Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Search found 101 matches

by cryptostorm_ops
Tue Jul 14, 2015 1:11 pm
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: cleanvpn.org/HideMyAss - raw data - #cleanVPN, or not?
Replies: 10
Views: 34563

HMA: Don't miss 50% off in our Summer Special!

Return-path: <bounces+914316-b587-lulz=cryptokens.ca@email.hidemyass.com> Envelope-to: lulz@cryptokens.ca Delivery-date: Mon, 13 Jul 2015 20:15:25 +0300 Received: from o1.email.hidemyass.com ([198.21.7.164]:29148) by bafana.cryptostorm.net with esmtps (TLSv1.2:DHE-RSA-AES128-GCM-SHA256:128) (Exim 4...
by cryptostorm_ops
Fri Mar 06, 2015 7:23 pm
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: request for cyberghost review - #cleanVPN clearance?
Replies: 2
Views: 8821

post binaries!

It's helpful to get things moving if copies of binaries (i.e. the installers, which for windows are usually of the form randominstallername.exe) can be uploaded to a thread here or, if that's not possible, at least a link to them. We notice some VPN companies do an amazingly good job of protecting t...
by cryptostorm_ops
Fri Mar 06, 2015 12:32 am
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: cryptostorm - #cleanVPN information disclosure & discussion of results
Replies: 0
Views: 9421

cryptostorm - #cleanVPN information disclosure & discussion of results

https://malwr.com/analysis/OTQ2YmZjMDg2ZjJjNDQ4MzkzOWIyZWM2Yjg3OTcxZTk/ https://www.virustotal.com/en/file/32120b07be4675f5d88a562c78632f0bc027d4f0b010543aa0a65759e98ce171/analysis/1425580490/ Tested file, for reference: MD5: 9520d5d320687f5fe162a11ed9dd9b29 SHA1: 9ede6494f03109f93022a6e145ececa4304...
by cryptostorm_ops
Fri Jan 09, 2015 5:20 am
Forum: general chat, suggestions, industry news
Topic: full Snowden December 2014 document set - VPN & SSL/TLS crypto
Replies: 7
Views: 23896

Exclusive: Edward Snowden on Cyber Warfare

Full text, from the PBS website : Last June, journalist James Bamford, who is working with NOVA on a new film about cyber warfare that will air in 2015, sat down with Snowden in a Moscow hotel room for a lengthy interview. In it, Snowden sheds light on the surprising frequency with which cyber attac...
by cryptostorm_ops
Sun Dec 28, 2014 11:13 am
Forum: general chat, suggestions, industry news
Topic: 1.4 config files: bugtracking, feedback, discussion, questions, etc.
Replies: 25
Views: 22810

Re: 1.4 config files (draft versions posted here)

Sorry about that posted the wrong address it's linux-uscentral.cstorm.pw Name: linux-uscentral.cstorm.pw Address: 79.134.255.83 Excellent catch. The HAF entry was actually nonexistent, and our DNS resolvers were providing essentially a default value - which isn't an instance-mapped IP at all. In do...
by cryptostorm_ops
Sat Dec 27, 2014 5:16 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: US-central exitnode cluster | anchor node = mishigami.cryptostorm.net | updates & "crazy shit"
Replies: 4
Views: 10256

US-central exitnode cluster: mishigami.cryptostorm.net

We have completed the transition to the newly-architected central US exitnode cluster, anchored by the new node mishigami.cryptostorm.net in Chicago. All prior HAF mappings pointing to 'chili' are now remapped at the TLD resolver to the relevant mishigami instances. Additionally, mishigami is now in...
by cryptostorm_ops
Sun Nov 30, 2014 4:30 am
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: "Advanced Alien Technology" ✨ ✨ ✨
Replies: 3
Views: 14113

"Advanced Alien Technology" ✨ ✨ ✨

{direct link: cryptostorm.org/alientech} Yes, this really happened : "With control of one’s level of encryption, even if someone were utilizing advanced alien technology, they would have a tough time if you changed your encryption settings every time you connect" alientech.png ALIEN-LEVEL...
by cryptostorm_ops
Fri Jul 18, 2014 6:11 am
Forum: general chat, suggestions, industry news
Topic: Are "Rock Solid" VPN connections ideal?
Replies: 7
Views: 8908

Are "Rock Solid" VPN connections ideal?

We just wanted to write a short note about some of the intermittence issues we are seeing with some clients. While discussing with the team, there was a very interesting point made, and it went like this: "That's a good thing!" Now, if you're a victim of occasional drop outs while you were...
by cryptostorm_ops
Thu Jul 03, 2014 10:17 pm
Forum: general chat, suggestions, industry news
Topic: XKEYSCORE source code
Replies: 8
Views: 12790

XKEYSCORE source code

Shoving a copy here just because I hate when links break. Via here: http://pastebin.com/EivN2C7G // START_DEFINITION /** * Fingerprint Tor authoritative directories enacting the directory protocol. */ fingerprint('anonymizer/tor/node/authority') = $tor_authority and ($tor_directory or preappid(/anon...
by cryptostorm_ops
Thu Jun 12, 2014 6:27 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: New Montreal Server - "Maple" - In Beta
Replies: 7
Views: 9621

New Montreal Server - "Maple" - In Beta

note : folks seeking the most current client configuration files need not wade through this entire discussion thread! The current versions are always posted in a separate, dedicated thread , and will be continuously updated there. Continue reading this thread if you're curious about the details of ...
by cryptostorm_ops
Tue Apr 29, 2014 5:48 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 120238

routers & routing

I wanted to step in and provide some clarification on the functionality of routers (or "residential gateways," which is the au courant nomenclature for residential routers in some locales). You say that: "they ash for local IP/DNS, my router tunnels them to a foreign one... Unless you...
by cryptostorm_ops
Wed Apr 23, 2014 5:21 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 120238

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Well, I've done my best - along with several colleagues - to explain the relevant distinctions in modeling threats related to the heartbleed vulnerability. Others have explained the upgrade path put in place to cycle all server-side certificate material which, in an abundance of caution, is a step b...
by cryptostorm_ops
Fri Apr 18, 2014 4:37 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 120238

details matter; boring... but still true

This is becoming something of a tedious exercise in repetition of the same point over and over. And, unfortunately, some of the press reporting linked to in your post does an excellent job of confusing two related - but quite distinct - issues. I will once again explain the core distinction, and bey...
by cryptostorm_ops
Wed Apr 16, 2014 7:38 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 120238

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

A condensed reply to a number of questions raised: 1. We deploy very few custom-coded components in our security model - this is not for lack of motivation on our part, but rather because bespoke cryptography is a catastrophically wrong-headed approach to security. When we refer to things such as &q...
by cryptostorm_ops
Mon Apr 14, 2014 5:37 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 120238

cryptostorm's Post-Heartbleed Certificate Upgrade Trajector

The purpose of this post is to provide a roadmap for cryptostorm's response to certain security implications relating to the recently-disclosed heartbleed vulnerability. As has been discussed elsewhere, our proactive deployment of DHE-based PFS capability has insulated our membership from any retroa...
by cryptostorm_ops
Sun Apr 13, 2014 8:58 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: URGENT: The Heartbleed Bug
Replies: 37
Views: 44981

Re: URGENT: The Heartbleed Bug

Sorry we didn't get a solid answer in here sooner. Basically once we did the patch we felt pretty good about the whole thing and went out for a beer. :P Here's the gist of what you should know about the VPN side of the biz: We run DHE so there are no long-term "keys" being used in the actu...
by cryptostorm_ops
Tue Apr 08, 2014 6:33 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: URGENT: The Heartbleed Bug
Replies: 37
Views: 44981

URGENT: The Heartbleed Bug

via http://heartbleed.com/ The Heartbleed Bug The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides...
by cryptostorm_ops
Mon Mar 03, 2014 6:47 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: CLOSED: aleph tokens ~ unlimited duration batch
Replies: 34
Views: 42127

invites sent

Invites sent via email. Purchase page enabled... but not being posted publicly until the waitlist has been cleared.

This has been really interesting, technologically. Forced us to stretch our model when it comes to tokens & their temporal behaviours. Useful.

~ cryptostorm_ops
by cryptostorm_ops
Fri Feb 21, 2014 6:20 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: zero tolerance policy implemented
Replies: 23
Views: 37561

Re: cryptostorm: zero tolerance policy implemented

sigdkiqf.jpg speeds are great, download is better than other day, but would have excepted faster download with these speeds. not sure how this helps, but I will test again when I'm not in peak hours. montreal 70.38.46.224 way better than other day. tested again, different time of the day, still in ...
by cryptostorm_ops
Fri Feb 21, 2014 6:13 pm
Forum: member support & tech assistance
Topic: version control: non-widget Windows conf's, most current?
Replies: 22
Views: 15019

Re: Are these latest raw windows config version

Thanks for bringing these into one place, ss - it's pretty clear they need some version control TLC and assuming the underlying connection parameters are stable at this point, I'll be happy to take the framework and synthesize formalised, version-congruent versions for all of the production clusters...
by cryptostorm_ops
Fri Feb 21, 2014 6:03 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Kali Linux distro | ONGOING
Replies: 11
Views: 17568

HOWTO: Kali Linux distro | ONGOING

This thread is a repository for findings related to the work several network members have put into producing successful cryptostorm network connections from Kali workstations. That's nontrivial, as the distro doesn't ship with OpenVPN support in the kernel (no Tap driver integration), and has a some...
by cryptostorm_ops
Tue Feb 18, 2014 7:59 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm exitnode clusters: listing+requests+roadmap
Replies: 93
Views: 85981

Re: poll: where to add new exitnode clusters?

Update: we've just leased a nice little dedicated machine in the US as a starting footprint for our cluster over there - and are in negotiations on some serious additional hardware with a specialist premium-network provisioner, which likely will take a bit longer to complete and spin up. But the dec...
by cryptostorm_ops
Mon Feb 10, 2014 3:17 pm
Forum: general chat, suggestions, industry news
Topic: optimising torrenting performance on cryptostorm: discussion
Replies: 68
Views: 87737

Re: optimising torrenting performance on cryptostorm: discus

I've no idea what you Internet setup is, but generally with asymmetric xDSL type connections maximising the download speed will affect the upload speed; something to do with allocated spectrum. Going by the speeds you were quoting, can I assume you are on a DOCSIS (cable) connection? Can you normal...
by cryptostorm_ops
Mon Feb 10, 2014 3:58 am
Forum: member support & tech assistance
Topic: Issue Accessing Sony Online Entertainment
Replies: 4
Views: 5417

Re: Issue Accessing Sony Online Entertainment

Trying to access Sony Online Entertainment from the VPN connection results in a hanging browser, which eventually times out. Accessing the same URI from outside of the VPN network has no issues. It's not a DNS issue, because I also tried specifying the IP address, with the same result. I've also ju...
by cryptostorm_ops
Sat Feb 08, 2014 6:45 pm
Forum: general chat, suggestions, industry news
Topic: optimising torrenting performance on cryptostorm: discussion
Replies: 68
Views: 87737

Re: optimising torrenting performance on cryptostorm: discus

Try enabling PeX, btw... PEXIEEEp2p.pdf Understanding Peer Exchange in BitTorrent Systems Author(s) Di Wu ; Sun Yat-Sen Univ., Guangzhou, China ; Dhungel, P. ; Xiaojun Hei ; Chao Zhang Peer Exchange (PEX), in which peers directly exchange with each other lists of active peers in the torrent, has bee...
by cryptostorm_ops
Sat Feb 08, 2014 3:00 pm
Forum: general chat, suggestions, industry news
Topic: optimising torrenting performance on cryptostorm: discussion
Replies: 68
Views: 87737

Re: optimising torrenting performance on cryptostorm: discus

What happens, for both reported examples so far, when you punch up the cap you've got on maximum upload slots globally? One thing that's much harder to do through a decoupled/NATted infrastructure is the sort of heuristic best-performing-peer tricks that will allow direct connects to choose (for exa...
by cryptostorm_ops
Sat Feb 08, 2014 12:50 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: performance-tuning high-capacity cryptostorm sessions
Replies: 6
Views: 10018

version 1.6 kernel session parameters (sysctl)

This is the latest version (1.6) of the production sysctl parameters being tested in the Montreal cluster, as of this morning. Note that it is deployed only on one test node, to enable A/B performance monitoring. We've been looking closely at all the available data to see how we can best optimize th...
by cryptostorm_ops
Tue Feb 04, 2014 8:19 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: performance-tuning high-capacity cryptostorm sessions
Replies: 6
Views: 10018

Re: performance-tuning high-capacity cryptostorm sessions

Another thing I frequently see is technically unsophisticated VPN review articles that report test results for networks. Actually, I don't think I've ever seen a VPN review test done that is at all useful in tracking actual network performance. What I have seen is some companies that pick settings f...
by cryptostorm_ops
Tue Feb 04, 2014 7:47 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: performance-tuning high-capacity cryptostorm sessions
Replies: 6
Views: 10018

performance-tuning high-capacity cryptostorm sessions

Our ops team has been, in recent weeks, doing some intensive work server-side in support of maximizing the broadest range of high-bandwidth network use-case scenarios. This is an ongoing process, as network dynamics are essentially an emergent phenomenon at the level of topological modification we'v...
by cryptostorm_ops
Tue Jan 28, 2014 10:15 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: non-widget Windows config file beta testing
Replies: 42
Views: 33991

Re: cryptostorm: non-widget Windows config file beta testing

I've taken the liberty of splitting the original post into a dedicated thread, to facilitate beta results. We have just posted the first (and second) iterations of non-widget Windows GUI configuration file, in the canonical configuration reference post at conf.cryptostorm.org (at the bottom of the p...
by cryptostorm_ops
Mon Jan 27, 2014 6:50 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

full deployment of "raw" 1.3 client framework

Please note that all of the client configuration files for Linux/"raw" connections have now been upgraded to 1.3 versioning. This includes both cluster-specific connection profiles, as well as the locked/dynamic network-wide meta-profiles. They have been, per standard, posted to the canoni...
by cryptostorm_ops
Mon Jan 27, 2014 6:41 pm
Forum: member support & tech assistance
Topic: Linux/Tunnelblick connect snags | RESOLVED (via 1.3 conf's)
Replies: 31
Views: 19691

1.3 upgrade complete

Please note that all of the client configuration files for Linux/"raw" connections have now been upgraded to 1.3 versioning. This includes both cluster-specific connection profiles, as well as the locked/dynamic network-wide meta-profiles. They have been, per standard, posted to the canoni...
by cryptostorm_ops
Fri Jan 24, 2014 6:26 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: TCP-based cstorm sessions, & "port striping" techniques
Replies: 6
Views: 10507

TLDs & protocol hardening

- There seems to be a problem with remote-random with Cryptostorm Widget. NU and PW domain names aren't yet available which seems to hang the widget at point of no return. (Or variable network conditions, domain blocking) Still yet to continue checking that. We've added the cryptostorm.nu subhost m...
by cryptostorm_ops
Wed Jan 22, 2014 8:26 pm
Forum: member support & tech assistance
Topic: Linux/Tunnelblick connect snags | RESOLVED (via 1.3 conf's)
Replies: 31
Views: 19691

Linux 1.3 Frankfurt conf now available

We've just released the 1.3 "raw"/Linux connection profile and concomitant server-side updates for the Frankfurt exitnode cluster. They have been posted up via the usual conf.cryptostorm.org location, and we are also posting a copy here for ease of access. As we have the Icelandic cluster ...
by cryptostorm_ops
Wed Jan 22, 2014 3:22 pm
Forum: member support & tech assistance
Topic: Asus router w/ Asuswrt-Merlin build: conf? | RESOLVED
Replies: 17
Views: 16576

merlin success

small update: After the creation of password.txt with my hashed token in the first line and copying to /tmp/password.txt and editing the Custom Configuration with auth-user-pass /tmp/password.txt and the new remote cluster-iceland.cstorm.pw adress it works. I think it s a problem if you do not ente...
by cryptostorm_ops
Tue Jan 21, 2014 9:33 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: server-side configuration publication
Replies: 19
Views: 20816

1.3 server-side config proposal

The below-cited server-side configuration has been deployed within the Icelandic exitnode cluster as a proposed template for Linux-specific connections across the network. It is posted here for review and member/community feedback, as per standard cryptostorm procedures: # cryptostorm_server_raw ver...
by cryptostorm_ops
Tue Jan 21, 2014 9:22 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: Icelandic exitnode cluster now in production
Replies: 2
Views: 5758

Linux/"raw" Icelandic support now in production (1.3)

After extensive testing and upstream route optimization, we now provide Linux/"raw" connection support within our Icelandic dedicated exitnode cluster. This support increments forward to configuration version 1.3, so please note that simply editing earlier configuration files to change the...
by cryptostorm_ops
Tue Jan 21, 2014 1:06 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: TCP-based cstorm sessions, & "port striping" techniques
Replies: 6
Views: 10507

TCP-based cstorm sessions, & "port striping" techniques

note : this is an old post, & the config settings in it are not valid currently ! However, with the deployment of our "port striping" framework (more on that shortly), this subject is now both relevant and much more interesting. As such, we're bumping this thread back up, & keepin...
by cryptostorm_ops
Sun Jan 12, 2014 6:03 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: server-side configuration publication
Replies: 19
Views: 20816

cryptostorm 1.2 Windows-specific server.conf

Here is the corresponding 1.2 version of the server-side configuration for Windows-specific network sessions: # cryptostorm_server version 1.2 config - widget framework # supports & tested for Windows-compiled network access widget # discussion & details in http://serverconf.cryptostorm.org ...
by cryptostorm_ops
Sun Jan 12, 2014 5:46 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

Re: cryptostorm: client config discussions, bugs, requests,

Ran some DNS checks, the .nu domain had either not propagated or has not been updated. In addition, it looks like one of the .net ones was overloked: raw-montreal.cryptostorm.nu ***MISSING*** windows-montreal.cryptostorm.nu ***MISSING*** windows-iceland.cryptostorm.nu ***MISSING*** Excellent work o...
by cryptostorm_ops
Sun Jan 12, 2014 2:53 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

cryptostorm client config 1.2 - Frankfurt

We have tested and confirmed functionality for the following "raw"/Linux client configuration file, which is intended for dedicated connections to the Frankfurt exitnode cluster: If you see any unexpected or anomalous behaviors when using this config, please post a note here so that we can...
by cryptostorm_ops
Sun Jan 12, 2014 2:49 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

windows-frankfurt-cryptostorm.net

Congrats on all the work behind the scenes! I would like to mention that I had no internet response when using "windows-frankfurt.cryptostorm.net". I switched to the Iceland one and all was swell... Thanks for the bug report - we did find an erroneous A record mapping that had been propag...
by cryptostorm_ops
Wed Jan 08, 2014 4:50 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: HOWTO: manual editing of widget exitnode preferences
Replies: 13
Views: 16351

windows-{clusterID}.cryptostorm.net hostname mappings

EDIT: The network kept on rediscovering every couple of minutes. Even after discovery was complete, I had no active internet access (browser, email etc...). I followed the above instructions, making sure to Run as Administrator and logged off before making .conf adjustment. You've jumped ahead of o...
by cryptostorm_ops
Wed Jan 08, 2014 4:38 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

Iceland 1.2

Yesterday I tried the Iceland node and it constantly reconnected every 2 minutes or so. What client/OS are you using for those connections? The current mapping has been essentially *nix-specific, on an interim basis. We are in the midst of deploying OS-specific bindings in Iceland right now, in ord...
by cryptostorm_ops
Wed Jan 08, 2014 2:37 am
Forum: general chat, suggestions, industry news
Topic: Default PRNGs in standard OpenSSL compiles
Replies: 0
Views: 8508

Default PRNGs in standard OpenSSL compiles

Saw this come across the screen a while back, and wonder whether it's sound advice to patch & recompile as the poster suggests... Date: Sat, 14 Dec 2013 04:33:31 -0800 From: coderman <coderman@gmail.com> To: cpunks <cypherpunks@cpunks.org>, Full Disclosure <full-disclosure@lists.grok.org.uk> Sub...
by cryptostorm_ops
Mon Jan 06, 2014 9:22 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

Re: cryptostorm: client config discussions, bugs, requests,

the other 4, dynamic1_1 frankfurt1_1 locked1_1 montreal1_1 get these warning when connected, without access to net That's correct - the other four conf files are being forked to Windows & "raw" dedicated daemons on each exitnode, which should be done shortly once testing of the IP map...
by cryptostorm_ops
Mon Jan 06, 2014 6:32 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

cryptostorm_client_iceland1_2.conf

We have incremented our client-side configuration to version 1.2, as we implement forked configuration options for OS/ecosystem flavours. This is the first 1.2-class configuration file presented for public use and validation, and is specific to our new Icelandic exitnode cluster . It is intended for...
by cryptostorm_ops
Mon Jan 06, 2014 6:26 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: server-side configuration publication
Replies: 19
Views: 20816

cryptostorm server config 1.2 - Iceland

Here is the 1.2 build of our server-side "raw" configuration file, for public review and auditing. There are, as usual, a number of small bugfixes, parameter tweaks, and performance-tuning adjustments. Those curious regarding specific parameter choices are encouraged to post queries and fe...
by cryptostorm_ops
Mon Dec 30, 2013 4:33 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

cryptostorm_client_locked1_1f.conf

Here's the guts of the 1.1(f) version of the client config family; we're posting it here for review by folks who are helping to refine this generation of the settings. Note that server-side conf has been substantively updated over the weekend, so if you've tested config settings previously they may ...
by cryptostorm_ops
Mon Dec 30, 2013 2:40 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: server-side configuration publication
Replies: 19
Views: 20816

cryptostorm_server1_1d.conf

We have released and are in process of deploying across all exitnodes a new build of our server-side configuration file: cryptostorm_server1_1d.conf . There are a number of small bugfixes in this version, as well as stubs for some leakblock-specific enhancements that are making their way into produc...
by cryptostorm_ops
Mon Dec 30, 2013 2:09 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

Re: cryptostorm: config & parameter settings (client & serve

We've been testing configs and config deployments all weekend long, and are now complete with the server-side updates. I'll be posting up the new rev client configs this morning, as we deploy the necessary tweaks to the server-side parameters to support both the new adjustments and, as far as is pos...
by cryptostorm_ops
Mon Dec 30, 2013 4:09 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: CAPTCHAs for guest posting & registration | CLOSED
Replies: 7
Views: 9437

Re: CAPTCHAs for guest posting in forum: ideas to improve

We're currently testing out the NuCaptcha tool to manage the spambots, both for guest posting and new forum registrations. It seems to be effective so far, but we're interested in any feedback from visitors who have interacted with the new tool.

Thank you,

~ cryptostorm_ops
by cryptostorm_ops
Sat Dec 21, 2013 6:15 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm exitnode clusters: listing+requests+roadmap
Replies: 93
Views: 85981

Re: cryptostorm exitnode clusters: listing+requests+roadmap

We have just posted release candidate version 1.1 of the client configuration files, which allow for exitnode & cluster selection as well as enhanced failover/redundancy against DNS-based filtering attacks, & round-robin stochastic connection selection capabilities. The files are available h...
by cryptostorm_ops
Sat Dec 21, 2013 6:09 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

Version 1.1(a) client config files

We've just completed a major overhaul of our exitnode/cluster nomenclature, hostname mappings, and loadbalancing framework. One of the results is a fork of the client configuration file into four separate files, depending on which exitnode connection logic members prefer. Briefly... 1. locked 2. dyn...
by cryptostorm_ops
Sat Dec 21, 2013 1:41 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm connections from Linux | DEPRECATED
Replies: 20
Views: 19388

Re: HOWTO: cryptostorm network connections from Linux

Here's the quote from the newly-revised page on OpenVPN installation for Linux : Notes on old apt/yum repositories The current incarnation of OpenVPN apt repositories is the third one. The first repositories were hosted on build.openvpn.net and the second ones on repos.openvpn.net, a now discontinue...
by cryptostorm_ops
Fri Dec 20, 2013 8:10 am
Forum: general chat, suggestions, industry news
Topic: optimising torrenting performance on cryptostorm: discussion
Replies: 68
Views: 87737

Re: Torrents?

caustic386 wrote:forward to trying it out once the 70.x.x.x issue is resolved.


Resolved.
by cryptostorm_ops
Mon Dec 09, 2013 1:36 pm
Forum: member support & tech assistance
Topic: error connecting: Windows OpenVPN package | RESOLVED
Replies: 2
Views: 3056

Re: error connecting: Windows OpenVPN package

We're marking this thread as "resolved," as it appears to have been settled during recent upgrades to the Montreal exitnode cluster.

Thank you,

~ cryptostorm_ops
by cryptostorm_ops
Mon Dec 09, 2013 1:33 pm
Forum: member support & tech assistance
Topic: constantly reconnecting | RESOLVED
Replies: 25
Views: 17515

Re: constantly reconnecting

We're marking this thread as "resolved," as it appears to have been settled during recent upgrades to the Montreal exitnode cluster and concomitant work done on the auth system more broadly.

Thank you,

~ cryptostorm_ops
by cryptostorm_ops
Mon Dec 09, 2013 1:30 pm
Forum: member support & tech assistance
Topic: issue with IPs in 70.38.*.* subnet? | RESOLVED
Replies: 12
Views: 9946

Re: issue with IPs in 70.38.*.* subnet?

We're marking this thread as "resolved," as it appears to have been settled during recent upgrades to the Montreal exitnode cluster.

Thank you,

~ cryptostorm_ops
by cryptostorm_ops
Mon Dec 09, 2013 1:12 pm
Forum: member support & tech assistance
Topic: Specific website access issues? Report 'em here!
Replies: 8
Views: 6566

Re: issues resolving/routing to 1stpharmacy.us

It appears that recent network upgrades have resolved any reported issues regarding access to sites including: http://1stpharmacy.us http://warez-bb.org Additionally, TLS/SSL load issues relating to session-intensive cites such as the following seem to have been substantially decreased, and/or resol...
by cryptostorm_ops
Mon Dec 09, 2013 8:51 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: HOWTO: choosing exitnode clusters
Replies: 7
Views: 9308

Re: HOWTO: choosing exitnode clusters

We've also got direct connections to one of our secondary Montréal nodes enabled, as of this morning, and we'd love to know how test connects run to it without using the loadbalancer. The direct connection is run via: remote exitnode-bruno.cryptostorm.net 443 In general, it's better to use exitnode-...
by cryptostorm_ops
Sat Dec 07, 2013 8:14 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

client config, 0.9d

Here's an interim update to the client configuration file; it'll be formally announced as 1.0 soon, and posted to the main website, but for folks who would like to have the tweaks sooner here you go. Nothing major has been changed, just a few minor bugfixes that we'll document formally during the 1....
by cryptostorm_ops
Thu Dec 05, 2013 3:38 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm exitnode clusters: listing+requests+roadmap
Replies: 93
Views: 85981

Montréal exitnode cluster upgrade

This morning, we completed a major capacity addition to our Montréal exitnode cluster. The new machine has been cycled into our loadbalancer as the primary connect point, with existing capacity deprecated to fallback status. Cryptostorm members don't have to make any changes to have the transition t...
by cryptostorm_ops
Mon Dec 02, 2013 8:06 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: server-side configuration publication
Replies: 19
Views: 20816

cryptostorm_server0.9c.conf

We've made a number of small edits to the current server.conf settings, which have now been bundled together into a newly-numbered release. Attached is this revision, which is the current production instance on both our Montreal cluster and the German cluster awaiting production rollout: daemon loca...
by cryptostorm_ops
Mon Dec 02, 2013 5:55 am
Forum: member support & tech assistance
Topic: connected but not connected to vpn | RESOLVED (?)
Replies: 17
Views: 12890

Re: connected but not connected to vpn

3rd time, just lost connection, but it shows connected, vpnetmon thinks it's still connected so utorrent isn't killed and keeps on running. after about a minute it popped up disconnected and is just trying to reconnect What's happening from the cryptostorm side of things is that sessions are gettin...
by cryptostorm_ops
Mon Dec 02, 2013 5:31 am
Forum: member support & tech assistance
Topic: connected but not connected to vpn | RESOLVED (?)
Replies: 17
Views: 12890

Re: connected but not connected to vpn

This is likely an error thrown from your session: (04:22:16 PM) df: Sun Dec 1 19:14:27 2013 us=175077 192.92.208.179:4093 MULTI: bad source address from client [192.168.1.104], packet dropped What sort of "port forwarding" are you referring to, in your router setup? edited to add : it appe...
by cryptostorm_ops
Sun Dec 01, 2013 1:09 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: source code - cryptostorm widget, version 0.91(w)
Replies: 7
Views: 11970

Re: source code - cryptostorm widget, version 0.91(w)

Had a good question come across the transom: why the tar archive, above, and not just a direct .exe of the installer? The forum here doesn't like .exe attachments, and while we could bully it into being ok with that, it seems a bit needless. If you don't want to bother de-archiving after download, t...
by cryptostorm_ops
Sun Nov 24, 2013 3:22 am
Forum: member support & tech assistance
Topic: constantly reconnecting | RESOLVED
Replies: 25
Views: 17515

Re: constantly reconnecting

The tech ops team is looking at this reconnection issue currently. It does appear that a selection of members are having an issue related to premature reset of DHCP credentials. It's somewhat tricky as this is not universal and thus debugging has been slower than usual. Additionally, we are testing ...
by cryptostorm_ops
Thu Nov 21, 2013 7:56 pm
Forum: member support & tech assistance
Topic: Weekend network tuning, some bugs, etc. | RESOLVED
Replies: 7
Views: 6844

Re: Weekend network tuning, some bugs, etc.

There's a thread here somewhere discussing Windows route additions/teardowns & route metric parameterization. It's a really important issue, and one that's in active development as part of the Windows-compile widget roadmap of future functionality. Basically, we're moving towards taking full con...
by cryptostorm_ops
Wed Nov 20, 2013 1:54 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: client config for cryptostorm: general discussion & bughunt
Replies: 57
Views: 62331

Re: cryptostorm: config & parameter settings (client & serve

I am not exactly sure how to pull this off but I would love if there was a way to highlight all changes to the client and server configuration compared to the previous version. This is something we're keen to support, and is one of the notable weaknesses of our current "post it to a forum thre...
by cryptostorm_ops
Wed Nov 20, 2013 1:39 pm
Forum: member support & tech assistance
Topic: DD-WRT: Dropped VPN connection + Resloving bugs
Replies: 7
Views: 5277

Re: DD-WRT: Dropped VPN connection + Resloving bugs

We default to verbosity 0 for client config for basic security: fewer logs mean that in the event of an endpoint security breach client-side, there's less forensic data with which an attacker can make ex post facto network correlations. Somewhat of an unlikely scenario, but its probability is not ze...

Go to advanced search

cron
Nothing to display.

Login