Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 20 Mar 2019, 23:16
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
VPN Comparison Chart & How to choose the best VPN
Post new topic   Reply to topic View previous topic :: View next topic
Page 13 of 13 [186 Posts]   Goto page: Previous 1, 2, 3, ..., 11, 12, 13
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1651
Location: Canada

PostPosted: Thu 07 Feb 2019, 18:13    Post subject: How to use Psip in a Virtual Private Network
Subject description: Psip AKA PuppyPhone
 

Written by smokey01

If you like to make yourself public/available to talk to anyone who is willing to call you then this is not for you.

If however, you like your privacy and only wish to speak to a select few people, then keep reading.

All you need is Psip, preferably version 1.42 and edge/n2n-edge. You will also need access to a supernode.

Last month I showed you how to compile edge and you can get the latest version of Psip here. If it's not available for your distro let me know and I will attempt to make you a package.

To create a VPN with edge all parties need to connect to the same supernode with the appropriate credentials.

Create the script below and make it executable.

#!/bin/sh
modprobe tun
urxvt -title "Psip-Tunnel" -g 108x20+0+0 -e n2n-edge -d psip-tunnel -M 1000 -a 101.101.101.1 -c community-name -k encrypted-password -l bytemark.leggewie.org:1234 & echo $! > /tmp/edgepid
nice -n -10 /usr/bin/psip --config-file /root/.psip.conf --log-file /root/psip-activity.log --expand-buddies
read edgepid < /tmp/edgepid
kill $edgepid

I will explain what happens when you run the script line by line, command by command.

Line 1. modeprobe tun loads the tunnel driver. It may already be loaded but loading it again doesn't matter. Not having it loaded does matter.
Line 2 part 1. urxvt -title "Psip-Tunnel" -g 108x20+0+0 opens a terminal with a title of "Psip-Tunnel with dimensions 108 wide x 20 high.
Line 2 part 2. -e n2n-edge -d psip-tunnel -M 1000 loads edge/n2n-edge with a tunnel name of psip-tunnel using 1000 MTU.
Line 2 part 3. -a 101.101.101.1 sets your ip address to 101.101.101.1. You can choose your own IP address. I strongly advise you do.
Line 2 part 4. -c community-name -k encrypted-password sets your community name and encrypted password. You should change this also.
Line 2 part 5. -l bytemark.leggewie.org:1234 this is the address of the supernode. This can be changed if you have another supernode to use.
Line 2 part 6. & echo $! > /tmp/edgepid This echoes the process ID number so the tunnel can be killed later.
Line 3 part 1. nice -n -10 /usr/bin/psip nice gives psip some additional priority against other running apps and loads psip.
Line 3 part 2. --config-file /root/.psip.conf loads a particular config file. This switch means you can have more than one.
Line 3 part 3. --log-file /root/psip-activity.log creates a log file at the specified location. Again you can have multiple logs with different names and locations.
Line 3 part 4. --expand-buddies this will expand your buddies list so you don't have to do it manually.
Line 4. read edgepid < /tmp/edgepid this will read the edgepid number created at line 2 part 6.
Line 5. kill $edgepid this will kill the tunnel/VPN and disconnect you from the supernode.

Phew, that was a lot to take in but hopefully it will give you some clarity.

When you run the script a terminal will open and Psip will also start. We could have the terminal hidden but it does provide some useful information for trouble shooting.
If it's in the way just minimize it, don't close it or you will lose your connection to the supernode and other buddies.

When Psip is up you need to do a couple of things.

Create some buddies. It's always a good idea to include yourself. If you are green then you know you are connected to the supernode. Click the Add button.



Probably use your own name rather than Me.

Notice the sip: in front of 101.101.101.1. It's important and must be included. Each buddy must have a unique address in this range.
EG: George may be sip:101.101.101.2, jim sip:101.101.101.3 etc.
You can have multiple Categories. The same people can be in different Categories if you wish but with different IP's but within the 101.101.101.1-255 range.

The next step is to click on the Setup Button, top left. Then the Network button.

Make it look like this:



If you run the script with a different IP address then the Public IP address in Psip needs to be the same.

Psip should run in the VPN/Tunnel using the script provided. The problem is someone else might be using it at the same time.
It's always a good idea to use your own credentials, this maintains your privacy and prevents IP clobbering.
Make sure all your friends use the exact same credentials except for the unique IP address.

Go on, give it a try, I know you want to.

http://smokey01.com/newsletters/2019/January/0025-PuppyLinuxNewsletter-January2019.html
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1651
Location: Canada

PostPosted: Sat 09 Feb 2019, 17:29    Post subject: WireGuard
Subject description: fully automated
 

WireGuard is an extremely fast, secure and simple protocol relative to OpenVPN, the default that we use in our current apps. Its simplicity and size ensure a much smaller attack surface relative to other protocols (roughly 1% of OpenVPN).

This simplicity of WireGuard requires that certain functions are left out of the protocol and up to the user to implement, such as key and IP address management.

Current VPN services offering WireGuard require that the user manually generate the keys and upload them to specific servers through the control panel on their website.

To continue demonstrating our expertise we set the bar high and have built a fully automated solution that securely generates keys within the client, uploads them to an IVPN server which then distributes them to all VPN gateways in our infrastructure within seconds. Using WireGuard on the client couldn’t be easier, the user simply has to select it and will be able to connect immediately.

As part of our initiative to become increasingly open and to advance the industry we plan to open-source the code that manages all this complexity. Our hope is that VPN providers integrate this code into their infrastructure and continually improve it for the benefit of all.
https://www.ivpn.net/blog/introducing-wireguard-fully-automated

Further reading :
Linux WireGuard Setup Guide
https://www.ivpn.net/setup/gnu-linux-wireguard.html

Last edited by labbe5 on Sat 09 Feb 2019, 18:02; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1651
Location: Canada

PostPosted: Sat 09 Feb 2019, 17:47    Post subject: Advanced Privacy and Anonymity Using VMs, VPN’s, Tor
Subject description: Part 1 to Part 8
 

Introduction

If you’re here, you may be using (or considering) a VPN service to provide online privacy and anonymity, and perhaps to circumvent Internet censorship. This series of guides goes far beyond that. It explains how to obtain vastly greater freedom, privacy and anonymity through compartmentalization (aka compartmentation) and isolation, by using multiple virtual machines (VMs) with Internet access through nested chains of VPNs and Tor.

These are advanced guides, and the full setup will require at least a few days of focused work.

If you just want to circumvent Internet censorship and data retention by your ISP, you don’t need more than a good VPN service (unless consequences of getting caught are serious). If you just want to circumvent commercial tracking and behavioral marketing, you don’t need the full setup described here. However, if you want better privacy and anonymity than browser extensions can provide, you might consider a basic setup (covered in Part 2) to compartmentalize your activities using VMs and VPN services.

Conversely, if you’re a political dissident who might suffer serious consequences if compromised, using the full setup (covered in Parts 3-Cool would be prudent. The approaches described there would probably protect against non-targeted surveillance by national-scale government agencies. For such agencies with limited resources, they might even protect against targeted surveillance.

Although it appears that global-scale intelligence agencies intercept virtually all Internet traffic, the approaches described here might protect against routine non-targeted surveillance, given the need to correlate traffic through multiple VPN tunnels and Tor. While there’s no way to be sure of that, it’s clear that nothing less would suffice.

However, it’s unlikely that even the full setup described here would protect against directed surveillance by global-scale intelligence agencies. That would require far more resources and expertise than most nations (let alone individuals) possess.

https://www.ivpn.net/privacy-guides

Further reading :
How does AES encryption work?
https://www.bestvpn.com/guides/aes-encryption/

Last edited by labbe5 on Tue 12 Feb 2019, 08:31; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1651
Location: Canada

PostPosted: Sat 09 Feb 2019, 18:00    Post subject: Online Privacy Through OPSEC and Compartmentalization
Subject description: Part 1 to Part 4
 

Pseudonymity alone is a fragile defense. Once one has been de-anonymized in any context, everything is de-anonymized, because it’s all tied together. There is no forward security. Far more robust is to fragment and compartmentalize one’s online activity across multiple unlinked personas. With effective compartmentalization, damage is isolated and limited. And overall, it’s essential to implement and practice strong Operations Security (OPSEC). But first, before getting into specifics, it’s instructive to consider some examples, showing how easily and spectacularly online anonymity can fail.
https://www.ivpn.net/privacy-guides
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1651
Location: Canada

PostPosted: Tue 12 Feb 2019, 08:12    Post subject: FlashRouters Privacy App  

FlashRouters is a US-based company that has carved out a unique niche for itself.

It has now developed its own DD-WRT app which works as an add-on to the DD-WRT firmware. The app allows you to switch easily between a number of popular VPN services, plus adds some very useful VPN-related features.


Routers from FlashRouters are always successfully pre-flashed, and replace the voided manufacturer's warranty with one from FlashRouters (1 year, extendable up to two years for an additional cost).

Alternatively, the app can be manually installed for free onto a wide range of DD-WRT routers. NordVPN currently has the best instructions for doing this on its website.

NordVPN instructions : https://nordvpn.com/tutorials/dd-wrt/flashrouters-privacy-app/

FlashRouters Privacy App Review
https://www.bestvpn.com/guides/flashrouters-app-review/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1651
Location: Canada

PostPosted: Tue 12 Feb 2019, 08:24    Post subject: AirVPN
Subject description: AirVPN won the best VPN for Privacy award
 

Keep reading this review to find out why AirVPN was crowned Best VPN for Privacy for the second year running!

AirVPN is an Italian VPN provider, which proudly boasts how it was setup by “hacktivists and activists” pays an almost unrivaled concern to maintaining users’ privacy. I will start this review by noting that after using it as my personal VPN service for around two years, I am a bigger fan than ever of AirVPN. It also employs excellent encryption and security measures, and offers fantastic privacy enhancing features (such as VPN over SSL and VPN through Tor). In my experience, AirVPN is also almost certainly the fastest and most stable VPN service I have ever used.

https://www.bestvpn.com/review/airvpn/

AirVPN is an Italian VPN provider, which proudly boasts how it was setup by “hacktivists and activists” pays an almost unrivaled concern to maintaining users’ privacy.

Further reading :
Top Ten Privacy Tips
https://www.bestvpn.com/privacy-news/Data-privacy-day/
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 13 of 13 [186 Posts]   Goto page: Previous 1, 2, 3, ..., 11, 12, 13
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0751s ][ Queries: 13 (0.0368s) ][ GZIP on ]