"Make it impossible to identify the type of traffic or protocol you are using, even for your ISP."

[wbbxx 0]

On the front page of airvpn.org it reads "Make it impossible to identify the type of traffic or protocol you are using, even for your ISP." My questions:

 

1. Is the AirVPN client configured by default to obfuscate the type of traffic or is there a setting somewhere that I have to enable to use this feature? In other words, if I want to hide the pattern of torrent traffic from my ISP, is all I need to do to open the client, click connect and I'm good to go, or do I have to configure something?

 

2. I want to obfuscate the type of traffic but at the same time I want to blend into the crowd. So if the answer to the first question is that I need to configure something manually, will obfuscating my traffic be something that make me stand out? I don't know exactly how the traffic obfuscation works so that's why I ask. For example if there are 100 users on a server and 99 keep the default settings but the 100th tries to hide the type of traffic/protocol they are using, are the easier to identify/correlate?

 

Thanks.

[OpenSourcerer 1435]

1. Is the AirVPN client configured by default to obfuscate the type of traffic or is there a setting somewhere that I have to enable to use this feature? In other words, if I want to hide the pattern of torrent traffic from my ISP, is all I need to do to open the client, click connect and I'm good to go, or do I have to configure something?

 

AirVPN uses an AES-encrypted data channel. Whatever you do with OpenVPN enabled it's encrypted inside this tunnel. One can analyze this stream of data and detect OpenVPN, but detecting something inside it is very difficult if not impossible.

 

I want to obfuscate the type of traffic

 

What type of traffic? OpenVPN or BitTorrent inside OpenVPN? BitTorrent clients offer protocol encryption, it's an additional obfuscation option. But as OpenVPN will be visible to the dark depths of the net it's probably not mandatory.

[LZ1 672]

Hello !

​Welcome to AirVPN . You can use SSL on TCP port 443, under the Protocols tab if you want to hide the OpenVPN protocol, which signals that a VPN is in use ^^. But as giga said, then the encryption already hides what you're doing; just not that it's VPN traffic. Air also fully allows P2P and turns down DMCA notices as well, in case you're in doubt . The scenario of one standing out, is the case with PGP encryption I believe. You can also look into using AirVPN with Tor, to hide your general web browsing even more; just don't torrent while using Tor.

[lordbeau 8]

I'm using port 443 over SSL but I can still be identifies as using OpenVPN, according to browserleaks, or have I misunderstood (probably)? By the way, Air has been disconnecting for me all day about every 5-15 mins. Am I alone? In which case, yet another problem for me to solve!

TCP/IP stack OS Fingerprinting   Passive, SYN Windows 7 or 8 | Language: Unknown | Link: OpenVPN TCP bs128 SHA1 lzo | MTU: 1390 | Distance: 12 Hops

[LZ1 672]

 

I'm using port 443 over SSL but I can still be identifies as using OpenVPN, according to browserleaks, or have I misunderstood (probably)? By the way, Air has been disconnecting for me all day about every 5-15 mins. Am I alone? In which case, yet another problem for me to solve!

TCP/IP stack OS Fingerprinting   Passive, SYN Windows 7 or 8 | Language: Unknown | Link: OpenVPN TCP bs128 SHA1 lzo | MTU: 1390 | Distance: 12 Hops

That may be related to mssfix or something. I'm not sure.

[go558a83nk 362]

 

I'm using port 443 over SSL but I can still be identifies as using OpenVPN, according to browserleaks, or have I misunderstood (probably)? By the way, Air has been disconnecting for me all day about every 5-15 mins. Am I alone? In which case, yet another problem for me to solve!

TCP/IP stack OS Fingerprinting   Passive, SYN Windows 7 or 8 | Language: Unknown | Link: OpenVPN TCP bs128 SHA1 lzo | MTU: 1390 | Distance: 12 Hops

 

they are not using deep packet inspection but just guessing based on your MTU.

 

an ISP could do the same but may also use DPI.  The SSL tunnel would at least prevent a DPI scan from explicitly seeing openvpn traffic.

[jaimito 0]

hi,

 

i am also having trouble getting to the bottom of this.

 

browserleaks is not guessing the openvpn from the MTU value. I am also using SSL on TCP port 443. I have adjusted the mtu value with mssfix in the config file and can confirm that whatever value i give the mtu it is still found to be openvpn.

 

so with mssfix set to '0' i expected that the 'link' would show as ethernet or PPPoe but no, it's still showing as openvpn.

 

anyone have any ideas how to circumvent this? i've been looking for an answer for 2 months but cannot find!

 

jaimito

[Staff 9972]

Hello,

 

with "OpenVPN over SSL" we have managed to cause WITCH to fail with "mssfix 1275" and lower values. Don't ask us why (we know, it doesn't make much sense in a TCP connection), it was just a quick test out of curiosity, maybe in the future we perform more research.

 

Kind regards

[go558a83nk 362]

Hello,

 

with "OpenVPN over SSL" we have managed to cause WITCH to fail with "mssfix 1275" and lower values. Don't ask us why (we know, it doesn't make much sense in a TCP connection), it was just a quick test out of curiosity, maybe in the future we perform more research.

 

Kind regards

 

Just for thought, I use another VPN provider where when I use "mssfix 0" in the config WITCH reports an MTU of 1500, no openvpn detected.  This VPN provider are doing something on their end.  When an ovpn config is downloaded from them the user is given the choice of selecting the MTU for that config with one choice being "make it look like your ISP" which means they put "missfix 0" into the config.

[OpenSourcerer 1435]

Why exactly is my MTU reported as 1392 if OpenVPN's default is supposed to be 1500?

[Staff 9972]

Why exactly is my MTU reported as 1392 if OpenVPN's default is supposed to be 1500?

 

http://michael.stapelberg.de/Artikel/mtu_openvpn

 

Kind regards