connected to, etc. It's a rudimentary script: http://vpnetmon.webs.com/

Edited by whitehat
Link to comment
Share on other sites

I use a VPN service that I've been more than happy with, and haven't ever noticed disconnects. I do know when Im disconencted though, becuase I'm generally using Putty or SCP over the VPN and leave it up all day, and when I close my VPN, putty dies and so does the SCP, so if I see that happen while the VPN is in use, while its not the greatest alarm of sorts, it lets me know when I've lost connection to the VPN, which so far only happens when do it manually. I'm also not far from where my VPN service provider is, only few hundred miles or so from where I connect through, so its been very stable and speeds for most part have been better than through my ISP in general. Seems to bypass my upload speed caps somehow, from 3mb to 10mb, so I'm happy with it. You're still in AU though, right? Wouldn't do you much good to use the VPN service I'm on since its US based out of NY, Miami and San Francisco locations, but if you can find a decent provider close to you, disconnects shouldn't be much of an issue.

vpn-speeds.png

Edited by digip
Link to comment
Share on other sites

I don't use their phone service, nor RENT a modem from them. I own my modem, and it has no ports for phone lines.

Link to comment
Share on other sites

If anonymity is your aim, isn't chaining a bad idea? I mean, if you're in a VPN your IP address is mixed in with everyone elses, if you chain through a proxy, you might then be the only person on that proxy from your VPN, thus making yourself more unique.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...