Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Search found 237 matches

by df
Mon Apr 17, 2017 9:25 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@justintime Just as parityboy said, Windows requires more effort to make things more secure/anonymous. It's non-trivial to run DNSCrypt along with OpenVPN while also blocking DNS, WebRTC/STUN/ICE, and IPv6 leaks in Windows. On Linux, it is trivial. Plus, most of the issues that the Windows Widget fi...
by df
Sun Apr 16, 2017 12:15 pm
Forum: member support & tech assistance
Topic: Torstorm
Replies: 12
Views: 1359

Re: Torstorm

@kapu
Don't manually set your DNS, let OpenVPN handle it.
If you're on CS but you set your DNS to an IP different than what's pushed by the server, the transparent .onion/.i2p/etc. thing won't work.
by df
Thu Apr 13, 2017 9:35 am
Forum: member support & tech assistance
Topic: Can't Authenticate On Any Node
Replies: 21
Views: 2264

Re: Can't Authenticate On Any Node

FYI, there's a new v3 widget build that includes a fix for Windows users having max session issues, it's up @ https://cryptostorm.is/cryptostorm_setup.exe and the hashes are @ https://cryptostorm.org/viewtopic.php?f=37&t=8955&p=17274#p17274 For the last two people using Linux, make sure that...
by df
Thu Apr 13, 2017 9:28 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

New widget build out, v3.0.0.71 hashes: md5: 6bf40dd09b2b7851849e5630e24f7121 sha1: 747e75eaaa623f5dcbbd6ed22430d4f5235989ee sha512: 31bb34f65c73788e7f5149c295f649ad5b6ca6b07f2d113891bf64d2007efdee648473a127ff7bb868314b4e5e2c340fc028aaa81babee3d11d402440518843f Up at the usual places, https://crypto...
by df
Wed Mar 29, 2017 3:45 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@Khariz The widget does manually set the DNS if DNSCrypt is enabled. Everything else is done via TAP, but there might be some code still in there that's leftover from before --block-outside-dns was implemented into OpenVPN, back when the widget had to do the DNS leak blocks itself. @crimghost That i...
by df
Sun Feb 26, 2017 10:23 am
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: iOS Connection Guide
Replies: 40
Views: 25984

Re: HOWTO: iOS Connection Guide

@Khariz If you've got console access, try `ping`ing or doing an `nslookup` against whatever .onion you're trying to access. The .onion should resolve to something in 10.99.0.0/16, and you could also try using whatever command-line downloader iOS uses (curl, wget, lynx, fetch, etc.) to see if that wi...
by df
Wed Feb 22, 2017 1:46 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree howto Linux: Fedora 25 OpenVPN using gnome
Replies: 1
Views: 719

Re: cryptofree howto Linux: Fedora 25 OpenVPN using gnome

@DataAllTogther I edited your post to remove the old/defunct "cryptokens.ca" host. Also edited that configs post you referred to that contained some old configs. For future reference, never use the configs on the forum. There's a lot of old posts here containing configs, and most of the po...
by df
Tue Feb 21, 2017 5:44 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: Obfsproxy and IP Modulation
Replies: 5
Views: 1702

Re: Obfsproxy and IP Modulation

@Khariz The US obfsproxy IP has been having issues (won't connect, but pingable; listening correctly on the server-side), possibly due to a firewall at the datacenter. So I just put up another obfsproxy instance on obfs-windows-romania.cstorm.pw . It's in the v3 nodelist, so just click the update bu...
by df
Mon Feb 20, 2017 5:59 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@marzametal Eh, I haven't been maintaining the previous versions though since these v3 betas were never really intended to be released, at least not until it got out of beta. So each new build is uploaded to the same place, overwriting the previous. The only way to get .66 would be if you already do...
by df
Mon Feb 20, 2017 4:08 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@bricus
I'm not sure, it was working fine on my win10 test VM.
Maybe an OpenVPN 2.4 bug that only affects certain configurations?
by df
Tue Feb 14, 2017 1:59 am
Forum: general chat, suggestions, industry news
Topic: Several suggestions to improve this service
Replies: 7
Views: 1670

Re: Several suggestions to improve this service

@dsagg Yea, "We may share information with: Law enforcement, Financial Supervision Authorities, government officials, or other third parties when: we are compelled to do so by a subpoena, court order or similar legal procedures. we need to do so to comply with law. we believe in good faith that...
by df
Fri Feb 10, 2017 8:28 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

Tested with somebody, and for whatever reason OpenVPN 2.4.0 kept crashing on them. So I just released v3.0.0.67 that's downgraded to OpenVPN 2.3.14, it'll most likely fix this issue for anyone else still having problems with v3.0.0.66. Latest v3.0.0.67 @ https://cryptostorm.is/cryptostorm_setup.exe ...
by df
Fri Feb 10, 2017 1:24 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

It sounds like people had problems with the csvpn.exe (openvpn 2.4.0) that got pushed in the last update. It worked for me on Win10, but just in case I reuploaded the same openvpn/openssl binaries/libraries that I had locally onto all the servers so that they would get pushed instead. For those stil...
by df
Tue Feb 07, 2017 3:06 pm
Forum: general chat, suggestions, industry news
Topic: Several suggestions to improve this service
Replies: 7
Views: 1670

Re: Several suggestions to improve this service

@KungFuChe Good point. Will look into alternative payment methods soon... As for the instructions, for years I've been pushing for instructions being placed on a dedicated blog/wiki, really anything that doesn't require a forum visit to get on CS. Since I'm the only CS staff member left from the ori...
by df
Tue Feb 07, 2017 10:11 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@JJ That's intended. The widget detects hibernate/suspend and disconnects the VPN since internet gets killed anyways when that happens. When the computer wakes up, the widget detects that too and will reconnect the VPN if you were connected before the hibernate. If you weren't connected to the VPN b...
by df
Sun Feb 05, 2017 11:58 pm
Forum: member support & tech assistance
Topic: Can't seem to buy tokens anywhere?
Replies: 13
Views: 1469

Re: Can't seem to buy tokens anywhere?

@Captain Blackberry Obfuscation alone is usually a bad idea when it comes to security/anonymity. Instead of selectively blocking certain scripts at certain domains, it would be a much better idea to simply disable WebRTC entirely so that if you miss something, or if someone finds some new (non-JS) w...
by df
Sun Feb 05, 2017 8:06 am
Forum: member support & tech assistance
Topic: Torstorm
Replies: 12
Views: 1359

Re: Torstorm

@JTD121
No, CS users with paid tokens will still be able to transparently access .onion sites.
The torstorm.org service was free for anyone to use, but it was unrelated to the transparent .onion access that the paid nodes provide.
by df
Sun Feb 05, 2017 2:43 am
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Linux connections to cryptostorm
Replies: 45
Views: 40276

Re: HOWTO: Linux connections to cryptostorm

@dreab_kcalb It's the same as https://dotslashnotes.wordpress.com/2013/08/05/how-to-set-up-a-vpn-private-internet-access-in-raspberry-pi/ (obviously, you would download our configs from https://github.com/cryptostorm/cryptostorm_client_configuration_files/archive/master.zip instead of using the PIA ...
by df
Sat Feb 04, 2017 8:46 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Linux connections to cryptostorm
Replies: 45
Views: 40276

Re: HOWTO: Linux connections to cryptostorm

@dreab_kcalb
Google "openvpn raspberry pi vpn start on boot", there's plenty of pages out there with step-by-step instructions, such as https://dotslashnotes.wordpress.com/201 ... -pi-linux/
by df
Sat Feb 04, 2017 9:58 am
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Linux connections to cryptostorm
Replies: 45
Views: 40276

Re: HOWTO: Linux connections to cryptostorm

@amnesia I just updated the original post with the correct links. Short version is: download the linux configs from https://github.com/cryptostorm/cryptostorm_client_configuration_files/tree/master/linux then load them into Network Manager or run them from the terminal with `openvpn --config`. P.S. ...
by df
Sat Feb 04, 2017 9:27 am
Forum: member support & tech assistance
Topic: Can't seem to buy tokens anywhere?
Replies: 13
Views: 1469

Re: Can't seem to buy tokens anywhere?

@Captain Blackberry Stripe does have an API that we could use to create our own checkout system, but even that would still require JavaScript - https://stripe.com/docs/custom-form The main reason we chose Stripe is because they're ran by more programmer types than the usual corporate/financial types...
by df
Fri Feb 03, 2017 7:24 pm
Forum: member support & tech assistance
Topic: All connections down?
Replies: 26
Views: 1601

Re: All connections down?

Oops, forgot to update this forum post. All the servers have been back up for a few hours now, and they are all responding correctly. The primary France server (and cryptostorm.nu) was down the longest, the switch behind it automatically shut down the server because of the attack, but the data cente...
by df
Fri Feb 03, 2017 2:31 pm
Forum: member support & tech assistance
Topic: Torstorm
Replies: 12
Views: 1359

Re: Torstorm

The VPS provider behind it (vstoike.ru) killed the VPS due to too many kiddie porn complaints from people finding CP on .onion's accessible via torstorm.org. I have backups though, whenever I get done with some other things, and whenever I find a VPS provider that won't instantly kill torstorm for s...
by df
Fri Feb 03, 2017 6:58 am
Forum: member support & tech assistance
Topic: All connections down?
Replies: 26
Views: 1601

Re: All connections down?

@privangle Yea, the attack appears to be over now, but the primary France server is still down because the data center there suspended it. Talking with them now to try to get them to bring it back up. Also, we do need a better system in place to let users know about new nodes. In Windows, widget use...
by df
Thu Feb 02, 2017 5:09 pm
Forum: member support & tech assistance
Topic: All connections down?
Replies: 26
Views: 1601

Re: All connections down?

There's a pretty heavy DDoS going on right now against almost all of the servers, including cryptostorm.nu. Oddly enough, this website and the main one weren't part of the attack. The web chat connects to the IRC server on cryptostorm.is (port 6697 for ssl, 6667 for plain), and that's still accessib...
by df
Tue Jan 31, 2017 4:59 am
Forum: member support & tech assistance
Topic: Can't seem to buy tokens anywhere?
Replies: 13
Views: 1469

Re: Can't seem to buy tokens anywhere?

Stripe's fraud prevention will sometimes mark an order as "escalated risk" if it comes from a VPN IP, but that only applies to CC orders. They don't have any fraud prevention for Bitcoin orders. Also, I have the fraud settings configured to only block orders when the "risk" is at...
by df
Mon Jan 30, 2017 1:11 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@Guest404 Probably not very soon, I'm still working on the widget for Windows. But I do plan on starting a Linux widget after v3 is officially released, which shouldn't be long now. When I do begin the Linux widget, I'll probably just start from the Windows widget's code and begin hacking off a big ...
by df
Sun Jan 29, 2017 5:49 am
Forum: member support & tech assistance
Topic: Can't seem to buy tokens anywhere?
Replies: 13
Views: 1469

Re: Can't seem to buy tokens anywhere?

I just did a test order, Stripe works fine in Firefox, and in my previous tests all the other modern browsers were good with it too. Most likely your issue is that you either have Javascript disabled, or you're also blocking https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.js (our Stripe ch...
by df
Fri Jan 20, 2017 9:22 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@JJ It looks like dnscrypt is running correctly. I guess try doing the same thing the widget would do (from cmd): nslookup windows-balancer.cstorm.pw 127.0.0.1 That'll lookup the first windows balancer against dnscrypt. But as Khariz said, you could just disable dnscrypt since you're not facing any ...
by df
Fri Jan 20, 2017 6:58 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@JJ It could also be that something else (an AV maybe?) is closing dnscrypt-proxy.exe for whatever reason. Either that or dnscrypt-proxy is spitting out an unexpected error. A way to test would be to open up a cmd prompt as Administrator and run: "C:\Program Files (x86)\Cryptostorm Client\bin\d...
by df
Thu Jan 19, 2017 3:23 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@JJ The only thing I can think of that would cause that is if something else is already listening on 127.0.0.1:53 (such as a local DNS server/proxy/cache). Currently, the widget doesn't check to make sure port 53 is available on 127.0.0.1. I'll add that to the next build, so if something is using th...
by df
Wed Dec 28, 2016 3:41 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@JJ Old and new widget work fine in my tests. Most likely your DNS settings were changed somehow, you'll need to restore them to their default settings in order to be able to resolve stuff again. https://www.opennicproject.org/configure-your-dns/how-to-change-dns-servers-in-windows-7/ and other site...
by df
Thu Dec 15, 2016 6:07 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

btw, latest is v3.0.0.64 - https://cryptostorm.is/cryptostorm_setup.exe (or https://b.unni.es/cryptostorm_setup.exe ) hashes - md5: 542751249fae327375413932c84115b4 cryptostorm_setup.exe sha512: 8c18afd7b55e7d13806eb36754fad55725230ca6af76b85c2068afa94da7c679d5096eb620896198d181e718f736c634003467ca1...
by df
Thu Dec 15, 2016 2:43 am
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: iOS Connection Guide
Replies: 40
Views: 25984

Re: HOWTO: iOS Connection Guide

@Dink Nope, registration isn't required to download stuff off of GitHub. The easiest method is probably to download the master.zip file @ https://github.com/cryptostorm/cryptostorm_client_configuration_files/archive/master.zip Save that somewhere, unzip it, and import the configs from the 'mac' dir ...
by df
Sat Dec 03, 2016 2:09 am
Forum: member support & tech assistance
Topic: New servers
Replies: 4
Views: 1481

Re: New servers

Read the last paragraph (or just read all) of my post @ https://cryptostorm.org/viewtopic.php?f=37&t=6332&p=16668#p16668
The post was specifically referring to the new Russian node, but the same could be said for any other server.
by df
Fri Dec 02, 2016 10:48 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: "No logging" - doing it right, cryptostorm-style
Replies: 1
Views: 11229

Re: "No logging" - doing it right, cryptostorm-style

This is a response to https://twitter.com/QuaereBuccaneer/status/804478736368336897 and I didn't feel like limiting myself to 140 characters. For those of you avoiding Twitter, his question was related to our new Russian node: "@cryptostorm_is how are you working with the new laws in Russia req...
by df
Fri Dec 02, 2016 3:52 am
Forum: general chat, suggestions, industry news
Topic: FOR SALE: Aleph Token
Replies: 4
Views: 1800

Re: FOR SALE: Aleph Token

64493162.jpg
64493162.jpg (35.75 KiB) Viewed 1789 times

EDIT:
Also, we no longer offer @cryptostorm.is email addresses to aleph owners.
by df
Sat Nov 12, 2016 7:17 pm
Forum: general chat, suggestions, industry news
Topic: Correlation Attacks
Replies: 3
Views: 1517

Re: Correlation Attacks

If an attacker can hack into a server (such as a website) that the target/client is known to access, then the attacker would be able to see any data the client sends to that server, provided the attacker already knows that the target is a Cryptostorm member, and which exit node the target likes to u...
by df
Thu Oct 27, 2016 10:13 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Linux connections to cryptostorm
Replies: 45
Views: 40276

Re: HOWTO: Linux connections to cryptostorm

@GG82.

That's correct, replacing "auth-user-pass" in your config with "auth-user-pass whatever" will stop openvpn from prompting you for the user/pass and instead look in the file 'whatever'. It can be named anything, so long as you set the filename in the auth-user-pass line.
by df
Mon Oct 03, 2016 10:46 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

not very technology literate and new to the world of vpn. using win xp sp3 currently using sexynarwhal2_22 - no major issues apart from occasional crashing while running with standard node (but rare). installed beta version of 24 may 2016 (after having uninstalled sexynarwhal2_22 and deleting cs an...
by df
Sun Sep 18, 2016 9:29 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree howto Ubuntu
Replies: 11
Views: 29657

Re: cryptofree howto Ubuntu

@Aleksander1979 See the note at the top of this page: "Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ" "Github" is a link to https://github.com/cryptostorm/cryptostorm_client_configuration_files where there is a "cryptofree"...
by df
Sat Sep 17, 2016 3:44 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@marzametal yep, [root@b html]# md5sum cryptostorm_setup.exe 2570e4a6a1a020a5c9114b9e55e197d7 cryptostorm_setup.exe [root@b html]# sha1sum cryptostorm_setup.exe bb230429d53363a81b010af2ee58ee154cee5ff0 cryptostorm_setup.exe [root@b html]# sha256sum cryptostorm_setup.exe 0f8594a3714c9639668ed62995f56...
by df
Sun Sep 11, 2016 7:49 am
Forum: member support & tech assistance
Topic: DNS Leak Test Failing
Replies: 20
Views: 4013

Re: DNS Leak Test Failing

@phonky That doesn't make any sense... Your config has in it: down /etc/openvpn/update-resolv-conf but the error: Options error: --down script fails with '/etc/openvpn/update-resolv-confclient': No such file or directory means that it's trying to execute /etc/openvpn/update-resolv-confclient, which ...
by df
Sun Sep 11, 2016 7:42 am
Forum: member support & tech assistance
Topic: Can't Authenticate On Any Node
Replies: 21
Views: 2264

Re: Can't Authenticate On Any Node

@afmcronnie
Verify your token at https://cryptostorm.nu/
If you're still having problems, email support@cryptostorm.is
by df
Sat Sep 10, 2016 11:48 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

well don't keep using the debug version, that black window will get annoying after a while :-p

the updated GUI version is @ https://b.unni.es/cryptostorm_setup.exe and includes the same fix that was in the debug version. just has the msdos window removed now.
by df
Sat Sep 10, 2016 11:30 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

Well if you already have a netsh.exe in c:\windows\system32\ then there's probably no reason to download the one I found... The only reason I can think of for the widget not to be able to find the netsh on your system is if some other program has modified the %PATH% environment variable so that it d...
by df
Sat Sep 10, 2016 11:18 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

That's very odd... I didn't know there was a Windows version > XP that didn't include the "netsh" program... In my initial tests of the early v3 I was using a win8.1 system, and it had a netsh.exe (in c:\windows\system32\). If netsh.exe is really missing from your system, then your DNS wil...
by df
Sat Sep 10, 2016 10:54 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

okay, now we're getting somewhere... it looks like a read/write error is occurring before the GUI gets created, which shouldn't ever happen. I just added some code so prevent g_grid_remove from accessing the GUI unless it exists, so re-download https://b.unni.es/cryptostorm_setup-debug.exe and let's...
by df
Sat Sep 10, 2016 10:30 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@superstyle Try installing this debug version of the widget - https://b.unni.es/cryptostorm_setup-debug.exe It's the same as the latest build, but unlike the normal GUI-only program it was compiled to be a console program. Let me know if the black msdos window that pops up shows any data, or if clie...
by df
Sat Sep 10, 2016 9:54 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

lol, whoops. I included my aleph hash in the last 2 builds.
updated the build not to include that, and deactivated the hash.
so no free aleph for anyone :-p
by df
Sat Sep 10, 2016 9:43 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@superstyle I just finished compiling build version 3.0.0.48, which includes a dnscrypt-proxy related bugfix, but is also probably unrelated to your issue. Did you try uninstalling the widget? It might help to verify that the files were really uninstalled by checking the "c:\Program Files (x86)...
by df
Sat Sep 10, 2016 9:03 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

Err, make that 3.0.0.47. Forgot a .dll that ossl.exe needed.

@superstyle
Do you have any AV programs running, or other VPN software installed?
by df
Sat Sep 10, 2016 8:50 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@superstyle I just updated the build again (to 3.0.0.46), but I didn't see anything that might cause a crash in client.exe on initial startup. After saving your token somewhere (if you need to), try completely uninstalling the current widget you have by running: "c:\Program Files (x86)\Cryptost...
by df
Sat Sep 10, 2016 7:41 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 146
Views: 93356

Re: widget v3

@superstyle That error was fixed several sub-versions ago. Make sure you're using the latest v3 beta from https://b.unni.es/cryptostorm_setup.exe The current version is still listed as "3.00" in the program, but the actual build version is "3.0.0.44". You can view the build versi...
by df
Tue Sep 06, 2016 3:30 pm
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: deepDNS: seamless Tor .onion site access, via cryptostorm
Replies: 20
Views: 47700

Re: deepDNS: seamless Tor .onion site access, via cryptostorm

@vixsomnis I'm not sure how accurate that forum thread/post is since it was written in 2014, but I'm pretty sure it's referring to our torstorm service provided via https://torstorm.org/ , which is a different thing than our transparent .onion access we provide to VPN clients. Torstorm is a free ser...
by df
Tue Sep 06, 2016 11:55 am
Forum: member support & tech assistance
Topic: DNS Leak Test Failing
Replies: 20
Views: 4013

Re: DNS Leak Test Failing

@phonky Looks like there's no OpenVPN data in your syslog, just NetworkManager data. Change the "verb" line in your config file to "verb 5" or "verb 6" for more verbosity in the logs, and you also might need to add the directive "log-append /var/log/openvpn.log&quo...
by df
Sun Sep 04, 2016 5:52 am
Forum: member support & tech assistance
Topic: Can't Authenticate On Any Node
Replies: 21
Views: 2264

Re: Can't Authenticate On Any Node

@parityboy For now, I've decided to go with a simple/single master so the token database is only on one server. It would be possible to setup replication (which never worked in our Mongo setup), but that would mean the token db is on every node. Not a huge security risk, but if someone confiscated a...
by df
Sat Sep 03, 2016 11:26 pm
Forum: member support & tech assistance
Topic: Can't Authenticate On Any Node
Replies: 21
Views: 2264

Re: Can't Authenticate On Any Node

@parityboy Actually, I completed the Mongo -> MySQL migration about 3 months ago :-P This particular auth mod that went horribly wrong was to address an unlikely scenario that involves confiscation of multiple CS servers (and/or a customer's computer). Before the mod, the auth script was pretty muc...
by df
Sat Sep 03, 2016 11:27 am
Forum: member support & tech assistance
Topic: Can't Authenticate On Any Node
Replies: 21
Views: 2264

Re: Can't Authenticate On Any Node

@privangle the problem was fixed about 4 hours ago. if you're still getting auth errors, double check the token you're using and make sure https://cryptostorm.nu/ confirms that it's valid. email me at df@cryptostorm.is with your openvpn log and your token hash if you're still having problems connect...
by df
Sat Sep 03, 2016 8:00 am
Forum: member support & tech assistance
Topic: Can't Authenticate On Any Node
Replies: 21
Views: 2264

Re: Can't Authenticate On Any Node

Is anyone still getting these auth failures?
The issue should be fixed as of about half an hour ago.
by df
Sat Sep 03, 2016 7:08 am
Forum: member support & tech assistance
Topic: cryptofree ovpn config works but no connection to ANY of the "paid" nodes no matter if via UDP or TCP (details inside)
Replies: 15
Views: 9762

Re: cryptofree ovpn config works but no connection to ANY of the "paid" nodes no matter if via UDP or TCP (details insid

@privangle
try now. I was modding something in the auth script that was causing temporary auth fails for valid tokens.
should be all good now.
by df
Sat Sep 03, 2016 6:46 am
Forum: member support & tech assistance
Topic: DNS Leak Test Failing
Replies: 20
Views: 4013

Re: DNS Leak Test Failing

@phonky Does Xubuntu come with an /etc/openvpn/update-resolv-conf script? It might also be useful to change your ovpn config's "verb" line to something higher (5 or 6) so that your log gets more information. @btechgraduate2001 If I understand you correctly, you're saying that you see DNS p...
by df
Sat Sep 03, 2016 6:41 am
Forum: member support & tech assistance
Topic: DNS Leak Ubuntu
Replies: 3
Views: 1264

Re: DNS Leak Ubuntu

[root@b ~]# host public.deepdns.net public.deepdns.net has address 108.62.19.131 public.deepdns.net has address 70.32.38.67 public.deepdns.net has address 173.234.56.115 public.deepdns.net has address 104.238.194.235 public.deepdns.net has address 109.71.42.228 public.deepdns.net has address 76.164....
by df
Sun Aug 28, 2016 2:18 pm
Forum: member support & tech assistance
Topic: DNS Leak Test Failing
Replies: 20
Views: 4013

Re: DNS Leak Test Failing

From the NetworkManager.conf manpage: dns Set the DNS (resolv.conf) processing mode. default: The default if the key is not specified. NetworkManager will update resolv.conf to reflect the nameservers provided by currently active connections. dnsmasq: NetworkManager will run dnsmasq as a local cachi...
by df
Wed Aug 24, 2016 7:31 pm
Forum: member support & tech assistance
Topic: DNS Leak Test Failing
Replies: 20
Views: 4013

Re: DNS Leak Test Failing

@btechgraduate2001
No, that IP range is owned by Google:

[root@b ~]# whois 74.125.73.80|grep -E "NetName|Range"
NetRange: 74.125.0.0 - 74.125.255.255
NetName: GOOGLE

So your DNS is still set to either 8.8.8.8 or 8.8.4.4.
by df
Tue Aug 23, 2016 11:26 pm
Forum: member support & tech assistance
Topic: .onion routing broken?
Replies: 8
Views: 2838

Re: .onion routing broken?

@edifice98
Manually setting your DNS to 70.32.38.67 would only fix .onion routing if you're connected to the Dallas node.
by df
Mon Aug 22, 2016 12:59 am
Forum: member support & tech assistance
Topic: cryptofree ovpn config works but no connection to ANY of the "paid" nodes no matter if via UDP or TCP (details inside)
Replies: 15
Views: 9762

Re: cryptofree ovpn config works but no connection to ANY of the "paid" nodes no matter if via UDP or TCP (details insid

@Everyone FYI, the sha512 hash calc on the main website didn't remove spaces or tab characters, which sometimes would be included at the end of the plain token if copy/pasted from an email or webmail client. The code's been updated to automatically remove it, but some non-printable chars still might...
by df
Mon Aug 22, 2016 12:40 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree howto Windows | cryptostorm.org/cfwindows
Replies: 2
Views: 20845

Re: cryptofree howto Windows | cryptostorm.org/cfwindows

@dlmetcalf It actually points to https://cryptostorm.nu, but even then it's not as secure as we'd like it to be. So in v3 we've addressed the issue by storing setup.exe (now called cryptostorm_setup.exe) on every node, and it's only accessible from an internal HTTP server that requires you to be on ...
by df
Sun Aug 21, 2016 6:25 am
Forum: member support & tech assistance
Topic: Minimize remote attacks on Debian laptop using VPN for Internet access
Replies: 1
Views: 1711

Re: Minimize remote attacks on Debian laptop using VPN for Internet access

Install Windows 10 with Norton and you'll be good :-P Seriously though, traditional remote attacks should always be a concern, even if your laptop only gets assigned an RFC 1918 (https://en.wikipedia.org/wiki/Private_network) IP in the 10.0.0.0/8 or 192.168.0.0/16 space, as is common in most network...
by df
Sun Aug 21, 2016 4:48 am
Forum: member support & tech assistance
Topic: Accessing certain websites outside of CS
Replies: 1
Views: 988

Re: Accessing certain websites outside of CS

Unfortunately, the solutions to something like this aren't very simple. http://unix.stackexchange.com/questions/101505/route-traffic-out-different-gateway-by-destination-network has information about the type of policy routing that could be used to do this, but it's only for Linux systems (BSD could...
by df
Sun Aug 21, 2016 4:19 am
Forum: member support & tech assistance
Topic: No longer connecting using Cryptostorm 2.2 Widget
Replies: 19
Views: 11429

Re: No longer connecting using Cryptostorm 2.2 Widget

@Archon13 and @EveryoneElse I've tested tested the v3 beta widget on a clean win10 install, it worked fine for me. It's up at https://b.unni.es/cryptostorm_setup.exe Proper release should be fairly soon, just need to fix a few minor (but annoying) bugs. When it does get released, i'll update the abo...
by df
Sun Aug 21, 2016 4:10 am
Forum: member support & tech assistance
Topic: DNS Leak Ubuntu
Replies: 3
Views: 1264

Re: DNS Leak Ubuntu

You sure you added those 3 lines to the correct file(s)? I.e., are the .ovpn configs you downloaded from https://github.com/cryptostorm/cryptostorm_client_configuration_files/tree/master/linux in /etc/openvpn/? If you connect to the VPN, then execute `cat /etc/resolv.conf` and get back: # Dynamic re...
by df
Sun Aug 21, 2016 3:19 am
Forum: member support & tech assistance
Topic: .onion routing broken?
Replies: 8
Views: 2838

Re: .onion routing broken?

Works for me when I just tested two random nodes.
You sure you're using the correct deepdns IP pushed by openvpn?
If you change your DNS to something else, the .onion thing won't work.
by df
Mon Aug 15, 2016 11:00 am
Forum: member support & tech assistance
Topic: DNS Leak Test Failing
Replies: 20
Views: 4013

Re: DNS Leak Test Failing

@9218391809182 That's not a Google translate IP, it's one of the exit/end points for Google's public DNS servers 8.8.8.8 (or 8.8.4.4), which uses load balancing: [root@b ~]# echo 'nameserver 8.8.8.8' > /etc/resolv.conf [root@b ~]# host whoami.cryptostorm.is whoami.cryptostorm.is has address 74.125....
by df
Sat Aug 13, 2016 4:01 pm
Forum: member support & tech assistance
Topic: DNS Leak Test Failing
Replies: 20
Views: 4013

Re: DNS Leak Test Failing

Are you running Ubuntu or some other Debian variant? If not, it's possible that something else could be replacing /etc/resolv.conf with whatever is pushed via DHCP by your router. P.S. A cheap fix for that scenario is to put the deepdns IP for the node you're connecting to inside of /etc/resolv.conf...

Go to advanced search

Nothing to display.

Login