Jump to content

VPN Software


norseman

Recommended Posts

  • 2 weeks later...

Go to like digital ocean or lowendbox grab a cheap VPS download openvpn

Pick like Ubuntu

Go to https://openvpn.net/index.php/access-server/download-openvpn-as-sw/113.html?osfamily=Ubuntu

Pick the version of Ubuntu you picked for your VPS

wget http://swupdate.openvpn.org/as/openvpn-as-2.0.10-Ubuntu14.i386.deb

dpkg -i openvpn-as-2.0.10-Ubuntu14.i386.deb

passwd openvpn

[sET PASSWORD]

http://youripaddressordomainname:943/admin

Login with the username openvpn and whatever password you set for openvpn

from there you can configure the settings.

Link to comment
Share on other sites

Have to pick up a few mistakes...

You say the VPN helps you surf anonymously, it doesn't, it obscures your true source IP, anonimoty is a completely different thing. As soon as you log into facebook, gmail or any other service your anonymity is gone, once tracking cookies are dropped on your browser, anonymity is gone.

At about 10 minutes you say "for some reason you have to use HTTPS to log in" - its for security, if you don't then your credentials are going over clear text. One of the points of your video is to protect your traffic, that is what HTTPS is doing. Granted it has a self signed certificate that a man-in-the-middle could spoof but may as well try to make it a bit harder for them.

17:10 you say they aren't seeing what version of Windows you are using, unless you change your user agent then they can make a very good guess at it, even if you do then browser fingerprinting can still be pretty accurate in determining what is running.

You didn't mention keeping things up-to-date, if you don't then you end up two years down the line trusting a VPN on a box that hasn't been updated since it was first installed, I wouldn't trust that, would you?

If you want to trust a box like this then you should harden it first, disallowing root logins is a good start, I'd also suggest once you've finished with the web GUI then disable it or at least lock down access using iptables so it is only accessible from a trusted source. I think you said you are paying $2/month for the VPS ($48/year), I'm paying $70/year for one of my VPN services, I let them worry about all the security and hardening of the infrastructure. For me, the extra $22 is worth it for not having to maintain a server. Yes, they are probably logging things but so could the VPS provider, if you are just planning to use the VPN to surf from untrusted networks then I'd definitely consider a commercial solution.

I love the fact that you've put the effort in to make the video, I'm not knocking that and it is more than most people do, but please, if you are going to give information about a topic which is as import as this, then give the right information. Too many people are blindly using "anonymous" VPN services which are doing absolutely nothing to protect their identity. In most cases the isn't a problem as no one is actually watching them but in the odd case where someone needs this they need to know how to do it well.

I'd suggest that a set up like this, for the majority of people, is good for protecting traffic from being sniffed while on untrusted networks and for bypassing restrictions such as blocked web sites from your ISP or bypassing country specific restrictions but it does absolutely nothing to provide anonymity.

Link to comment
Share on other sites

I made the mistake of masking my privacy but not my anonimity, yes every bit sent can be tracked, now the fact that its openvpn is good but paying for a service creates a trail back to real identity. So no real anonimity.

So what is the best way to become anonymous?

Private Internet Access (https://www.privateinternetaccess.com/) will give you privacy and anonymity. They have servers all around the world and connection speeds are fast. If you are worried about being tracked on payment you can pay with PayPal or any brand gift card such as Starbucks, Target, or Macy's.

Although, as stated above once you log into Facebook or G-Mail your anonymity obviously goes out the window. But it is still important to use a VPN service to encrypt your traffic especially if you are using public WiFi.

Edited by sud0nick
Link to comment
Share on other sites

Private Internet Access (https://www.privateinternetaccess.com/) will give you privacy and anonymity. They have servers all around the world and connection speeds are fast. If you are worried about being tracked on payment you can pay with PayPal or any brand gift card such as Starbucks, Target, or Macy's.

Although, as stated above once you log into Facebook or G-Mail your anonymity obviously goes out the window. But it is still important to use a VPN service to encrypt your traffic especially if you are using public WiFi.

No, it will give you one small part of anonymity, it will hide your source IP from the end points you connect to. If you are using a browser that has been on the internet before then it will be loaded full of tracking cookies, anonymity gone, if you sign into any any service you previously used, anonymity gone, if you sign up for new accounts using previous handles, anonymity gone, if you use the same browsing habbits with and without the VPN, anonymity gone, the list goes on.

Anonymity covers a lot of things, not just hiding your source IP and paying with a pre-paid gift card. On that, I'd be interested to know how many people pay for those cards along with their weekly shopping on their normal visa card.

Link to comment
Share on other sites

I made the mistake of masking my privacy but not my anonimity, yes every bit sent can be tracked, now the fact that its openvpn is good but paying for a service creates a trail back to real identity. So no real anonimity.

The VPS shown in the video was $2 per month, that means a direct debit payment so is there any difference between paying for that and paying for a VPN? Both create cash trails back to you. There are services you can set up on both sides where you can pre-pay for a longer period and you can do this with pre-paid cards, do you know how to buy a pre-paid card anonymously? Regardless, a tie at this level.

Registering for the VPN service, you have to browse to the VPN site and sign up, can you do this in an anonymous way? Same applies to the VPS option, you have to register in some way. Again a tie.

The VPN service may be logging all your access, some claim they don't but you have no way to audit them to confirm that. If "the man" gets a warrant then they can likely force logging even if not enabled to start with and so collect all your traffic. On your VPS, unless you go through the process of disabling all logging then your box may be logging more than the VPN provider. I don't know what OpenVPN in the default setup logs but I know the initial SSH connection then the web console access will both be logged, there may also be an access log created by OpenVPN showing every connection you make. If "the man" gets a warrant then they can serve that on the VPS provider, they can then log all traffic going in and out of the box and give full access to the server as they control the virtual environment. My guess here is that most people who set this up will probably leave more mess for forensics to pick up on the server than they realise. At this point I'd say a win for commercial VPN.

I already mentioned keeping the system up-to-date, the commercial VPN provider does all this for you but on the VPS you have to do it yourself. Win for VPN.

You could probably rewrite all the statements above and show wins the other way or point out things the VPS does better but what I'm trying to show is that for every protection you think you are putting up there are weak points that need to be addressed.

So what is the best way to become anonymous?

Go live in the woods in Alaska and never talk to anyone!

Look at the stories of Dread Pirate Roberts (the Silk Road guy) and Sabu, they both had a lot more to lose by messing up their anonymity so put a lot of effort into trying to keep it. They both failed and got caught. Their skills and research into techniques probably goes well beyond what most people are going to be able to do.

I don't think the question should be about being anonymous, it should be about what you are trying to protect, who from and what are you prepared to pay for it in terms of time, money and any other resources.

If all you want to do is protect your connection while on open wifi then a commercial or even free VPN provider/proxy is more than sufficient.

If you want to hide surfing porn from parent or spouse then don't worry about the traffic going out and look more at protecting the browser, make sure private browsing is always enabled, wipe things down after (litterally as well) and think about client side.

If you are trying to hide torrenting from your ISP then look at the VPN providers who are friendly to that, I've seen quite a few who claim to be.

If you are trying to hide illegal activity then tough luck, if "the man" wants to come after you then they will and they will likely catch you. All it takes is one mistake and you're screwed.

Link to comment
Share on other sites

wipe things down after (litterally as well)

:lol:

All very valid points you're making.

The thing to remember about most things you want to stay hidden from, there's a cost/benefit ratio that applies. The more visible/embarassing your activity, the more resources the targeted entity is willing to devote to finding you.

One option here is to create a unique identity, use it to do misdeeds, wipe the identity and start over.

For 99.999% of people, this is just too much hassle, or they want praise for all they did which results in loss of anonimity and subsequent capture.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...