Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 24 Nov 2017, 21:57
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
VPN Comparison Chart & How to choose the best VPN
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 2 [19 Posts]   Goto page: Previous 1, 2
Author Message

Joined: 13 Nov 2013
Posts: 1024
Location: Canada

PostPosted: Mon 06 Nov 2017, 15:39    Post subject: WireGuard
Subject description: the modern VPN


WireGuard is still experimental and is therefore not ready for production, but it is the way to go to make mass surveillance ineffective.

Further reading :

WireGuard is a faster protocol

Below you can compare our results of running WireGuard and OpenVPN on various LEDE routers connected to Mullvad. In every case, WireGuard outperforms OpenVPN.

Router | CPU | OpenVPN | WireGuard
GL-iNet6416 | 400mhz | 2–5 Mbit/s | 30–40 Mbit/s
ASUS RT-N66U | 600mhz | 5–10 Mbit/s | 40–60 Mbit/s
Linksys WRT1200AC | 1.3Ghz | 20–25 Mbit/s | 250–300 Mbit/s
Linksys WRT1900AC | 1.6Ghz | 30–35 Mbit/s | 300–350+ Mbit/s
NUC QuadCore Celeron | 2.0GHZ | 60–100 Mbit/s | 650+ Mbit/s (maximum unknown)

Running WireGuard with Mullvad on Linux :
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 1024
Location: Canada

PostPosted: Wed 22 Nov 2017, 11:25    Post subject: How to make a VPN kill switch in Linux  

In the event that the VPN connection unexpectedly drops, the computer will continue to send and receive traffic sent over your ISP’s unprotected network, possibly without you even noticing. To prevent this behavior, you can make yourself a simple kill switch that halts all internet traffic until the VPN connection is restored. We’ll show you how to write some easy rules using iptables and the Ubuntu Ultimate Firewall (UFW) application.

First, create a startvpn.sh script that puts firewall rules in place. These firewall rules only allow traffic over the VPN’s tun0 network interface, and they only allow traffic over that interface to go to your VPN’s server.

$ cat startvpn.sh
sudo ufw default deny outgoing
sudo ufw default deny incoming
sudo ufw allow out on tun0 from any to any
sudo ufw allow out from any to # <-- note this is the IP from the "remote" field of your configuration file
sudo ufw enable
sudo ufw status
sudo openvpn client.conf &
Network traffic cannot pass over any other network interface with these firewall rules in place. When your VPN drops, it removes the tun0 interface from your system so there is no allowed interface left for traffic to pass, and the internet connection dies.

When the VPN session ends, we need to remove the rules to allow normal network traffic over our actual network interfaces. The simplest method is to disable UFW altogether. If you have existing UFW rules running normally, then you’ll want to craft a more elegant tear down script instead. This one removes the firewall rules and then kills openvpn with a script called stopvpn.sh

$ cat stopvpn.sh
sudo ufw disable
sudo ufw status
sudo kill `ps -ef | grep openvpn | awk '{print $2}'`
If you use some other means to connect to your VPN, you can eliminate the last two lines of each script. In such a configuration, you will have to remember to manually run the startvpn.sh script prior to starting your VPN using some other method. Once your VPN session ends, remembering to run the stopvpn.sh script isn’t hard; you’ll probably notice the lack of internet connectivity until you run it.

Further reading :
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 1024
Location: Canada

PostPosted: Wed 22 Nov 2017, 14:11    Post subject: IP Binding and Vuze
Subject description: IP bind Vuze so that torrenting is done via VPN


First set your Mode to 'Advanced'. Next go to Connections->Advanced Network Settings and locate the interface name for your VPN (e.g. eth<number>). Enter this interface name in the 'Bind to local IP address or interface' box. Now scroll down to the bottom and check the 'Enforce IP bindings even when interfaces are not available' option.

More recent versions of Vuze will attempt to detect when your traffic is being routed via a VPN interface and offer to perform this configuration change for you.

If your VPN provider doesn't support incoming connections then you can explicitly disable these in Vuze by deselecting 'Incoming Connection' under 'Peer Sources' in Connections - if for some reason your public IP address is leaked (e.g. you start a download with your VPN disconnected and haven't bound explicitly to an interface) this will prevent other peers from connecting to you via this public IP.

Further reading :


Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 1024
Location: Canada

PostPosted: Wed 22 Nov 2017, 14:38    Post subject: Notice of Claim of Copyright Infringement
Subject description: Legal issues with torrenting

You have nothing to hide, so you set up a torrent client, and start downloading season 1 of your best TV series, followed by 7 other seasons, all without a VPN (you have nothing to hide).

Then, to your surprise, you receive Notice of Claim of Copyright Infringement

What the heck!

In Canada :
The Copyright Modernization Act passed in January 2014 requires ISPs send notices to copyright violators on their networks. The recipients’ identities are stored on ISP servers for six months. Copyright holders cannot sue for damages of more than $5,000, which in most cases simply isn’t worth the time or effort.

The notification system is more educational than legal, but ISPs can still penalize torrenters by choking bandwidth.

In the US :
Downloading copyrighted material is illegal in the United States. ISPs often have a three-strike rule if they catch users torrenting illegally. Non-copyrighted material is completely legal to download.

Copyright holders often act through copyright trolls, which record IP addresses of torrenters and send settlement letters requesting remuneration. These entities have the right to sue on behalf of the copyright holder, but because an IP address does not legally constitute an identity in the US, the best option for recipients is to ignore them.

United Kingdom :
Larger ISPs are required by law to notify subscribers when the British Phonographic Industry catches them torrenting in the form of a cease and desist order. ISPs reserve the right to throttle bandwidth and disconnect users. ISPs with fewer than 400,000 subscribers are not subject to this law, however.

Copyright holders have the right to sue uploaders and downloaders for damages even if no monetary gain was involved.

Popular torrent trackers such as ThePirateBay are blocked by major ISPs in the UK, but these can still be accessed with a VPN.

Source :

Conclusion :
Unless you are heavily torrenting copyrighted material and do it for money, do not expect to be prosecuted.

But you better use a VPN for that kind of traffic to play it safe.

For using torrent or P2P networks without any infractions of the law of countries where using torrent is forbidden, we recommend to use VPN servers in Netherlands, Sweden, Ukraine or Russia.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 2 of 2 [19 Posts]   Goto page: Previous 1, 2
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum

Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0400s ][ Queries: 11 (0.0071s) ][ GZIP on ]