Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Search found 389 matches

by df
Fri Nov 30, 2018 7:04 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

yea. the configs normally have 4 "remote" lines, like in Balancer_UDP.ovpn it would have: remote balancer.cstorm.is 443 udp remote balancer.cstorm.net 443 udp remote balancer.cryptostorm.ch 443 udp remote balancer.cryptostorm.pw 443 udp delete all but one, and change the hostname to whoami...
by df
Fri Nov 30, 2018 6:24 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

So with 1.1.1.1 the only thing in your resolv.conf, you get cannot resolve errors with OpenVPN? heh, I've got an idea. change the remote lines in the OpenVPN config so that you're connecting to the hostname whoami.cryptostorm.is it'll fail, but it'll tell you what DNS is actually being used at the t...
by df
Fri Nov 30, 2018 5:35 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

"I uninstalled in the package manager", but did you install using that "VPN Manager" shortcut that runs /usr/bin/vpn-manager.sh? That thing was buggy as hell, I run it just ffs and selected PIA, it got stuck in a loop. Anyways, how are you running OpenVPN? Just a plain `openvpn -...
by df
Fri Nov 30, 2018 4:21 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

I just tested with a clean Reborn OS install, it resolves it fine. Are you sure when you uninstalled that killswitch it really was uninstalled?
Could be some iptables rules leftover blocking the DNS, or maybe something else you did changed the cryptostorm OpenVPN config?
by df
Fri Nov 30, 2018 4:04 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

yea, that's cloudflare alright... and when you do `host sweden.cstorm.is` does it return 27 IPs?
by df
Fri Nov 30, 2018 2:43 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

try it without the 1.1.1.1
by df
Fri Nov 30, 2018 1:33 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

Both the `host` command and OpenVPN use the DNS settings that are in /etc/resolv.conf Can't think of any reason why `host` would work but openvpn wouldn't... But check that file anyways to see what's in it. If it's got 'nameserver 127.0.1.1' then you're probably using a local dnsmasq server, which i...
by df
Thu Nov 29, 2018 5:08 pm
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

when you do `host sweden.cryptostorm.ch` does it resolve?
by df
Tue Nov 27, 2018 3:54 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: voodoo.network: topological & routing discussions
Replies: 9
Views: 15837

Re: voodoo.network: alpha token batch, official release

@privangle
Yea, similar to Tor relay chains.
And yes, VPNs can be attacked. Anything online can be attacked (and probably is being attacked), and a lot of offline stuff too.

Voodoo is something the CS-team invented, but it does use existing networking technologies, just in an unusual way :-)
by df
Mon Nov 26, 2018 1:31 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

Sun Nov 25 14:10:49 2018 us=888128 RESOLVE: Cannot resolve host address: sweden.cryptostorm.ch:5062 (System error) Sun Nov 25 14:10:54 2018 us=890652 RESOLVE: Cannot resolve host address: sweden.cryptostorm.ch:5062 (System error) Sun Nov 25 14:10:59 2018 us=893612 RESOLVE: Cannot resolve host addres...
by df
Wed Nov 21, 2018 4:19 am
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 11061

Re: Probs with new configs in Ubuntu

@deadbeef I dunno if it's true on Buster, but I have seen some other distros do this weird thing where the openssl they install is one version, but the shared libraries used by programs like openvpn is another. If `openssl version` says 1.1.1, but `openvpn --version` says openssl 1.0.2o, then that c...
by df
Wed Nov 21, 2018 3:28 am
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 11061

Re: Probs with new configs in Ubuntu

@deadbeef I don't think Debian or Ubuntu has OpenSSL 1.1.1 in their repos yet. Try installing OpenVPN and OpenSSL from source. As root, this should do it: cd /usr/src/ apt install -y build-essential zlib1g-dev liblz4-dev liblzo2-dev wget http://www.openssl.org/source/openssl-1.1.1.tar.gz;tar zxf ope...
by df
Sat Nov 17, 2018 6:31 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@Moonlight Try Frankfurt again. Someone else was having issues too, turns out something between their PC and the frankfurt server was mucking around with IP headers just enough to make our port striping v2 thing to not work. So I added some extra rules to check for that. If it works for you too, the...
by df
Sat Nov 17, 2018 12:10 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@Moonlight It might be that a previous widget version caused your DNS to be set to something invalid (like 127.0.0.1 even when the widget's not running). So when this version first starts, it remembers whatever DNS settings you have on launch so that it can restore that if the program crashes. If th...
by df
Fri Nov 16, 2018 2:42 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@Brucie Try rebooting your system. There's a weird TAP adapter bug outside of the scope of our widget that causes the existing adapter to go into a strange read-only state. I wasn't able to reproduce it on win7, but I did get a win10 system do end up like that. For me, after rebooting it worked corr...
by df
Fri Nov 16, 2018 6:15 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@Brucie Oh god damnit. You're right, I just tested on a Vista VM and it still did the TAP loop thing. Pretty sure I know what the problem is though. Apparently M$ thought it was a good idea to change the way simple IF statements work in batch files across different Windows versions. Either that or i...
by df
Fri Nov 16, 2018 2:39 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@Moonlight Ah, there's the damn problem. The killswitch adds the VPN IPs all in one line using netsh advfirewall, but there's a character limit in the command prompt. The VPN IPs including the balancer IPs brings the total to > 600, so it hits that character limit and that cmd spits out an error. Se...
by df
Wed Nov 14, 2018 8:41 am
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

See the updated commands @ https://cryptostorm.is/nix
Turns out on some non-Ubuntu distros NM adds the file extension '.nmconnection' for the configs in /etc/NetworkManager/system-connections/
So the commands have been updated to check for that
by df
Wed Nov 14, 2018 8:35 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@marzametal The blocking of outside DNS issue should be fixed now in the latest version that's up now. The dns proxy thing is clashing with dnscrypt-proxy because the widget is bundled with it's own dnscrypt-proxy. I renamed the one the widget comes with to cs-dnsc-p.exe so that when it checks the p...
by df
Tue Nov 13, 2018 11:04 pm
Forum: cryptofree: no-cost cryptostorm network access
Topic: Pass few days can connect with all configs windows and android but pages timeout
Replies: 3
Views: 3309

Re: Pass few days can connect with all configs windows and android but pages timeout

That was our mistake. We were adding a new feature that lets people connect to our ECC instances on ports outside of 5060, but when adding the iptables rules they accidentally got added twice on the cryptofree server.
That error has been fixed, so cryptofree should work correctly for everyone now.
by df
Sat Nov 10, 2018 9:30 pm
Forum: member support & tech assistance
Topic: ECC port 5060?
Replies: 3
Views: 8407

Re: ECC port 5060?

Yay! I was able to implement network-wide the thing I mentioned in the previous post. So now ECC is no longer restricted to port 5060. The range of ports that'll work now are: RSA UDP = 1-29999 RSA TCP = 1-5060,5063-29999 ECC UDP = 1-5060,5063-29999 ECC TCP = 1-5060,5063-29999 Ed25519 is still 5061 ...
by df
Sat Nov 10, 2018 9:21 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 8773

Re: [Exits] England Node Not Passing Any Traffic

@parityboy The Spain node was removed a while back, but I wasn't sure if the removal was going to be permanent or temporary, so temporarily I pointed the Spain DNS to Portugal. Turns out the removal was permanent, but for a few months I forgot that the Spain DNS & configs still existed. When I r...
by df
Mon Nov 05, 2018 12:27 pm
Forum: member support & tech assistance
Topic: Ubuntu > vpn connect : nm-openvpn[11295]: Exiting due to fatal error
Replies: 3
Views: 1654

Re: Ubuntu > vpn connect : nm-openvpn[11295]: Exiting due to fatal error

Yep, gotta wait until https://gitlab.gnome.org/GNOME/NetworkManager-openvpn adds support for --tls-crypt and --compress, then gotta wait for the Ubuntu repos to update to that version of NetworkManager-openvpn
by df
Mon Nov 05, 2018 12:20 pm
Forum: member support & tech assistance
Topic: The network with few opened outside ports. How2 connect to OVPN servers?
Replies: 5
Views: 2870

Re: The network with few opened outside ports. How2 connect to OVPN servers?

@Scarface See email Also, when I scan login.ovip.icq.com for those ports from an unfiltered system I see something different: 80/tcp open http 443/tcp open https 465/tcp closed smtps 3128/tcp closed squid-http 8080/tcp closed http-proxy Most likely that means your ISP is blocking ports 465 and 8080,...
by df
Wed Oct 31, 2018 1:08 pm
Forum: member support & tech assistance
Topic: tcp vs udp configs, which one?
Replies: 2
Views: 10589

Re: tcp vs udp configs, which one?

UDP is always preferred over TCP when used with OpenVPN. The reliability that TCP offers that UDP doesn't isn't relevant in this context since most of your pre-encrypted traffic will already be using TCP (WWW, email, etc.), so any retransmitting of packets or integrity checking would be done at the ...
by df
Wed Oct 31, 2018 1:01 pm
Forum: member support & tech assistance
Topic: MacOS enabling TS on all configs
Replies: 1
Views: 9616

Re: MacOS enabling TS on all configs

The command on https://cryptostorm.is/ts should work on MacOS as well. Pretty sure Mac comes with sed... sed -e's/#dhcp-option.*/dhcp-option DNS 10.31.33.7/' -i *.ovpn The command would need to be entered while you're in the same directory that has all of your .ovpn configs you downloaded from our w...
by df
Wed Oct 31, 2018 12:59 pm
Forum: member support & tech assistance
Topic: How to obfuscate VPN usage from ISP in restricted countries?
Replies: 2
Views: 3882

Re: How to obfuscate VPN usage from ISP in restricted countries?

Yep, the ECC instances use OpenVPN's --tls-crypt option, which encrypts the TLS handshake and most of the initial OpenVPN handshake packets. But our list of server IPs is public, so it wouldn't be too difficult for someone to block all of those. Most restrictive countries don't though, simply becaus...
by df
Wed Oct 31, 2018 12:51 pm
Forum: member support & tech assistance
Topic: dd-wrt configuration, can't connect
Replies: 42
Views: 16414

Re: dd-wrt configuration, can't connect

I recently helped out another customer who was having issues with DD-WRT, so I'll copy/paste the solution here if anyone else has the same problems: I loaded up DD-WRT from https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2018/10-19-2018-r37442/x86/dd-wrt_public_vga.image onto a VM so I can tes...
by df
Wed Oct 31, 2018 12:35 pm
Forum: member support & tech assistance
Topic: Problems configuring on Reborn OS (Arch Linux)
Replies: 32
Views: 10551

Re: Problems configuring on Reborn OS (Arch Linux)

In your first post, the problem is that you're issuing a multiline set of commands as a single command. If you want to do that, semi colons would need to be added in the right places, I.e.: CSTOKEN=CsTok-enGvX-F4b4a-j7CED;for conf in `ls *.ovpn|sed -e's/.ovpn//'`;do sed "/\[vpn\]/a username=$CS...
by df
Wed Oct 31, 2018 12:30 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: tunnelling cryptosorm session thru SSL tunnel
Replies: 12
Views: 38863

Re: tunnelling cryptosorm session thru SSL tunnel

@Lan That's something I'm working on at the moment, offering ECC on other ports outside of 5060. I'm pretty sure I've figured out a way to do ECC & RSA instances on the same IP both on ports 1-29999 (excluding 30000-65535 since that's reserved for port forwarding). For UDP, the iptables u32 modu...
by df
Wed Oct 31, 2018 12:20 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: The CryptoStorm Speed Test Thread
Replies: 76
Views: 143428

Re: The CryptoStorm Speed Test Thread

@blurb With the Wireguard option it probably would be, but I wouldn't trust a VPS for anything that requires a high level of security. Since it's a VM, you have no way of verifying the security of the system running the VM. Whatever security measures you do (firewall, grsecurity, FDE, strong passwor...
by df
Tue Oct 30, 2018 6:18 pm
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 7098

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

That's the one for the legacy RSA instances, so should have worked. Whatever, VyOS sounds like shit anyways. Their team clearly doesn't understand how PKI works, or they're just lazy, since they're asking for stuff that would never be used client-side. Ignoring that, it doesn't look good when instal...
by df
Mon Oct 29, 2018 6:16 pm
Forum: guides, HOWTOs & tutorials
Topic: ASUS router stock firmware OpenVPN working.
Replies: 7
Views: 14422

Re: ASUS router stock firmware OpenVPN working.

My ASUS router also runs Asuswrt-Merlin version 384.7 The HTML for the VPN settings page does indeed have a max length of 255, but if you enter anything that long it'll just revert back to whatever shorter username was previously there (if any). The solution that worked for me was to disable "U...
by df
Mon Oct 29, 2018 5:51 pm
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 7098

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

What does `cat /config/auth/openvpn/cs/ca.crt` show? Also, when those network changes went into effect Oct 8, the new RSA instances now use the same CA certificate as the ECC ones (the 521-bit curve secp521r1). That curve should work on some pretty old versions since support for it was added to Open...
by df
Mon Oct 29, 2018 9:08 am
Forum: member support & tech assistance
Topic: dd-wrt configuration, can't connect
Replies: 42
Views: 16414

Re: dd-wrt configuration, can't connect

Can't remember when exactly it was, might have been as far back as January of 2018, but these days the England server is 10gbps
by df
Sat Oct 27, 2018 8:47 am
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 8773

Re: [Exits] England Node Not Passing Any Traffic

@parityboy Could be kernel related, Portugal does still have one built in 2017. It's just odd that the new UDP RSA and legacy TCP RSA works fine, it's only legacy UDP RSA that's showing this behavior. It'also odd that everything's using the same OpenVPN/OpenSSL version and same sysctl params, and th...
by df
Fri Oct 26, 2018 4:28 pm
Forum: member support & tech assistance
Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
Replies: 6
Views: 2314

[SOLVED] Re: Port Forwarding On Legacy Nodes: Broken?

I can't telnet to it, but the port fwding rules are there: DNAT tcp -- 0.0.0.0/0 128.127.104.111 tcp dpt:45886 to:10.66.216.32:45886 DNAT udp -- 0.0.0.0/0 128.127.104.111 udp dpt:45886 to:10.66.216.32:45886 Are you sure you've got something listening on port 45886 on your system? It would need to be...
by df
Fri Oct 26, 2018 1:39 am
Forum: member support & tech assistance
Topic: New configuration files - my setup issues
Replies: 3
Views: 3808

Re: New configuration files - my setup issues

That was my bad. After the upgrade I completely forgot to update https://cryptostorm.is/whitelist , which is what cryptostorm.is/test and the thing on the main site uses. It was updated shortly after the upgrade though, so all the IPs are in there. Not sure where you're getting 2368 IPs though, mayb...
by df
Fri Oct 26, 2018 1:34 am
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 8773

Re: [Exits] England Node Not Passing Any Traffic

Ah, I see where I fucked up. Server-side, 5.101.149.6 is the legacy *nix instance and 5.101.149.7 is the legacy win/ecc instance, but in the DNS windows-england.* resolves to 5.101.149.6 and linux-england.* resolve to 5.101.149.7. So I accidentally switched the two. Just fixed that, so should be goo...
by df
Fri Oct 26, 2018 1:01 am
Forum: member support & tech assistance
Topic: Probs with new configs in Ubuntu
Replies: 28
Views: 11061

Re: Probs with new configs in Ubuntu

Error: failed to import 'Balancer_UDP.ovpn': configuration error: unsupported blob/xml element (line 120). That usually means you downloaded the HTML version of the config from Github and not the raw version. I.e., don't save the config from https://github.com/cryptostorm/cryptostorm_client_configu...
by df
Fri Oct 26, 2018 12:58 am
Forum: member support & tech assistance
Topic: [SOLVED] Port Forwarding On Legacy Nodes: Broken?
Replies: 6
Views: 2314

[SOLVED] Re: Port Forwarding On Legacy Nodes: Broken?

That's odd, they should still work. Only node that had port fwding broken is the new Hong Kong one because I forgot to put the port fwding scripts there :x Just uploaded/configured them though, so it should work there now. Can you connect to a node and let me know what node you're on, then enable po...
by df
Wed Oct 24, 2018 6:04 am
Forum: member support & tech assistance
Topic: What happened to the VOODOO Config Files + 'Master.zip' Download URL??
Replies: 1
Views: 2977

Re: What happened to the VOODOO Config Files + 'Master.zip' Download URL??

We did get rid of Voodoo simply because it was a hassle to maintain, and it was too expensive. The VPSes used were relatively cheap, but VPS bandwidth tends to be very expensive and/or limited. Back when we had an Iceland VPS, almost every month it would go over the limit, so we had to pay overage c...
by df
Thu Oct 18, 2018 6:01 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@Moonlght v3.32 should fix a DNS issue that happened whenever people had several network adapters with ambiguous names, or more than one TAP adapter, or a oddly named TAP adapter. It's possible that one of the last versions permanently changed your DNS settings even when the widget is closed, which ...
by df
Tue Oct 09, 2018 9:46 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@Moonlight See https://cryptostorm.is/new We've changed some things around, and got rid of the voodoo instances (for now). 3.30.0.217 includes all these changes though. I'd suggest trying to disable different things in the security tab to see if any of those are causing issues (the killswitch, dnscr...
by df
Tue Oct 09, 2018 1:44 am
Forum: member support & tech assistance
Topic: ECC port 5060?
Replies: 3
Views: 8407

Re: ECC port 5060?

The ECC instances and the new Ed25519 and Ed448 instances use ports 5060, 5061, and 5062. The reason for this was as parityboy said, the non-ECC instances are already using other ports. Only way for us to offer ECC on other ports would be to buy twice (or rather, 3 times) as many IP addresses as we ...
by df
Sat Sep 29, 2018 5:23 am
Forum: member support & tech assistance
Topic: [VyOS] VyOS Complains That ca.crt Is Invalid
Replies: 9
Views: 7098

Re: [VyOS] VyOS Complains That ca.crt Is Invalid

OpenVPN 2.3.4 is from 2014, but it does work with our RSA/standard instances (i.e., anything but ECC). I recently tested 2.3.2 and it works fine. But I'm confused about how your setup is supposed to work. With OpenVPN in client mode, the PKI only requires the CA certificate to be present client-side...
by df
Fri Sep 28, 2018 8:19 pm
Forum: general chat, suggestions, industry news
Topic: Come on guys, get your shit together
Replies: 10
Views: 14928

Re: Come on guys, get your shit together

@someguy All the servers are up and responding correctly: [root@onyx ~]# ./ping windows-balancer.cstorm.pw 443 UDP OpenVPN is UP on 212.129.1.241:443 and responded in 34 ms UDP OpenVPN is UP on 89.163.214.184:443 and responded in 14 ms UDP OpenVPN is UP on 108.62.5.174:443 and responded in 147 ms UD...
by df
Fri Aug 17, 2018 9:38 am
Forum: general chat, suggestions, industry news
Topic: Strange 'lifetime' VPN offers
Replies: 6
Views: 15638

Re: Strange 'lifetime' VPN offers

@DudeOfLondon There's nothing to worry about. The reason I started doing that cheap lifetime discount was mainly to apologize for not being able to provide a secondary card processor when Stripe arbitrarily suspended our account. The plan is to change the lifetime token price back to something highe...
by df
Mon Aug 13, 2018 4:34 pm
Forum: member support & tech assistance
Topic: Cryptostorm client can't connect to the darknet
Replies: 21
Views: 24752

Re: Cryptostorm client can't connect to the darknet

@Sakura I tested both on a normal browser while on a random US CS node, they both seem to be loading correctly. Could be that the second .onion didn't resolve once, so your browser or OS cached the NXDOMAIN (the DNS result you normally get from your DNS server for hostnames that don't exist). But wh...
by df
Tue Aug 07, 2018 6:48 am
Forum: member support & tech assistance
Topic: Cryptostorm client can't connect to the darknet
Replies: 21
Views: 24752

Re: Cryptostorm client can't connect to the darknet

@Sakura There were two servers that didn't have Tor running, which obviously is needed for the transparent .onion thing to work. I started Tor on both of them and checked .onion resolution, it should be good now. Also checked all the other DNS servers using the Perl script @ https://cryptostorm.is/c...
by df
Tue Aug 07, 2018 5:35 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@Sakura The CS widget uses a bundled DNScrypt-proxy to protect pre-connect DNS. If you'd prefer to use your own DNSCrypt setup, simply disable ours by going to Options -> Security and uncheck the "Enable DNSCrypt" box. If you'd like to use our DNSCrypt servers, https://raw.githubuserconten...
by df
Mon Aug 06, 2018 2:27 am
Forum: general chat, suggestions, industry news
Topic: Even if vpn doesn't log, what is preventing data centers from not logging?
Replies: 2
Views: 8305

Re: Even if vpn doesn't log, what is preventing data centers from not logging?

We try to choose data centers that are known to respect customer privacy, but without physical access to the data center we can't verify their claims (and even if they aren't logging, their upstream provider could be). That's why end to end encryption is important, even if you're using a VPN. If you...
by df
Mon Aug 06, 2018 2:11 am
Forum: stormlink - cryptostorm's secure "entry node" gateway [cryptostorm.org/stormlink]
Topic: stormlink: the "cryptostorm router" thread...
Replies: 17
Views: 109180

Re: stormlink: the "cryptostorm router" thread...

@marzametal The CS stormlink idea kinda fizzled out. Most decent routers today make it easy enough to install OpenVPN (if it's not already installed) and connect to CS, so we stopped developing ours. Plus it just didn't seem like a viable business plan because most of our customers don't want to pro...
by df
Mon Aug 06, 2018 1:55 am
Forum: member support & tech assistance
Topic: [DNS] Domains Not Resolving On Certain Exit Nodes
Replies: 17
Views: 21077

Re: [DNS] Domains Not Resolving On Certain Exit Nodes

[root@onyx ~]# host linux-useast.cryptostorm.org ;; Truncated, retrying in TCP mode. linux-useast.cryptostorm.org has address 192.158.233.221 linux-useast.cryptostorm.org has address 155.254.31.46 linux-useast.cryptostorm.org has address 192.158.232.124 linux-useast.cryptostorm.org has address 192....
by df
Sun Aug 05, 2018 11:49 am
Forum: member support & tech assistance
Topic: Cryptostorm client can't connect to the darknet
Replies: 21
Views: 24752

Re: Cryptostorm client can't connect to the darknet

Oh that's the problem. You're using port 64496. Ports 30000 and up are now reserved for our port forwarding feature. I guess I forgot to add something to the widget that forces the user to stay in ports 1-29999, I'll do that next widget build. So just tell the widget to use any other port that's 299...
by df
Sun Aug 05, 2018 1:30 am
Forum: member support & tech assistance
Topic: Cryptostorm client can't connect to the darknet
Replies: 21
Views: 24752

Re: Cryptostorm client can't connect to the darknet

@Sakura That definitely shouldn't be happening, especially the IP leak. I need more information though to help, such as which version of Windows are you using, and are you using any AV software or another VPN provider's software, and logs from the widget's window would help too. Also are you in a co...
by df
Fri Aug 03, 2018 2:50 am
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Linux connections to cryptostorm
Replies: 51
Views: 85662

Re: HOWTO: Linux connections to cryptostorm

@sottovoce I guess I could have explained things in more detail, but I was trying to go for the shortest amount of words since people tend to not read tutorials in full if it uses too many words. At the top of https://cryptostorm.is/nix - Terminal is the recommended method, because Network Manager h...
by df
Fri Aug 03, 2018 2:18 am
Forum: member support & tech assistance
Topic: [DNS] Domains Not Resolving On Certain Exit Nodes
Replies: 17
Views: 21077

Re: [DNS] Domains Not Resolving On Certain Exit Nodes

@sottovoce What error are you getting? I just checked all the UDP IPs on port 443 for USEast and they seem responsive: [root@onyx ~]# ./ping windows-useast.cstorm.pw 443 UDP OpenVPN is UP on 192.158.232.121:443 and responded in 87 ms UDP OpenVPN is UP on 192.158.233.194:443 and responded in 87 ms UD...
by df
Sun Jul 22, 2018 3:09 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

Forgot to update this thread with info on the latest build. Fixed a GUI issue some had when running Windows at a non-default scaling setting. It would cause the progress bar to overlap a little bit with the "Connect" button. In the Options window the "Block intrusive ads/trackers"...
by df
Sun Jul 15, 2018 12:39 am
Forum: general chat, suggestions, industry news
Topic: Cryptostorm goes unmentioned -- What a shame!!!
Replies: 3
Views: 9028

Re: Cryptostorm goes unmentioned -- What a shame!!!

@FoodMaven
Routers are included on https://cryptostorm.is/#section6
what.png


Not sure what you mean by "Weird place for a reply", I'm replying to a post in your thread.
That's kinda how forum communication works.
by df
Fri Jul 13, 2018 4:40 pm
Forum: general chat, suggestions, industry news
Topic: Come on guys, get your shit together
Replies: 10
Views: 14928

Re: Come on guys, get your shit together

@patrickjburt That seems to be the way things are going, people trust a VPN provider more than their ISP. Personally, I wouldn't choose PureVPN if I were to go with a non-cryptostorm VPN. Any VPN that supports PPTP clearly doesn't care about security - https://en.wikipedia.org/wiki/Point-to-Point_Tu...
by df
Thu Jul 12, 2018 4:13 pm
Forum: member support & tech assistance
Topic: https://whoer.net Request for comments
Replies: 9
Views: 15435

Re: https://whoer.net Request for comments

I don't think it's got anything to do with CS. My guess is that whoer.net populates those Zone and Local fields from a GeoIP database that doesn't have 64.42.181.0/24 listed. According to https://www.iplocation.net/ , EurekAPI doesn't have the long/lat for the IP (but it does the ISP). The other Geo...
by df
Thu Jul 12, 2018 6:27 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostormusersguidev2 <-- feedback & guidance requested
Replies: 11
Views: 149531

Re: cryptostormusersguidev2 <-- feedback & guidance requested

FYI, this guide is probably outdated since it was written in 2015.
The latest guides/tutorials are up at https://cryptostorm.is/#section6
by df
Thu Jul 12, 2018 6:03 am
Forum: general chat, suggestions, industry news
Topic: Cryptostorm goes unmentioned -- What a shame!!!
Replies: 3
Views: 9028

Re: Cryptostorm goes unmentioned -- What a shame!!!

Uh, cryptostorm doesn't leak. As parityboy explained in https://cryptostorm.org/viewtopic.php?f=32&t=9568&p=18351#p18351 , your problem was that your device was set to proxy through opera-mini.net after tunneling through cryptostorm. Connecting to a VPN won't change your browser's proxy sett...
by df
Wed Jul 11, 2018 6:01 pm
Forum: member support & tech assistance
Topic: All vpn detected as proxy
Replies: 5
Views: 10601

Re: All vpn detected as proxy

@marzametal Oh yea, voodoo nodes would probably show up as no ports open. If the scan was more thorough it would show TCP/UDP port 443 open, since on voodoo exit IPs that's the only thing open. But if you scan the entry IP for that voodoo node (the thing you connect to), it would show all ports as o...
by df
Sat Jul 07, 2018 3:20 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@RubRiches Huh, that is weird. I ran Malware bytes and my system is ok. No worries though I was able to download the new version and now I am stuck on the progress bar while connecting. This is where it is stuck: Sat Jul 07 07:52:09 2018 us=54756 [cryptostorm server] Peer Connection Initiated with [...
by df
Sat Jul 07, 2018 2:39 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@marzametal Each VPN instance uses a different 10.x.0.0/16 B-class, mostly because if I used the same B-class (or C-class) for multiple instances, two different clients might be assigned the same 10.x.x.x IP. There's a check in place to prevent that from happening per-instance, but not per-server, s...
by df
Sat Jul 07, 2018 12:30 am
Forum: member support & tech assistance
Topic: Cryptostorm client can't connect to the darknet
Replies: 21
Views: 24752

Re: Cryptostorm client can't connect to the darknet

Oops, right you are. But actually, now there's a v3.17.0.220. The latest version fixed a minor bug in 3.16.0.220 where the node selection wasn't properly saved, so on every start it kept defaulting to "Global random". Also added more informative text for when someone connects with the kill...
by df
Fri Jul 06, 2018 6:22 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

@RubRiches It's just a false positive. The CS widget installer randomly gets caught up in their database because it uses the same compression (LZ4) as some trojans. I use a local win7 VM for widget dev, and the only thing installed on it is the stuff needed for widget dev (Perl, Notepad++, etc.). I ...
by df
Thu Jul 05, 2018 6:57 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

Err, make that version 3.17.0.220. In version 3.16, a minor bug caused the widget to not remember your node selection choice when the widget starts (it kept defaulting to "Global random"). I also added some new text when DNS fails with the killswitch enabled, because some people were enabl...
by df
Wed Jul 04, 2018 3:57 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 210
Views: 742242

Re: widget v3

New version 3.16.0.220 is out, available at https://cryptostorm.is/cryptostorm_setup.exe In this version, almost all of the DNS related code was rewritten to automatically address a lot of the previous issues people were having. The widget now "pre-resolves" the host you're connecting to. ...
by df
Wed Jul 04, 2018 3:47 pm
Forum: stormphone - the "cryptostorm phone" project [cryptostorm.org/stormphone]
Topic: Android/iPhone tutorials
Replies: 0
Views: 17295

Android/iPhone tutorials

The downloads page on the main site has been updated to include tutorials for Android and iOS, as well as all the other operating systems people commonly connect to cryptostorm with:
https://cryptostorm.is/#section6

Go to advanced search

cron
Nothing to display.

Login