Jump to content
Not connected, Your IP: 54.198.246.164

Search the Community

Showing results for tags 'security'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Frequently asked questions
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP
    • Mirrors
    • Net Neutrality Monitor

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 64 results

  1. I use AirVPN for many years and super happy about it. On iOS I used the official openvpn app but recently discovered an alternative: passepartout (Edit: since it's a commercial app, not sure it's ok to paste here but here is the link https://apps.apple.com/jp/app/passepartout-openvpn-client/id1433648537?l=en) So far it has great features but I'm not sure if it's really secure or impacting Air's features in any way. Does anyone use it or have some info about it? Thanks!!
  2. For the security and privacy minded people overhere ;-), i discovered a very rich Podcast site. https://www.inteltechniques.com/podcast.html The information is more targeted for people living in the us. But it can be beneficial for the rest of the world to. Specially the podcasts about moving to Linux and why /how ( started at no.66 to 72).Very useful ,as a starter or more advanced user. Also how to hide your identity from trackers like google/facebook etc. Gr,Casper
  3. Hello, first post here. I was really getting interested in hiding my IP from websites, and suddenly I noticed this issue: whatever I do the site whatsmyip always detects my real ISP given IP and location. I did some reading and tests, but all posts and topics related to IP leak lead to WEBRTC, that was the first fix I did - disabling this service on my browsers, however that didn't solve my problem, although all WEBRTC testing sites confirmed that I have successfully disabled the service. Then I changed my DNS, connected to various AirVPN servers, no change, that site is always showing my real IP (it's IPv6 if it matters) So, if anyone can explain this and possibly gives me an idea what to try next, it will be appreciated! using Win10-64, Chrome and Firefox browsers. Cheers! Waylander131
  4. Hi, is there any way of setting eddie up so that it will change severs for me automatically every hour or 3 hours or to a schedule that I choose? Thanks.
  5. TLDR: Network lock via the Windows Firewall is completely broken in Eddie 2.14.5. The following is based on a fresh Windows 7 Professional SP1 install (Vmware VM), Eddie 2.14. 5 is at stock settings except for Network Lock being changed from "Automatic" to "Windows Firewall (Not Recommended)". Upon enabling Network Lock, the following Outbound firewall rules are created: The "Eddie - Out - Allow IPs" rule (the one highlighted) allows ALL outgoing connections !? Indeed, no traffic is blocked when the VPN is not connected, thus breaking Network LockEnabling verbose logging shows the rule being created as follows: How on earth did this get through testing? I mean, I'm smiling, but I am very f***ing furious... This really shakes the confidence that i had in AirVPN as a professional and technically competent VPN provider.
  6. Quantum computers are coming - and probably sooner than we think. Does AirVPN have any thoughts or strategy to mitigate this threat to VPN-security?
  7. Hi there, I am totally new to vpn and I just curious about how that all works and how to do it right, and now I am quite confused about thousand different setup methods. I have a plain linux box which runs a service Y on a specific port that shall go throught airvpn. So far I only read that once openvpn is started all traffic goes through the vpn. If I simply start the vpn as descibed here https://airvpn.org/topic/11431-using-airvpn-with-linux-from-terminal/ on the box does this mean that everyone on the other side of the vpn can portscan/connect to services that are running on that box? If I manage that box from another client in my LAN via a vncserver that is installed on that box, can I still reach the box after starting openvpn and can anyone on the other vpn side connect to the vncserver? So my question is what is the easyest way to route only service Y to the vpn and make incomming (from the vpn) request route only to service Y's port?
  8. It's a new feature in OpenVPN 2.4, for more privacy and can also help with censorship circumvention in some cases. https://github.com/OpenVPN/openvpn/blob/master/Changes.rst Can AirVPN implement this?
  9. Would it improve security if airvpn uses LibreSSL to build the openvpn binary? https://www.libressl.org/
  10. I was talking to a friend of mine who works in tech. He told me that any VPN can be pinged and your location found easily. my question, is it possible to ping your real ip through a VPN?
  11. Hi all, Does anyone know the security quality of masked data in JSON Payloads? Obviously no substitue for HTTPS or a VPN but whats the general thoughts on it? Cheers
  12. In the latest version of Tor Browser, traffic analysis resistance has been added, which makes Passive website fingerprinting attacks harder for an attacker. Tor Browser 7.0.6 is released Connections between clients and relays now send a padding cell in each direction every 1.5 to 9.5 seconds (tunable via consensus parameters). This padding will not resist specialized eavesdroppers, but it should be enough to make many ISPs' routine network flow logging less useful in traffic analysis against Tor users. Padding is negotiated using Tor's link protocol, so both relays and clients must upgrade for this to take effect. Clients may still send padding despite the relay's version by setting ConnectionPadding 1 in torrc, and may disable padding by setting ConnectionPadding 0 in torrc. Padding may be minimized for mobile users with the torrc option ReducedConnectionPadding. Implements Proposal 251 and Section 2 of Proposal 254; closes ticket 16861. Relays will publish 24 hour totals of padding and non-padding cell counts to their extra-info descriptors, unless PaddingStatistics 0 is set in torrc. These 24 hour totals are also rounded to multiples of 10000.​tor-0317-now-released
  13. I work in a school in China that has suddenly changed admin and become somewhat hostile. According to one of the IT people here, they've installed software on a server that would enable them to take screenshots of anyone's computer or phone that is on the network. We don't have to install software on our laptops or phones to be able to get on the network so I really don't see how taking screenshots is remotely possible. It MIGHT work if we log onto the network to move files or to print, but even that seems a bit of a stretch. I trust the IT guy as far as being honest. He didn't install this new powerful software, but heard someone else in his office talking about it. I'm guessing if I'm on a VPN my Internet use should still be secure. Any comments or ideas about this?
  14. Hello all, I've been with AirVPN for quite a while and I don't plan on leaving because of the awesome service! But, like many of you I do like to investigate the features and reviews of existing and upcoming VPN services. I was using TorGuard a couple of years ago, it was alright but speeds were very inconsistent. Upon checking their VPN Blog page this morning I noticed that there's a post about then using a new technology called OpenConnect, which is supposed to be the fastest and most secure way of connecting to a VPN. I just wanted to know if this is accurate information and if it is does AirVPN use it or are they planning on using it? Here's a link to the blog post: https://torguard.net/blog/torguard-introduces-openconnect-vpn/
  15. Today my firewall blocked an incoming NTP (port 123) connection from 134.147.203.115. A quick reverse DNS lookup reveals its current domain name to be scanresearch1.syssec.ruhr-uni-bochum.de, so presumably someone at RUB is doing some kind of experiment involving scanning internet users. My question is: how would this sort of thing find my PC? If my public IP address is shared with all those on my chosen VPN server, then why me? How me? Are they just trying all the ports on the AirVPN server, hoping that one of them is translated to a valid NTP connection?
  16. Hello. What do you think would produce the best balance between security and speed? 1. Running AirVPN's client 'Eddie' in sys-netVM. 2. Putting AirVPN's OpenVPN config into Turris Omnia 2 GB router. 3. Setting up a VPN gateway in Qubes as described in Qubes' docs. Hardware: Asus »Zenbook«, Intel i5-5200U, 2.20 GHz, 12 GB RAM. Any hints and ideas are very much appreciated. Best regards. ​ PS: This also refers to the very interesting topic: ​https://airvpn.org/topic/22471-qubes-whonixtor-airvpn-world/?hl=qubes
  17. Multiple security Vulnerabilities were found in Openvpn 2.4.1. OpenVPN 2.4.1 was simultaneously reviewed by Quarkslab (funded by OSTIF). Here is a link to the audit information. https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits
  18. Hello, In the "Guide to Getting Started + Links for Advanced Users" under "Which other steps can I take to increase my privacy and security" it states: If you're looking for a technical challenge, you can install pfSense on a very powerful computer, to make it act like a router, so that all devices connected to your Wi-Fi will be covered by the VPN.If you're a geek or networking enthusiast, you can also check out things such as the Turris Omnia router, which offers very powerful hardware & software. So my question is: What is the functional difference between the two? One's a small computer you recommend turning into a router. The other is basically a supped up open source router running openWRT. Upon inspection, I'm not quite sure why this router (Turris Omnia) was recommended over something like the Asus RT-AC5300. I'm essentially looking for the most secure router possible.
  19. I'm looking for the best anti-malware protection on my windows 10 computer, HP. What would you all recommend? I'm doing a general setup for tightening security. I'm bought the VPN through AirVPN, Email through StartMail Search engine through Startpage (utilizes Google search but sends anonymous queries through their server, under Dutch Law) Thanks.
  20. https://arstechnica.com/tech-policy/2017/03/senate-votes-to-let-isps-sell-your-web-browsing-history-to-advertisers/ Comments, questions, concerns.
  21. The House of Representatives is expected to vote to allow Internet service providers (ISPs) like Comcast, Verizon, and AT&T to sell your sensitive personal information to advertisers without your permission. https://www.savebroadbandprivacy.org/?link_id=0&can_id=b5f25476933de4520652da14a95ae0c5&source=email-vote-is-tomorrow-5&email_referrer=vote-is-tomorrow-5&email_subject=vote-is-tomorrow Comments. questions,
  22. Protonmail launched a Tor Hidden Service, any comments or questions? https://protonmail.com/blog/tor-encrypted-email/ onion link https://protonirockerxow.onion Onion server Certificate should be verified before logging in. Sha256 D6:D5:26:07:F9:5F:41:D3:92:AD:EE:59:CE:29:AB:E0:B3:E8:2F:30:EA:1E:6B:8F:9D:12:09:42:F0:35:BB:65
  23. Hi, I have a suggestion that should increase security for Air and customers. My suggestion is for Air to configure an optional system of multifactor/two-factor authentication for logging in to the AirVPN website, as well as for the initial setup of the Eddie software (entering login details). This can be enabled or disabled by the user and accomplished by either: a smartphone app such as FreeOTP (which is open source and available for iOS/Android).a hardware device such as Nitrokey (which is open hardware) or a similar USB one time password generator (Yubikey, etc.) The user will be prompted on their phone or mobile device with a number to enter in additionally to their password. This makes sure nobody but the authorized user has access to the account, profile, etc. Air would probably be the first VPN provider to have this as an option. Regards, anonym
  24. Hello, I have been reading about the differences between UDP and TCP and they basically say that TCP is more reliable, as it does some extra "error-checking stuff", while UDP does no such thing. From that I can inferr basic things for example: TCP guarantees that your downloads are not corrupt in case of connection problems and so on. But as a newbie, i am not sure how to interpret that in another context: Do these extra error checkings also protect your privacy and anonymity against (theoretically) any kind of hacking, like intercepting and compromising the packets, or sniffing them ie spying on your activity online (from the government for example) ? And would i be at a disadvantage when using UDP in that case? Thank you
  25. Hi! I would like to start a discussion on the following paper on IPv6 and DNS security issues, in particular because it explicitly mentions AirVPN as vulnerable: "A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients" http://www.degruyter.com/view/j/popets.2015.1.issue-1/popets-2015-0006/popets-2015-0006.xml (click on "Full Text PDF") The paper discusses two separate attacks: 1. IPv6 Man-in-the-Middle through Router Advertisement This has been discussed for years and there are several exploitation tools available to mount an attack yet awareness of the problem seems to be very very low. Essentially the problem is that most OSes have IPv6 enabled and prefer it over IPv4, yet almost all local networks are IPv4 only. An attacker can advertise himself as an IPv6 router, and your OS will start sending all your traffic to him because IPv6 is preferred. He only needs to be on the same local network as you are, which is the case for public WiFi etc. There are several news items giving an easy explanation of the attack, e.g. https://www.virusbtn.com/blog/2013/08_12.xml The attack is also known as "SLAAC Attack" as dicussed already in 2011 here: http://resources.infosecinstitute.com/slaac-attack/ Tools to try it out: - SuddenSix (Linux bash script) https://github.com/Neohapsis/suddensix Presented at DEFCON 21 (2013): https://www.defcon.org/images/defcon-21/dc-21-presentations/Behrens-Bandelgar/DEFCON-21-Behrens-Bandelgar-MITM-All-The-IPv6-Things.pdf - Evil FOCA (Windows, also does DNS Hijacking) https://www.elevenpaths.com/labstools/evil-foca/index.html Also Presented at DEFCON 21: http://www.slideshare.net/chemai64/defcon-21-fear-the-evil-foca-mitm-attacks-using-ipv6 - THC-IPV6 with fake_router6 (Linux) https://www.thc.org/thc-ipv6/ Defense against the attack is very simple: Turn off IPv6 on your machines! Windows: https://support.microsoft.com/en-us/kb/929852 Linux: http://www.binarytides.com/disable-ipv6-ubuntu/ Mac: http://osxdaily.com/2014/04/18/disable-ipv6-mac-os-x/ Android: https://play.google.com/store/apps/details?id=de.lennartschoch.disableipv6&hl=en AirVPN can help by adding functionality to the AirVPN client to set IPv6 routing tables as well and make sure IPv6 traffic goes to the VPN interface. 2. DNS Hijacking through route injection This more advanced attack also comes with more prerequisites, the attacker needs to control the WiFi router. Given generally poor router security this is not too much to ask though. When the attacker sees you are connecting to a VPN, he notes the VPN provider you are connecting to and creates a virtual interface on the router with the IP address of the DNS server used for the VPN. With a low DHCP lease period he forces you to renew your DHCP lease and now gives you the virtual interface as default gateway. This messes up your routing tables enough so that all your DNS requests will now go to the attacker-controlled router and not go through your VPN tunnel. A proposed way to detect the attack would be for the AirVPN client to do repeated DNS checks for specific domains that only the AirVPN DNS servers can resolve. A way to fully mitigate the attack seems to be to have the default gateway for the VPN also be the DNS server. If it's any consolation, of the 14 VPN providers tested, only four had clients that protected against IPv6 leaks and only one was not vulnerable to DNS hijacking.
×
×
  • Create New...