WiFi VPN

[.lonewolf]

Thats why,i am just sick of sites getting block everyday.Its just getting hard now to surf the internet.Because you can't use p2p,torrents or any file sharing program.I am having 4mbps and even if some trackers are online in torrents and with around 500 seeders.I get only 15KB/sec max.So thats why and tried proxies too doesnt work here.

You could try the "Your Freedom" java client. Read this page to get an idea of how it works.
https://www.your-freedom.net/

The free service is restricted to 64kbps u/load, d/load speed. But their paid services are very reasonably priced and much faster.

It has a lot of features eg. it supports socks proxies, openvpn, secure https protocol, encryption and more.

[ShadowKill]

If they compromise your DSL modem they don’ t need to breach your firewall because all of your packets are flowing through the modem. But whatever, keep on giving people advise that makes no sense.

You can't be serious......

A) That kind of "tone" is uncalled for. If you want to add something constructive while "correcting" someone, which you haven't but we'll get to that next, then do so but do not undermine them. Especially someone that's contributed so much to this community.

B) If you think that "Once you're past the modem you're in" is the way to world works, you need to log off your box, and throw it off of the highest building you can find because you obviously have no concept of network topology. By your logic, since everyone's packets are running through commercial lines every second of every day, we're all pwnt already.... While I might agree with you to some level, it's for a very different reason than what your "logic" alludes to.

Take this time to right yourself, rethink your statement, and apologize. Being hasty and rude are very quick ways to end up an Honorary Member of the Corner...........

[stran717]

You can't be serious......

A) That kind of "tone" is uncalled for. If you want to add something constructive while "correcting" someone, which you haven't but we'll get to that next, then do so but do not undermine them. Especially someone that's contributed so much to this community.

B) If you think that "Once you're past the modem you're in" is the way to world works, you need to log off your box, and throw it off of the highest building you can find because you obviously have no concept of network topology. By your logic, since everyone's packets are running through commercial lines every second of every day, we're all pwnt already.... While I might agree with you to some level, it's for a very different reason than what your "logic" alludes to.

Take this time to right yourself, rethink your statement, and apologize. Being hasty and rude are very quick ways to end up an Honorary Member of the Corner...........

Let me get this straight, the initial comment to me of "You really need to put the tinfoil hat away" is a perfectly nice and cordial tone to use and my response of “But whatever, keep on giving people advise that makes no sense.” is nasty and rude?

You’re probably correct, I don’t have a clue about network topology. It must have been my last 20 years as a telco network design engineer that deluded me.

BTW, How is the tone of “you obviously have no concept of network topology” any different than “But whatever, keep on giving people advise that makes no sense.”?

[Barry]

So tell me. How does one compromise a dsl modem?

[ShadowKill]

Let me get this straight, the initial comment to me of "You really need to put the tinfoil hat away" is a perfectly nice and cordial tone to use and my response of “But whatever, keep on giving people advise that makes no sense.” is nasty and rude?

No, I agree with you but it seemed to me that either he was saying that in jest or you should have "been the bigger man" and moved on.

You’re probably correct, I don’t have a clue about network topology. It must have been my last 20 years as a telco network design engineer that deluded me.

Look, you can give yourself whatever title want, seriously, it doesn't phase me in the least. I've spent my career making people like you rethink....themselves really, so your "20 years as a telco design engineer" have no base here when applied to the comment you made on network security. You were wrong, period.

BTW, How is the tone of “you obviously have no concept of network topology” any different than “But whatever, keep on giving people advise that makes no sense.”?

I'm not taking this back, and yes, while it may have been a bit on the aggressive side, I do not take kindly to attacks on my friends and your ridiculous statement was more than enough to provoke a little cynicism.

I do not intend to drown this thread in inappropriate posts so, as I said before, take some time to rethink your post and if you still feel it is valid, back yourself up. No one here is going to respect your "experience" if you have nothing to back up what you're saying. Just my 0.02p

[Thorn]

So tell me. How does one compromise a dsl modem?

I'm interested in hearing this, too.

At stran717: I'm a bit confused by what you're claiming. If the modem sending and receiving in the clear, then I understand that the packets could be sniffed, at least in theory. I certainly understand that the phone company could sniff it at the CO's switch, but you seem to be suggesting that the ADSL modem can be compromised on the switched telco network. It would still be very interesting to hear any details on how an ASDL attack takes place, and any ways to prevent such an attack.

However, since we're talking about a VPN, even if the ADSL modem is compromised, but the VPN is in place, the attacker will merely be seeing the encrypted VPN packets. True? Or are you saying something else?

[ibrahim52]

You could try the "Your Freedom" java client. Read this page to get an idea of how it works.
https://www.your-freedom.net/

The free service is restricted to 64kbps u/load, d/load speed. But their paid services are very reasonably priced and much faster.

It has a lot of features eg. it supports socks proxies, openvpn, secure https protocol, encryption and more.

guess what lonewolf.You are lil bit late.Lol, i searched and i found it but then also you are the PROBLEM SOLVER,i should have check it earlier.I just got from my friend yesterday.Thank you.

[C°KéM@ñ]

How about the guy down the street who's packet sniffing your cable modem ring? How about the guy from across town who compromises your faulty ADSL modem? The point is not that your ISP is the main problem. The point is that your home network is just as easily hacked as the remote network you are on. So you provide yourself with a false sense of security doing what you suggest. From what I read and have confirmed using it the vpn provider I referenced has their servers hosted at Amazon. Using your logic, I'd trust my unencrypted traffic coming out of Amazon's internal network, with millions of transactions flowing through it a day, to be free from hackers more than my local cable modem or DSL connection.

From what you are saying it appears rather simple to sniff a network segment or compromise an ADSL modem. However, from what I know, sniffing an ISP's network segment is extremely difficult. In theory, the easiest way to do this is by physically accessing the distribution cabinet down the street and place a computer between the DSLAM and the Backbone. This computer then needs to demultiplex the signal and sniff the signals. Therefore, it appears to me that doing this is very difficult and moreover you mostly need expensive hardware (in case of fiber connection) to perform this sniffing operation.

Secondly, this theoretic sniffing method won't do you you any good if people use a VPN tunnel since all the data are encrypted.

Lastly, I would trust my ISP and their infrastructure, more than a company like amazon since ISP's have more legal obligations and (mostly) better infrastructure to protect their network traffic.

[stran717]

So tell me. How does one compromise a dsl modem?

I’ve been debating for a couple of days on whether to continue this or let it die what might be a well deserved death. However, I decided one last attempt to explain would be a good idea.

The conversation began when it was advised that one could get as good security by setting up a vpn through your home network as opposed to a public vpn service. It really doesn’t’ matter which one for the purpose of this theoretical conversation.

I replied that setting up at home was not really a whole lot more secure than being at your local hotspot since your home connection is subject to packet sniffing too. I mentioned DSL and cable modems. Since cable modems were not defended I assume everyone is in agreement that people on the same cable network as you can easily sniff the traffic just as they could at the wifi hotspot.

To answer the question regarding the traffic being encrypted through the vpn so it is not a factor, please remember that you are using your home network as a transfer point for your surfing. The signal goes from your laptop in the coffee shot through a vpn tunnel to your computer at home. You computer at home then sends out the traffic to its destination fully in the clear. Therefore, all the outgoing traffic and the responses coming back to your home computer are in the clear. Which means, if someone is sniffing your outside network they can see all of your data.

The response to the DSL modem was that it didn’t matter because a firewall was present. My response to that was that it did not matter about your firewall because the potential perpetrator was outside your home network seeing the traffic from your modem.

It seems this made sense as the next response was, how does one compromise a DSL modem? While I’m not here to reveal details of such things I can tell you that a lot of DSL modems have shipped out with bad firmware that allowed external access. A lot of telcos have shipped modems with password issues. Lots of things can happen to make a DSL modem vulnerable. Just as the telco can log into your modem to make changes to your service so can an attacker get in from a compromised modem and take control. It is true that since the DSL modem comes into a blade on the DSLAM which then trunks, likely via ATM, into a downstream ATM aggregator or IP router the DSL is not subject to the network sharing problem cable modems are. However with the cable industry winning the speed wars more and more people are switching to cable.

As indicated in an earlier post, I’m not claiming you can’t trust your telco or cable provider with your traffic. Clearly they are as trustworthy as any company can be. What I have been trying to point out is that there is a possibility that someone on the outside could be monitoring your data and get your traffic without your knowledge. Regardless of who you buy your vpn from or even if you use one of the free public services, if they are connected to a major data center this possibility is virtually eliminated.

The odds of someone lurking in the internal network of a major data center is very unlikely. The odds of someone lurking on the outside of your local network are possible. Just as they are possible that someone is lurking at the local coffee shop. The whole reason you decided to set up the vpn in the first place.

I would agree that perhaps using your home network this way is sufficient security and the risk of outsiders seeing your network does not factor into your decision. If so that’s great. However, to claim that this scenario is as secure as using any one of the public vpn companies is just not accurate. Nobody who had really sensitive financial or other business or personal data would use this technique. However, I understand that many people don’t have these strict criteria for security and therefore can live with a lesser and free solution.

I hope this makes more sense to you all.

[Thorn]

Thanks for the explanation. That does make sense, and clears up the questions I had. I for one, was thinking of a VPN out from the home to another endpoint, rather than the coffee shop to the home. But no matter where they endpoint, it seems that we all agreed the the VPN traffic is secure (well, more secure), and that a compromise is going to occur at a point when the traffic goes out clear.