Jump to content
Not connected, Your IP: 3.214.184.69
NetShadow

Eddie Install For User vs All Users

Recommended Posts

I have an issue, sorry but if it is documented within the search feature I overlooked it.

 

Running Win 7, I install Eddie with "User Account A" and set to startup automatically with network lock enabled.  If I log out of "User A" and log into "User B", "User B's" network is locked without Eddie accessible in the Win 7 taskbar.

 

If I leave "User A" logged in and utilize fast user switching and log in with "User B", "User B" is now reporting the same IP as "User A" without Eddie accessible in the Win 7 taskbar.

 

How do I get Eddie to run with certain Win 7 user accounts and not others with both users logged in?

 

-Eddie 2.16.3 at the time of this post-

 

Why:

 

-I want to be able to have one user account set up for somewhat continuous downloading with a dedicated VPN Profile.

-I want to be able to have another user account set up for dedicated TOR browsing with a dedicated VPN profile.

-Even though this is my dedicated "play" terminal, my wife insists that I leave an account setup with her credentials.  I doubt she ever logs in much, but if she does being snoopy while I am not around and decides to log into social media ect, I really don't want her to have access to another Win 7 users Eddie configuration. 

(Yes I know it is lame, somehow I can justify having a private user account password, but I have to give my wife terminal access so as not to be "hiding anything", and she has this theory that everything we own is "ours" even though it is really my dedicated play terminal lol.)

 

So in summary, I want to be able to have "User A" logged in with one Eddie profile, and "User B" logged in with another Eddie profile.  At minimum, if only one instance of Eddie can run on a terminal at any given moment of time, I at least don't want all users sharing the same Eddie profile.  If user A is logged in with Eddie running, I want "User B" to have a router provided IP (or whatever else I run within User B's profile to manipulate IP).

 

I have a second question, but I will post it in another fresh New Topic Post (Eddie VPN Configuration With TOR).  I just added that so that anyone following my thread for guidance can follow what I am doing and how I am doing it.

 

*Thanks Guys & Gals

Share this post


Link to post

Hello!

 

As Windows does not support multiple routing tables, there is no trivial method to have multiple VPN connections in a way that each one is unique to each user, we are sorry. You have a global routing table which must be shared by all users and even if you consider to have multiple tun interfaces and multiple gateways (possible with Windows), you will need to face a lot of problems.

 

If some advanced user can see a solution, any feedback will be welcome.

 

Kind regards

Share this post


Link to post

OK, that makes sense, but I want to add to your statement: "As Windows does not support multiple routing tables, there is no trivial method to have multiple VPN connections in a way that each one is unique to each other", however there is a band-aid way (work around) that will trick windows- virtual machines.  To indirectly accomplish what OP is trying to do, he would have to run the following setup: router (with VPN profile 1), Windows with no additional startup/launched VPN, emulated virtual OS with startup/launched VPN, second emulated virtual OS with no dedicated VPN but launching TOR.

 

This setup will work flawlessly as I have utilized it myself.  The downfall to this setup is that it is memory hungry- not an issue if your play machine is powerful (for many the play machine is your old workhorse, hell many don't even have a "dedicate" a stand alone play machine)).  You will need to have at least 4GB memory dedicated to Windows, 4GB memory dedicated to VOS 1, and 2GB (preferably 4GB) of memory dedicated to VOS 3.  You can leave this user logged in performing whatever launched task you desire and still utilize fast user switching to log in with another user who will still report the router firmware's VPN IP.

 

This method sucks because you will not have enough system memory left for User 2 to do anything productive, and is User 2 tries, User 1's account will start running shitty.  Now if the system has 16GB or more ram you may be able to pull this off, but do to other contingencies I would recommend at least 20-24GB for this.

 

Again, my system in question is maxed out at 8GB, so I was hoping that someone out there figured out or new of third party software to be able to manipulate Window's routing tables.

 

BTW, I really wish people would stop always saying that if you run multiple VPN interfaces and multiple gateways (Windows) that you will face a lot of problems.  Yes, you do have to do it right, but when done right it works great- and gives you awesome security.  I think it is better to tell people that if they are going to stack VPN's there are only a few ways to do it that will prove productive, and often you need to know exactly what hardware they are utilizing (or tell them what to get) to give the best advice.

 

Why???????

 

-Air VPN will tell you that they don't log and that they are all about respecting privacy- and they are- but...

-Air VPN could get hacked, could have an informant compromise the staff (think how long an undercover cop spends proving himself to the Hells Angels before he "gets in")

-What if Air VPN is offered a zillion dollars for the company and sells out?  Probably not going to happen, but if it did happen they would have to be extremely sneaky about it because otherwise subscriptions would drop like flies.

-What if undercover NSA agent offers a zillion dollars for the company, but wants to verify a few things at the office before they buy.  They are somehow left alone for a few minutes (compromised- probably wouldn't happen but possible) or now have a company "map" for future premises break ins.

-I could go on, but the point is if we are smart, we always have to assume the worse case scenario so we are not sitting in cuffs pleading ignorance.

 

1)You need to start with the VPN router (VPN 1 kill switch enabled).  This should be PARAMOUNT (and make sure your router firmware is CLEAN).  This ensures that your system never phones home with your organic IP address before the VPN kicks in, no matter how fast your VPN kicks in.  What I love about Eddie so much is the network lock.  This is in theory doing what the routers VPN is doing.

 

2) You need to have the second VPN profile to act as your buffer for the TOR entrance and exit nodes.  VPN profile 2 (kill switch enabled) should ideally be from another company (I vote AirVPN for this one).

 

3) Connect with Tor or like software.  If Tor gets compromised, the square fcks have to brow beat two different VPN companies to get what they want.

 

Members like "LZ1" are advanced enough to be a little more cocky- but I assure you they are constantly covering there ass also.  They just aren't script kiddies so they have some advantages that most of us don't.  They also know more advanced ways to manipulate Tor entrance/exit nodes than "the average download it and click install" user does.  The more unique your setup, the better off you are.  As soon as you start using a cloned sold-out setup that everyone else is using, the NSA ect start hyper-focusing resources on compromising said set-up.

 

Many would say screw all that, just boot a Tails USB from VPN'ed router and you are good to go.  I agree that not leaving any evidence is pretty awesome, but you still have limited layers of IP protection.  Now if you run Tails in the second virtual machine and do as I described above, now you are starting to get somewhere.  Just be careful how you link yourself to the purchase of the serialized USB drive...

Share this post


Link to post

@NetShadow

 

Hello!

 

With BSD or Linux you can achieve the same purposes with more efficiency (theoretically, without graphic overehead, 512 MB are enough) and you stay in a more secure environment which you really control. Think about it. Being worried about NSA willing to make us incredibly rich while you use Windows is somehow hilarious. :)

 

 

BTW, I really wish people would stop always saying that if you run multiple VPN interfaces and multiple gateways (Windows) that you will face a lot of problems

 

We wrote that Windows does not support multiple routing tables, which is a quite different thing. We don't know whether something changed in "Server" editions, but this shameful limitation (as incredible as it may sound) persists in desktop editions. It is different than handling multiple network interfaces, which is a feature supported by most systems since the 70ies, or multiple gateways, which is a common feature since when TCP/IP started to spread out.

 

Yes, you do have to do it right, but when done right it works great- and gives you awesome security.

 

We don't agree and we want to make clear, for the readers, that we consider such claims very dangerous as well as misleading. Claiming any "awesome security" based on anything coming from a closed source system which has undocumented parts and which has proved in history to be developed over a questionable design must be avoided.

 

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...