Some questions about using this with TOR and more

[Frezto 0]

Hi

How exactly do you setup using the VPN with TOR (I mean Me -> TOR -> VPN) and how safe is this and how exactly does it work? I thought htis combination was impossible? What happens if the VPN or TOR cuts out, will it expose something? Is it possible to use Flash/Java with this combination? Does it route everything through TOR and VPN (So it's like normal VPN, but everything also goes through TOR) or is it just the TOR browser that everything goes through both?

Also, if using only the VPN, as soon as I disconnect, does that mean there is no record/logg of what I was doing?

Could someone force you to cooperate into start logging IP/Data?

Thanks

[Staff 9972]

Hi

How exactly do you setup using the VPN with TOR (I mean Me -> TOR -> VPN) and how safe is this and how exactly does it work? I thought htis combination was impossible? What happens if the VPN or TOR cuts out, will it expose something? Is it possible to use Flash/Java with this combination? Does it route everything through TOR and VPN (So it's like normal VPN, but everything also goes through TOR) or is it just the TOR browser that everything goes through both?

Also, if using only the VPN, as soon as I disconnect, does that mean there is no record/logg of what I was doing?

Could someone force you to cooperate into start logging IP/Data?

Thanks

Hello!

The AirVPN over TOR uses OpenVPN ability to perform connections over SOCKS (or HTTP) proxies. When you perform Air over TOR connection, all your traffic, including that generated by applications not configured to use TOR, will be routed over AirVPN over TOR. The TOR nodes will see OpenVPN encrypted traffic, our VPN servers will see the IP address of the TOR exit-node (partition of trust). So Air servers won't know your IP address not even while you are connected.

For additional details please see:

https://airvpn.org/tor and http://openvpn.net/index.php/open-source/documentation/howto.html#http

Flash and Java enable an adversary to run (in the target's system) programs which may try to reveal and send to the adversary sensitive information, including but not limited to your real IP address. These attacks have been proven to be successful when a proxy is used, but not an OpenVPN based VPN. However, Flash and Java malicious "applets" may try to exploit several system vulnerabilities (especially on Windows) in order to try a "privilege escalation". If in doubt, never use Flash or Java if/when you need to send or receive critically sensitive data. Do it only if you perfectly know what you're doing. In general, to the best of the knowledge of the current admin writing this reply, Flash and Java based attacks have never proven to be successful when they are run inside a well configured sandbox or virtual machine where the host is connected to an OpenVPN based VPN.

Please prevent leak of packets in case of accidental disconnection by setting appropriate firewall rules. Browse our forum for additional information, or give us information about your OS and firewall for support on how to do it.

Logging of IP/data is not enabled on our VPN servers. In order to perform ex-post (never ex-ante, of course: we can't give information we don't have) investigations, appropriate steps may be taken in case of alleged violations of the ECHR through our services, if the allegation comes from a jurisdictional competent authority. Specific cases for which we are willing to cooperate with jurisdictional competent authorities are alleged human trafficking, child exploitation, privacy violations, copyright enforcement through privacy violations (please note, copyright enforcement, NOT alleged infringement) and in general any violation of fundamental human rights. For those specific alleged violations we would not appeal against a proper request from a jurisdictional competent authority.

Kind regards

[Frezto 0]

Thanks for the good response.

I have one more question, if I use the airvpn client how can I do so that everything stops and it only works through the VPN? Prefferably I want ALL my internet to go through the vpn, although I'd like to be able to toggle between them relatively quickly. Does the airvpn software or Openvpn have this sort of software or is there any good simple solution to this?

[Staff 9972]

Thanks for the good response.

I have one more question, if I use the airvpn client how can I do so that everything stops and it only works through the VPN? Prefferably I want ALL my internet to go through the vpn, although I'd like to be able to toggle between them relatively quickly. Does the airvpn software or Openvpn have this sort of software or is there any good simple solution to this?

Hello!

At the moment the safest and simplest solution for Windows is to set rules for your firewall. We recommend not not use programs which forcefully kill other programs when connection drops: the time between connection drop detection and program shutdown may well allow leak of packets out of the tunnel. Also, a forced kill may pose further problems.

Features of Comodo Firewall allow extremely quick setup, with optional selection to block outgoing packets only for certain programs in case of accidental VPN disconnection. Comodo is not open source, but it is freely distributable. It is considered the most robust software firewall for Windows. Looking at the following example, you will be able to set rules for any sufficiently advanced firewall, either to block everything if VPN connection drops, or just selected programs:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142#1715

Comodo Personal Firewall and other suites are available here:

https://personalfirewall.comodo.com

Please do not hesitate to contact us for any further information.

Kind regards