Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 15 Dec 2019, 10:41
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
VPN Comparison Chart & How to choose the best VPN
Post new topic   Reply to topic View previous topic :: View next topic
Page 15 of 18 [267 Posts]   Goto page: Previous 1, 2, 3, ..., 13, 14, 15, 16, 17, 18 Next
Author Message

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Tue 11 Jun 2019, 14:39    Post subject: You’d like to use a VPN but can’t afford it
Subject description: Tunneling over SSH

Tunneling over SSH is a great way to direct internet traffic privately on demand. Additionally, it is a great option if you’d like to use a VPN but can’t afford it. This isn’t to say that using a VPN on Linux isn’t a great idea. However, there’s a time and place for them. If all you want is a quick way to direct traffic securely online with Linux, make an SSH tunnel.

How To Make An SSH Tunnel On Linux

It isn’t possible to SSH tunnel without an SSH server. Luckily, the setup process is quite easy. Start off by installing SSH and the server component. The command to install the components varies based on the operating system.

Ubuntu/Debian :
sudo apt install openssh-server

Note for Puppy users : just download and install openssh-server from PPM

The best way to tunnel is the dynamic method. This ensures that the traffic stays secure. This is the best option to go with, for privacy reasons. Additionally, because the SSH tunnel is being turned into a SOCKS proxy connection, nobody will be able to eavesdrop on your connection.

ssh -C -D 1080 remote@ip-address

Whichever type of tunnel you’d like to use, if what you want is to browse the internet, proxy settings need to be set up.

Next :
Configuring FireFox
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Tue 11 Jun 2019, 15:05    Post subject: Shadowsocks
Subject description: A secure socks5 proxy, designed to protect your Internet traffic

Shadowsocks can help you when your VPN is blocked and you cannot access some websites, because Deep Packet Inspection has determined a VPN is in use.

It’s surprisingly effective at passing VPN blocks, and it’s completely free to use.

An AppImage is available :

Make it executable and launch it :
chmod a+x Shadowsocks-Qt5-x86_64.AppImage

Shadowsocks can be downloaded for multiple platforms :

Find more on the subject reading :
How to Bypass VPN Blocks: Guide to Unblocking Your Activity

Further reading :
How To Watch TV Online For Free And Legally?
10 Free Movie Streaming Sites | Watch Movies Online Legally In 2019
How To Watch Netflix For Free?
Dirty Torrents
Combining the results from dozens of the biggest torrent websites. We work in the same way as Google. Indexing process is completely automated (we do not check it). We do not host torrents, and we do not save torrents for ourselves.
Torrent Funk
RSS Feeds

Last edited by labbe5 on Sun 14 Jul 2019, 15:53; edited 4 times in total
Back to top
View user's profile Send private message 

Joined: 24 Feb 2014
Posts: 3681

PostPosted: Tue 11 Jun 2019, 15:56    Post subject:  

Setting up firefox and seamonkey (and I guess Palemoon) to use a socks5 proxy is relatively easy ... as per that article.

For chrome however there's no (preferences) menu option for that, so I use a command line to start chrome ...

/usr/bin/google-chrome-spot --proxy-server="socks5://localhost:9999" --force-device-scale-factor=1.5

as part of that I also set the Chrome scale factor so the Chrome tabs and menu font size are more to my liking (otherwise they're too small IMO).

The command I use to start the socks5 is

ssh -D 9999 -q -C -N userid@ny1.hashbang.sh &

... where I've substituted my actual userid with "userid". I use hashbang.sh for my ssh server, free account (tip, view the page source on their website for instructions of how to sign up etc.). I opted for the New York server when I signed up, hence the ny1.hashbang.sh connection. Running internet activity via that from London and I've generally experienced pretty good/responsive connections.

You can't run two versions of chrome at the same time with one using normal routing and the other via the socks, at least not as far as I know. You have to completely close down one chrome and then run the other. Best also not to use socks (ssh) routing if you're doing online banking (better to trust your local ISP's dns/routing for that IMO).

Socks/ssh is also good for validating your connection as the passwords (keys) have been set up in advance, so if you're out and about and it complains that your ssh servers keys or whatever 'have changed' then that's a warning that there may be a man in middle attack in progress (just power off and move on).

For Firefox and Seamonkey I think you also have to set the 'use proxy for DNS' tickbox also if you want dns to route via the server rather than your local/normal dns. dnsleaktest.com is a good web site to check that (just run the Standard test).

For vlc ... its pretty deep to set the socks proxying. Tools, Preferences, tick the Show All box, then select the Input Codecs choice (why there ???, seems odd to me). And then scroll down around half way down that relatively long list until you find the Socks Proxy section and enter localhost:9999 into the Socks Sever box and click OK (that's assuming you set the local port to 9999 as I showed above).

( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Wed 12 Jun 2019, 17:57    Post subject: AirVPN & VPN server chaining
Subject description: Look also for Multi-Providers Support

If you are a user of AirVPN, you may not be all that familiar with Eddie-UI. Did you know VPN server chaining is possible with Eddie-UI?

It is a concealed feature.
Click Eddie Settings, General, then uncheck Single Instance.

With Single Instance unchecked, you can open two, even three instances of Eddie-UI,
and connect to two, or three countries. Overall performance is as good with two instances as with one.

Guys your service is very good, but why you do not have a double vpn? At least a few servers.
For, example
Think about it please. It would be awesome. And very good for privacy.

You can already do it by yourself. Each account can establish up to 3 concurrent connections so multi-hop solutions are trivial. However "multi-hopping" on servers all owned by the same company is not an optimal solution, you might prefer OpenVPN over TOR, or TOR over OpenVPN, which are much safer.

Using AirVPN with Tor

Multi-Providers Support
Another interesting feature is Multi-Providers Support. When checked, you can add your own VPN provider, using open source Eddie-UI as your GUI.

One can subscribe to ProtonVPN, which does not have a GUI for Linux users, use protonVPN ovpn files and gets Eddie-UI up and running, even though you are not a subscriber of AirVPN.

What is Double VPN and how does it work?
Typically, when you connect to VPN, your traffic travels through a remote VPN server, which changes your IP address and encrypts all the data that you send or receive over the internet. Due to this setup, no snoopers or cybercriminals can see what you are doing online.

Now with Double VPN, your online activity hides behind two servers instead of one, which is known as VPN server chaining. The working principle is rather simple:

Your traffic reaches a remote VPN server and leaves it securely encrypted.
The encrypted traffic then passes through a second VPN server and gets encrypted one more time.
You reach your internet destination securely and privately.


Further reading :
Best Sites To Watch Hindi Movies Online For Free In 2019 [Legal Streaming]
The 15 Best Amazon Originals You’ve Never Heard Of

DoubleVPN and NordVPN both offering VPN server chaining


Double VPN, also known as a process of chaining VPN servers, is a technology solution that allows hiding your online activity behind several servers via a VPN tunnel. As a matter of fact, the working principle is rather simple: you connect to the first VPN server, which in turn redirects all the traffic to another server, from which the online traffic reaches the final destination.

This way, the connection goes through two separate servers in different locations: the external IP address is changed and the traffic is encrypted once, and then it gets re-encrypted in the second server in another location.

In general, double encryption may not be necessary if you only want to unblock services that are inaccessible in your location, stream video content or access specific media platforms.

However, the advanced VPN encryption feature can be extremely useful and even necessary when a high level of online security and privacy is required. That is especially relevant to all the journalists, political activists and bloggers working and living in countries with authoritarian governments along with a high level of Internet censorship and surveillance.

DoubleVPN / NordVPN
DoubleVPN and NordVPN provide this feature (DoubleVPN for a hefty monthly price):

DoubleVPN :

For 36$/month : doubling your protection :
The first server receives request from your computer and redirects it to the second server, which sends it on its behalf into the Internet.

For 42$/month : tripling your protection.
The first server receives request from your computer and redirects it to the second, the second redirects to the third, which sends it into the Internet.

Despite the many advantages and benefits double encryption provides in the context of Internet security and privacy, there are only a few service providers that support the Double VPN technology. Meanwhile, NordVPN offers it for all their clients at no extra charge.

Further reading :
NordVPN Introduces NordPass
NordVPN Announces NordLocker for File Encryption

Related websites :
Check your IP with : http://whatleaks.com/en/
For WebRTC leak test : https://browserleaks.com/webrtc

Last edited by labbe5 on Thu 27 Jun 2019, 10:11; edited 3 times in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Tue 18 Jun 2019, 18:30    Post subject: RiseupVPN
Subject description: free VPN by a privacy advocate


At Riseup, we believe it is important for everyone to use some technology like VPN or Tor to encrypt their internet traffic. Why? Because the internet is being broken by governments, internet service providers (ISPs), and corporations. RiseupVPN will fight that.

On Mac, Windows and Linux RiseupVPN will create a system tray menu with an icon that indicates if the VPN is connected or not.

The RiseupVPN service is entirely funded through donations from users. If you value an easy, non-profit VPN service that does not track users, then please contribute to keeping RiseupVPN alive.

The cost for us to offer RiseupVPN is approximately $60 USD per person per year. If you use the VPN, please consider donating at least this much.


Currently, RiseupVPN is only packaged for Linux using snap.

snap install --classic riseup-vpn

Launching riseup-vpn can be tricky. Try this :

Why not use riseup-vpn on your desktop or on your Android smartphone? And donate to keep it going.

RiseupVPN for Android

Home : https://riseup.net/en
Riseup provides online communication tools for people and groups working on liberatory social change. We are a project to create democratic alternatives and practice self-determination by controlling our own secure means of communications.

Further reading :
A search engine based on Searx (torrent searches are not banned, contrary to other search engines)

For privacy advocates and/or libertarians :
Radical Servers
Surfshark VPN Extension for Firefox by Surfshark
Some features may require payment

Riseup-vpn is based on Bitmask.
Video tutorial (in french) :
Bitmask - VPN et service d'email chiffré gratuit

Last edited by labbe5 on Mon 09 Sep 2019, 08:54; edited 2 times in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Thu 27 Jun 2019, 09:30    Post subject: Using Raspberry Pi to create a VPN server from scratch
Subject description: also Set up the ExpressVPN app for Raspberry Pi

Set up the ExpressVPN app for Raspberry Pi :

Using Raspberry Pi to create a VPN server from scratch :

In today's world, no one should sneer at more security. Plus, as I mentioned, playing around with Raspberry Pi is just plain fun.

Further reading :
Raspberry Pi 4B vs Raspberry Pi 3 B+
The Raspberry Pi Foundation has done a pretty amazing job here with adding the extra performance (CPU up to three times faster), and plenty of new features (4K, GbE, USB 3.0..) while keeping the same price tag for the board with 1GB RAM. Some of the features I don’t see advertised and are present on some of the competing boards include HDR (High Dynamic Range) and VP9 video decoding.
Why Everyone Should Try the Raspberry Pi 4: New Features and Impressive Specs
The NanoPi NEO4: Is This the Raspberry Pi Killer?

Last edited by labbe5 on Mon 01 Jul 2019, 17:14; edited 1 time in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Mon 01 Jul 2019, 16:52    Post subject: How to Install a VPN on Synology NAS
Subject description: also NordVPN : biggest market share


Need help setting up a VPN on your Synology NAS device? In today’s guide, we’ll walk you through the process of choosing the best VPN provider with out of the box NAS support from a crowded marketplace. If you’d rather configure your VPN connection manually, we’ll show you how to do so via OpenVPN and PPTP.

Network Attached Storage devices, or simply NAS devices, are incredibly powerful pieces of hardware that bring centralized data storage to your home or office. NAS technology includes everything from standalone hard drives to routers with built-in NAS capabilities. All you have to do is give the device access to the internet and all of the computers, smartphones, and tablets on your local network can wirelessly access files stored on the NAS.

Synology is one of the better-known NAS manufacturers and offers a wide range of devices for home, office, and even corporate use. They can hold hundreds of terabytes of files and come with plug-and-play bays that make them easy to expand. They’re so flexible you can even install a virtual private network (VPN) and use it to encrypt all of your network traffic without having to rely on expensive off-site servers.

Recommended VPNs

We understand how the game is played, and oftentimes money, sponsorship, affiliate commissions, and straightforward pay-to-rank schemes can muddy the waters.

Most Popular VPN

Because we’re going with the 10 most popular VPNs, we had to eliminate a lot of VPNs that we feel are really great, but haven’t really gained a strong foothold yet. These VPNs include:

Astrill VPN
Perfect Privacy

Overall, we’re giving the crown for the VPN with the greatest market share (based on publicly available information) to NordVPN.
Review :


It has highly recommended features, and Eddie-UI, a user-friendly GUI tool to manage your VPN connections.

Air VPN uses OpenVPN to establish the connection between your computer and our servers. OpenVPN is the most reliable and secure solution for encrypted tunnels, offering a higher than military degree of security. Forget PPTP or other unsecure protocols.

It offers OpenVPN on ports 80 TCP / UDP, 443 TCP / UDP and 53 TCP / UDP. Additionally, every Air server supports directly OpenVPN over SSH, OpenVPN over SSL and OpenVPN over Tor. This means that even the most brutal techniques of monitoring, censorship, throttling and traffic shaping will fail against AirVPN, because your ISP and your government will see only TCP or UDP traffic on a unique port.

1. No traffic limit. No time limit. Access to all of our exit-nodes.
2. Five simultaneous connections per account.
3. Unlimited and free servers switches.
4. High performance servers in many countries
5. No maximum speed limit, it depends only on the server load (see here).
6. Minimum allocated granted bandwidth: 4 Mbit/s download + 4 Mbit/s upload


VPN Helper
This plugin monitors your network's state and ensures BiglyBT is properly connected to your VPN.

Supported VPNs:
Private Internet Access

• Ensures BiglyBT is bound to the correct VPN interace.
• Ensures Port Forwarding, allowing incoming connections.
• Ensures various BiglyBT settings are correct (Binding, Enforced Binding, disabling of UPnP, NAT-PMP, etc)
This plugin does not help you with getting your VPN connected and running on your machine. Please see your VPN's site for VPN setup instructions.

VPN Helper for Perfect Privacy
This plugin monitors your network's state and ensures BiglyBT is properly connected to Perfect Privacy's VPN.
• Ensures BiglyBT is bound to Perfect Privacy's VPN interace.
• Ensures Port Forwarding, allowing incoming connections.
• Ensures various BiglyBT settings are correct (Binding, Enforced Binding, disabling of UPnP, NAT-PMP, etc)
This plugin does not help you with getting your VPN connected and running on your machine.

The Licensing and Compliance Lab interviews BiglyBT
BiglyBT’s use of the DHT (a decentralized distributed system) is probably the biggest thing that sets us apart. Using the DHT, the Swarm Discoveries feature generates lists of content that are related to content the user has downloaded. BiglyBT will look for other torrents containing the same files you are trying to download, and with Swarm Merging, combines the two swarms for faster downloading and the ability to complete torrents without any seeds. The DHT is also used for torrent/tracker/tag-based chat channels. We are the only client that integrates directly into the I2P DHT, allowing us to have anonymous chats and better anonymous torrenting and peer finding.

Setting up BiglyBT with DuckieTV

Last edited by labbe5 on Tue 03 Sep 2019, 15:39; edited 12 times in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Tue 02 Jul 2019, 10:35    Post subject: Firewalld and VPNs  

If you use a live OS for banking and a VPN such as AirVPN, you are well protected. But what if your live OS does not have a firewall installed and loaded?

Firewalld can be installed and used in a few clicks.

Using Devuandog or an Ubuntu-based OS, you have to install firewalld and firewall-applet.

Once installed, open firewalld GUI : firewall-config

There are zones. Default is public.

You can bind an interface with a zone.

Using a VPN, you want to bind tun0 with a restrictive zone, such as Drop.

Search Interface in your GUI, you may have to scroll a bit to find it, then add tun0

On a terminal, ifconfig will help you find all interfaces used.

For a list of zones and their meaning :

Work: Use this one when on a network you mostly trust. SSH, DHCPv6, and mDNS are permitted, and you can add more as needed. This zone is meant to be a starting point for a custom work environment based on your daily office requirements.
Public: For networks you do not trust. This zone is the same as the work zone, but presumably, you would not add the same exceptions as your work zone.
Drop: All incoming connections are dropped with no response given. This is as close to a stealth mode as you can get without shutting off networking entirely because only outgoing network connections are possible (even a casual port scanner could detect your computer from outgoing traffic, though, so don't mistake this zone for a cloaking device). This is arguably the safest zone when on public WiFi, and definitely the best when you have reason to believe a network is hostile.
Block: All incoming connections are rejected with a message declaring that the requested port is prohibited. Only network connections you initiate are possible. This is a "friendly" version of the drop zone because, even though no port is open for incoming traffic, a port verbosely declines an uninitiated connection.
Home: Use this when you trust other computers on the network. Only selected incoming connections are accepted, and you can add more as needed.
Internal: Similar to the work zone, this is intended for internal networks where you mostly trust the other computers. You can open more ports and services as needed but still maintain a different rule set than you have on your work zone.
Trusted: All network connections are accepted. Good for troubleshooting or on networks you absolutely trust.

Preventing tracking and enhancing security online is your ultimate goal if you already use a VPN, but what if you can enhance your security and anonymity with a specialised browser, such as Sphere. Sphere browser can be used by Linux users, as a portable app (unzip and use it).

Further reading :
Make Linux stronger with firewalls
Regardless of your distribution, for a firewall to be effective, it must be active and set to be loaded at boot. The less you have to think about firewall maintenance, the better.
$ sudo systemctl enable --now firewalld

Now that you have firewalld enabled, what to check? Open ports.
How to check open ports in Linux using the CLI
netstat -tulpn | grep LISTEN
ss -tulpn
lsof -i -P -n | grep LISTEN
Zenmap Nmap GUI

Last edited by labbe5 on Tue 03 Sep 2019, 05:56; edited 3 times in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Tue 02 Jul 2019, 10:50    Post subject: social media and VPNs  

If you think about it, using social media while using a VPN, you ultimately defeat the purpose of having a VPN in the first place.

If you use social media to tell everybody everything about you, your security and anonymity is actually compromised, even though you use a VPN.

You may not be aware of it, but any information about you, even the least amount, can compromised your security and anonymity online.

So if you are serious about using a VPN, you should ban any usage of social media.

Or prepare to be sorry for financial losses, porn revenge, SIM attacks, troll and other unpleasant attacks facilitated by social media.

This is my opinion, so no link to an actual article. It is just common sense.

Further reading :
Amazon Confirms: Alexa Keeps Your Voice Recordings Forever
What Sherlock Can Find
Why you should fly under the radar
When researching a person using open source intelligence, the goal is to find clues that tie information about a target into a bigger picture. Screen names are perfect for this because they are unique and link data together, as people often reuse them in accounts across the internet. With Sherlock, we can instantly hunt down social media accounts created with a unique screen name on many online platforms simultaneously.
From a single clue like an email address or screen name, Sherlock can grow what we know about a target piece by piece as we learn about their activity on the internet. Even if a person is careful, their online contacts may not be, and it's easy to slip up and leave default privacy setting enabled on apps like Venmo. A single screen name can reveal many user accounts created by the same person, potentially introducing photos, accounts of family members, and other avenues for collecting further information.

Wozniak says we should get off Facebook
Wozniak’s comments echo that of Apple CEO Tim Cook. He’s likened the advertising-driven business models of Facebook and Google to “surveillance,” adding that a privacy-first mindset drives Apple’s ethos and that people’s control over their personal information is a “fundamental human right.”

Last edited by labbe5 on Sun 14 Jul 2019, 15:30; edited 5 times in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Thu 04 Jul 2019, 08:01    Post subject: Brook
Subject description: a cross-platform proxy/vpn software Cli/Gui tool


Brook's goal is to keep it simple, stupid and not detectable.

Under active development : Latest commit d329b08 May 31, 2019

ArchLinux provides it using pacman -S brook

You can download Brook for :
amd64 : https://github.com/txthinking/brook/releases/download/v20190601/brook
i386 : https://github.com/txthinking/brook/releases/download/v20190601/brook_linux_386

Available for iOS and Android, as well as Windows.
Install as snap : https://snapcraft.io/brook
In terminal : snap install brook
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Thu 04 Jul 2019, 08:19    Post subject: openvpn
Subject description: basic usage

Basically, you need config files from your VPN provider.

Once you have them, you do not need to have a GUI.

Simply do :
sudo openvpn --config config-file.ovpn

If openvpn is missing, install it :
For Debian/Ubuntu :
sudo apt install openvpn

Further reading :
Fix Slow VPN Connections: How to Speed Up Your VPN Connection

Last edited by labbe5 on Sat 03 Aug 2019, 11:19; edited 1 time in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Sat 13 Jul 2019, 14:30    Post subject: ExpressVPN
Subject description: PwC Validates Claims of Privacy

Independent audit experts PricewaterhouseCoopers (PwC) have audited ExpressVPN’s servers to confirm compliance with privacy policy and privacy protections, and also evaluated the company’s TrustedServer technology. Audits that are carried out by independent third parties have the value of confirming what the company’s claims, or debunking them if they are invalid. This is why ExpressVPN is ordering audits like this one, as they have done again in the recent past with Cure53 who audited their browser extension. Security claims are easy to make, but customers should only accept them after they have been put to the test by an independent entity.

According to the TrustedServer architecture, the servers run in RAM only, and the bootloader on the server hardware boots directly into a read-only ISO image file (Debian Linux) that is digitally signed by Express VPN. There can be no booting without a valid signature, no files written to system locations, and no ISO content modifications. This, as well as the claim that no PII or IP addresses ever leave the contained environment, was checked and confirmed by PwC. As for the codebase changes and deployment, it was affirmed that there can be no changes pushed directly in the master branch, so there can be no unchecked and unapproved code changes on the servers.
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Sun 14 Jul 2019, 16:25    Post subject: Usenet  


Usenet is old, very old. It was created back in 1979–the web didn’t even exist back then! Usenet was created to permit the exchange of information between universities and research facilities. It evolved into a general-purpose message and file exchange system that was available for free. Reaching its peak popularity in the early 90’s, it found itself being abused by unscrupulous users to exchange pirated or otherwise illegal material.

Given the bad reputation Usenet got from this unplanned use, most providers eventually stopped offering the service and it quickly fell out of favor. It never completely died and nowadays, some commercial providers have revived the Usenet and are even offering server access to paying customers.

If you want to get started with Usenet, you need is a reliable Usenet service provider. There are many suppliers available making the selection process a daunting task. We at Addictive Tips have reviewed several Usenet providers for you, trying to find the best one. The one we recommend is called Newshosting.

Newshosting offers 256-bit SSL encryption to protect your privacy, a built-in, full-featured newsreader so you don’t need any extra software, one of the longest file retention of any Usenet provider so you can find more content and many more excellent features.

Further reading :
UsenetServer Review

Alternative to usenet is i2p, and unlike usenet it is free - and slow. Less secure than i2p, but still a good alternative to usenet is zeronet. Use Tor for privacy using zeronet, or a VPN.

On zeronet, a list of torrent sites (also TrueFrench & VOSTFR)
On zeronet, TV episodes in the past week
Some torrents are automatically inserted into Freenet. Using the listed CHK key you can download these anonymously without having to use bittorrent.

Last edited by labbe5 on Sat 03 Aug 2019, 19:17; edited 4 times in total
Back to top
View user's profile Send private message 

Joined: 13 Nov 2013
Posts: 2083
Location: Canada

PostPosted: Sat 20 Jul 2019, 17:23    Post subject: DSVPN
Subject description: A Dead Simple VPN + glorytun + sshuttle


This is a weekend project, and this is what I use, because it solves a problem I had. Extending it to solve different problems is not planned, but feel free to fork it and tailor it to your needs!

DSVPN is a Dead Simple VPN, designed to address the most common use case for using a VPN:

[client device] ---- (untrusted/restricted network) ---- [vpn server] ---- [the Internet]

Runs on TCP. Works pretty much everywhere, including on public WiFi where only TCP/443 is open or reliable.
Secure. Doesn't perform any heap memory allocations. Uses modern cryptography.
Small (~30 KB), with an equally small and readable code base. No external dependencies
Works out of the box. No lousy documentation to read. No configuration file. No post-configuration. Run a single-line command on the server, a similar one on the client and you're done. No firewall and routing rules to manually mess with.
Works with Linux (client, server) and MacOS/OpenBSD (client). Adding support for other operating systems is trivial.
Blocks IPv6 on the client to prevent IPv6 leaks.

Secret key
DSVPN uses a shared secret. Create it with the following command:

dd if=/dev/urandom of=vpn.key count=1 bs=32

And copy it on the server and the client.

Further reading :
A Dead Simple VPN
A small, simple and secure VPN
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
sshuttle: A Poor man’s VPN Over SSH
Back to top
View user's profile Send private message 

Joined: 24 Feb 2014
Posts: 3681

PostPosted: Sun 21 Jul 2019, 04:42    Post subject:  

When I evaluated sshuttle
sshuttle --dns -v -x <hashbang.sh's IP> -r <myhashbanguserid>@ny1.hashbang.sh 0/0
I saw leaks Labbe5. Google/Chrome for instance sometimes seemed to hit tcp eof's and reverted to straight connections of its own making.

Simpler straight ssh into a server and running things directly from there is more certain. Modern day browsers and http/https tend to leak meta data such that they don't sit well with privacy and drive gui/bloat i.e. in the direction of Windows. Going in the other direction towards Unix is the complete opposite of that - but does mean more 'textual' in nature. irc, mail lists, ssh (BBS's) type usage for 'communications'. Unsurprisingly the likes of ssh redditbox.us or viewing yahoo financial pages using a w3m browser via a remote server you're ssh'd into are generally scales of order faster than using Chrome.

( ͡° ͜ʖ ͡°) :wq
Fatdog multi-session usb

echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 15 of 18 [267 Posts]   Goto page: Previous 1, 2, 3, ..., 13, 14, 15, 16, 17, 18 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum

Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1320s ][ Queries: 12 (0.0344s) ][ GZIP on ]