Staff

Hi! How? Let's say we're a big "IXP" and we try to to disclose the IP address of a TOR user we really don't like. We perform a huge correlation attack for some days because for an unbelievable stroke of luck we can observe bots sides of the TOR network we're interested in (!). We observe a relatively modest amount of flows of let's say a hundred millions. We end up with more or less 6,400,000 matches. Now we have a chance that the IP address of that user is one of those 6,400,000. How do we discern it and discard the other 6,399,999 false positives? Kind regards

Hello, we are not going to disclose how we do it in details (call it a trade secret ), anyway the data are gathered without logging and kept in RAM. The "inconvenience" is that all data are lost as soon as one disconnects or for any little trouble in a server, but after all that's exactly what we want. Kind regards

It's very important to us to understand the effective circumvention techniques around the world. For that, our apologies about the delay of this reply. Please give us a feedback if you encounter special issues related to countries you visit. This check exists just because OpenVPN can reply only with a generic AUTH_FAILED if some problem occurs. Eddie performs a check before launching OpenVPN to provide users with a friendly message. In fact this is optional: if our authorization servers are not reachable, the connection phase continues anyway. However, it actually falls into a retry-x-time before giving up. We will check that in the next version of Eddie to improve performance or eventually add an advanced option to disable it. We don't understand very well: the servers list downloaded by Eddie contains only direct IP addresses, not names. The only DNS names used by Eddie are those of the authentication servers (auth.airvpn.org), with fallback to direct IP addresses if the resolution fails. Eddie must work and connect successfully even if you don't have a valid DNS configured on your machine. If not, there is a bug in Eddie or some other issue. It's very strange that you may have corrupted servers list: it is transmitted with a symmetrical encryption, so it can't be corrupted by the network... maybe it is corrupted when saved to disk? Servers list is updated automatically every ten minutes. You can view how old the servers list is in 'Stats' tab, 'Latest Manifest Update'. Double-click on it to force an update (Stats row becomes 'Just now' if successfully updated). In the next Eddie version, we will add an explicit option for that, like 'Auto/10 minutes/1 hour/Never', and a friendly 'Refresh now' button in 'Servers' tab, as you requested. For every server a score is computed, based on many parameters with different height. Lower score = Best, High score = Avoid. Servers with some issue detected from our side (ISP packet loss, for example) gain a highest score. This kind of problems is detected by our Ping Matrix, and Eddie notices this when it updates the servers list. For this reason the update must be done frequently (every ten minutes currently). Servers that are not reachable by latency test from Eddie gain a higher score. In 'Servers' tab there is an option: 'Scoring rule'. This affects score, because for example some servers are the best choice for latency but not for speed. If you encounter an issue with a server, the server is 'penalized' only for you, affecting the score. The penalizations are mitigated in time. For example, an unexpected disconnection from server raises the score of that server, reduced every minute. In around 30 minutes its penalization is reset. Load of a server (available bandwidth and connected users) also affects the score. And, of course, latency affects the score: Eddie performs ping of each server every 10 minutes. When you start Eddie and directly connect, maybe you see a "Waiting for latency tests": this happens because Eddie needs all servers latency results to compute the best score/server. Also, this latency tests are not performed when you are connected to the VPN, hence if you stay connected for more than 10 minutes, and then you disconnect and reconnect, you need to wait for latency tests. But note: you need to wait for latency tests only if you ask Eddie to connect to the "Best server". If you double-click a server directly under "Servers" tab, or if you check the option "Force reconnection to last server at startup", Eddie does not need to wait for the results of latency tests. Kind regards

Hello! The implications of the paper are completely different than what the message seems to suggest. In particular how did you get the idea that "If you use TOR, there's a 81.6% chance someone knows your real IP." from the paper? It says quite the opposite, i.e. that even if the attack was successful, the likelihood to get your real IP address is astronomically low. Besides paper reading, https://blog.torproject.org/blog/traffic-correlation-using-netflows can help. Do not miss the comments from the paper authors themselves.It looks like several persons are taking this paper implications at the exact opposite of what they are. Urban legends seem to spread very fast even nowadays. Kind regards

Hello! No. That was a message in 2012, many things were different in the NAT. Now you necessarily need port forwarding. Kind regards

Hello, there are no DNS leaks on Linux. To use VPN DNS go to "AirVPN" -> "Preferences" -> "Advanced" and select a proper "DNS Switch Mode" in the combo box. In most cases "Automatic" will detect the correct method. In general set "resolvconf" if you have resolvconf package installed and "Renaming" in any other case. Kind regards

Hello! Yes, it is. Otherwise you can use CoinBase, as you prefer. Kind regards

Hello, the problem is here: . 2014.11.17 22:07:11 - OpenVPN > [uNDEF] Inactivity timeout (--ping-exit), exiting Something is blocking OpenVPN packets (or all UDP packets). Please check your firewall (for testing purposes you might disable it completely). Also check that your router does not block UDP. If the problem persists, maybe it's your ISP blocking packets, or packets only to/from Nunki. Try different servers and different connection modes. You can change them in our client Eddie in "AirVPN" -> "Preferences" -> "Protocols". Test some port in TCP. Kind regards

Hello! Since resolvconf package is available in FreeBSD we would recommend that you implement the following solution: https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf Kind regards

Hello, two of the most effective "multi-hopping" setups are extensively described here: https://airvpn.org/tor If you run our client Eddie you do not even need a middle-box or a VM for OpenVPN over TOR. As far as we know Eddie was the first and currently is the only open source OpenVPN wrapper/GUI for Linux and OS X in the world that saves you from using a middle-box or a VM. About VMs and OpenVPN, maybe the quickest solution is running a guest OS attached to the host via NAT (important!). Connect the host to VPNServer1 and then connect the guest to VPNServer2. On the guest OS (and only on the guest OS) you will have traffic tunneled over VPNServer2 over VPNServer1. On the Internet your VM will appear with the exit-IP address of VPNServer2. Kind regards

@computerpc Hello, you're probably trying to run the 64 bit version. Make sure to download the 32 bit version for Windows 7. Kind regards

Hello, you can already do it by yourself. Each account can establish up to 3 concurrent connections so multi-hop solutions are trivial. However "multi-hopping" on servers all owned by the same company is not an optimal solution, you might prefer OpenVPN over TOR, or TOR over OpenVPN, which are much safer. Kind regards

Hello! Monitoring or DPI in themselves would not cause that. Injections attempts, replay attacks or just very normal packet errors in UDP will cause that. Please see the aforementioned post for more information. Kind regards

@BreathingAir Hello, you don't need to download anything, just copy the magnet link and paste it into your torrent client. Wait for the results in the web site, by refreshing the page (updated every 10 seconds). Kind regards

Please see for example here: https://airvpn.org/topic/3773-pls-help-strange-logs/?do=findComment&comment=3784 It would be a good habit to search the forums (good search functions are available) before posting questions that have been already answered multiple times. Kind regards

Hello, if possible do not use OpenVPN over SSL, go straight to UDP direct. Do not trust any speed test, including ours, they are not reliable. Kind regards

@fantastico As we wrote previously please read here: https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf Kind regards

Do what please? Hello! "DNS push" is the "push" of VPN DNS servers IP addresses from our servers to your client (more in general, it is an OpenVPN DHCP-push). Your client is free to accept or not the DNS push. If not accepted, no DNS will be modified on your system. Ok, this will let us discern whether it's a DNS issue or not. Yes, the DNS servers administrators should configure the servers accordingly. In general, you should not worry about it, because one of the purposes of our service is protecting you against DNS queries snooping/sniffing for profiling or more sinister purposes, so in general one does NOT want to use his/her own ISP DNS or send out DNS queries in plain text. IF our explanation of the problem is correct, it's because OpenVPN for Windows comes packaged with OpenVPN GUI which by default accepts DNS pushes. Kind regards

@fantastico Apparently it could be just a DNS issue because the connection is successful. From the logs it comes out that you do not worry about DNS push, but you must do it if you don't run our client. What happens if you try to ping directly without names resolution (for example "ping 8.8.8.8")? In one case, maybe the previously configured DNS servers did not accept queries from outside their network, in the other case (colleague configuration) they did. Please see this guide in our "How To" section: https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf If you don't have resolvconf package installed, either install it or just use our client: it has another method to accept DNS push (resolv.conf direct handling). Kind regards

@fantastico Please publish OpenVPN logs from computer A, taken after a connection to a VPN server has been allegedly established. They could have some useful clues. Kind regards

Hello! Yes, at the moment translation into Spanish is needed. Kind regards

Hello, if you run our client Eddie you might like to activate "Network Lock" option to prevent any leak, including leaks in case of unexpected VPN disconnection. https://airvpn.org/topic/12175-network-lock The method suggested by dd79 is NOT safe in general, due to potential DHCP lease renewal. Please see here for more details: https://airvpn.org/topic/9787-the-pros-and-the-cons/?do=findComment&comment=11501 (see UPDATE 2 and UPDATE TO UPDATE 2). Kind regards

Hi: yes, you're right, currently the viewer needs to pause the video to read the whole block. Kind regards

Hello, actually not, it is the total time needed by your browser to require via http a 1 byte file to the VPN server and receive it, but as a relative value it is good. And yes, using the client can be quicker (the client really pings). Kind regards

Hello! Yes, please browse to the "Status" page of our web site https://airvpn.org/status The numbers displayed in ms for each server provide you with a relative (not absolute) latency which is a very precious information for your needs. Kind regards