gloomer

Encrypt traffic

17 posts in this topic

Is there anyway you can encrypt all your outgoing traffic, so that your ISP can't see what your doing?

i'm not doing anything illegal, I just find that it's kind of "Big Brother ish to be able to see what i'm doing.

So I'm curious.. Is there a way you can do this?

Is it possible?

0

Share this post


Link to post
Share on other sites

You could use an ssh tunnel to tunnel from your home connection to elsewhere and then out a proxy server. The problem with trying to hide everything from the ISP without a tunnel is that you can't really encrypt something, without a decryption point to continue from.

0

Share this post


Link to post
Share on other sites

i use TOR, but not very often mainly because anonymous proxies are very slow by nature. there's also JAP, it might be a little easier to setup and it can use TOR's mixes too. TOR can leak DNS queries if it's not setup correctly so you need to configure it to go through privoxy.

i've never used this but some people on another site i go to have suggested it -

http://www.vidalia-project.net/

0

Share this post


Link to post
Share on other sites

Yeah I've used tor before. It's notoriously slow though.

I guess that's the price you have to pay.

Speed or anonymity

0

Share this post


Link to post
Share on other sites

What about tunneling through PPTP VPN, is the traffic encrypted on both sides of the VPN server, or only between client and VPN server.

Also, is it possible to tunnel into a VPN using TOR, to protect against DNS enquiry.

0

Share this post


Link to post
Share on other sites

While we're on the subject of TOR, is there any common sense precautions one can take to avoid DNS leakage? I was under the impression Privoxy prevented that problem (when it pertains to HTTP traffic anyways).

0

Share this post


Link to post
Share on other sites
Tunnel everything through Hamachi.

From hamachi website:

Server nodes track clients' locations and provide the mediation services required for establishing direct peer-to-peer tunnels between client nodes.

The address is assigned the first time the client connects to the mediation servers, and it stays the same for as long as the client's account exists in the system.

Correct me if I'm wrong, but what I understood from the site is that although they cannot decrypt/read the traffic between two peers, they can trace your location. So if prompted by Gov or LE they will most likely give up that information. Good for hiding content of communications but not a solid method to hide location.

0

Share this post


Link to post
Share on other sites
Tunnel everything through Hamachi.

From hamachi website:

Server nodes track clients' locations and provide the mediation services required for establishing direct peer-to-peer tunnels between client nodes.

The address is assigned the first time the client connects to the mediation servers, and it stays the same for as long as the client's account exists in the system.

Correct me if I'm wrong, but what I understood from the site is that although they cannot decrypt/read the traffic between two peers, they can trace your location. So if prompted by Gov or LE they will most likely give up that information. Good for hiding content of communications but not a solid method to hide location.

TOR + Hamachi! :P

0

Share this post


Link to post
Share on other sites
While we're on the subject of TOR, is there any common sense precautions one can take to avoid DNS leakage?

You can always set up your own DNS server!

0

Share this post


Link to post
Share on other sites
While we're on the subject of TOR, is there any common sense precautions one can take to avoid DNS leakage? I was under the impression Privoxy prevented that problem (when it pertains to HTTP traffic anyways).

As far as web browsing goes: in firefox later than ~1.5, pop open your about:config and set network.proxy.socks_remote_dns to true.

0

Share this post


Link to post
Share on other sites

i think you need to use SocksCap (which uses port 9050) to force privoxy to use a different DNS and then you put this into privoxys config file -

forward-socks4a / localhost:9050 .

privoxys port number is 8118.

i don't have TOR installed atm. but, you could try this if you're stuck, it might work, it might not.

install and have running privoxy and sockscap

open your browsers network connections and put 127.0.0.1 in the first column and 8118 as the port numbers

but, in the socks column use this instead - 127.0.0.1 port 9050

put this in privoxys config file -

forward-socks4a / localhost:9050 .

when you aren't using TOR comment the above out like this -

# forward-socks4a / localhost:9050 .

that should be it. you can check for DNS leaks by seeing which remote address port 53 connects to when you are browsing, it shouldn't be your ISPs, or whatever DNS you normally use. you can use this to check if you want -

http://www.gena01.com/win32whois/

0

Share this post


Link to post
Share on other sites

Sorta OT:

Since we are on the topic, Id like to throw in an unofficial vote to have a SSL encrypted version of binrev forums...I am around some snoopy lab people alot ...

Binrev SSL version +1

On topic:

Tor is slow, get something like guardster, but that aint free....ssh is your next bet

0

Share this post


Link to post
Share on other sites

my advice : learn about OpenVPN

I'm using this solution and everything (including DNS requests) is encrypted by AES 256bit and I can use any network program I want because openvpn installs TUN/TAP network adapter that routes all the traffic so ISP can just see something is going on but would not have enough processing power to decrypt data

if you don't have your own server you can buy a paid service : example www.hotspotvpn.com

Edited by Havoc
0

Share this post


Link to post
Share on other sites

When I need to be anonymous I use findnot. It's a paid service but friends of mine have accounts on it so i use theirs. They have both vpns and socks proxys.

0

Share this post


Link to post
Share on other sites

i apologize if i have said anything that is redundant.

it depends what you mean by "can't see what [you're] doing". first, you should understand that your ISP's threat level. decide whether they are passive or active listeners. by passive, i mean that they see traffic for everyone they provide internet access for. things are just flying by and they are sitting at one point seeing what they can hear. the active kind is that they are targeting you. they will place a listener closer to your home node and probably try to see what's going on at the other end of your tcp connections also.

the two main types of protection you probably want is anonymity and traffic encryption.

as for anonymity, most people say Tor. while tor is a good hammer solution, it is very slow. theoretically, Tor will protect you against a global passive sniffer.

if you are only afraid of your ISP, then you can just proxy out to a trusted host in a network where you do not fear sniffers. from there on, your traffic will travel be routed directly to its destination.

now there is the question of whether to proxy every connection or only certain connections. this depends on what you're doing. if you're only worried about http(s) and irc, but not IM, then you may only want to pipe everything through a proxy. for example, i personally dont care about being anonymous on IM because your traffic goes to like, aol.com anyway and i'm not afraid that aol knows where i connect to their IM service from. i do, however, care about the contents, so i encrypt that. it is all how you define your security threats.

now as for encryption, you can encrypt on many levels. let's take this scenario for example. i am sending email from my computer to a mail server via smtp over a proxy. here are all the places i can encrypt:

ipsec

smtp session (ssl/tls)

proxy connection (ssl)

content (pgp)

you need to figure out what your needs are and which ones are right for you.

now, you can combine the anonymity and encryption tools in any way you want. for example, i can tor my ssh connection to my mail server and once i log in, i can send a mail via mutt. or, i can use a mail client, encrypt the email with pgp, then send the mail via smtp over a proxy to my mail server and encrypt the traffic from my proxy to the mail server. hell, the proxy can even be IP over DNS. so you can encrypt the tcp session that is being tunneled over UDP.

anyway, you get the idea. hope that helped.

-v

Is there anyway you can encrypt all your outgoing traffic, so that your ISP can't see what your doing?

i'm not doing anything illegal, I just find that it's kind of "Big Brother ish to be able to see what i'm doing.

So I'm curious.. Is there a way you can do this?

Is it possible?

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now