Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Search found 376 matches

by df
Sat Aug 13, 2016 4:02 am
Forum: member support & tech assistance
Topic: IP exposed with Dnsleaktest.com and ipleak.net
Replies: 3
Views: 4450

Re: IP exposed with Dnsleaktest.com and ipleak.net

Is your real IP showing on dnsleaktest.com's first page, or is your ISP DNS showing after clicking the "Standard test" or "Extended test" button? You said: append these "script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf" to the be...
by df
Fri Jun 24, 2016 12:25 pm
Forum: member support & tech assistance
Topic: Just Voodoo, o.k., Just Voodoo. [[ Ubuntu / Debian / otros distros ]]
Replies: 1
Views: 3757

Re: Just Voodoo, o.k., Just Voodoo. [[ Ubuntu / Debian / otros distros ]]

Hola ABIS. Derp, I completely forgot there were OpenVPN config files in that repo. They're outdated so I'll remove them now. The latest voodoo configs are at https://github.com/cryptostorm/cryptostorm_client_configuration_files/tree/master/voodoo 1) There's currently no cryptofree voodoo option. 2) ...
by df
Fri Jun 24, 2016 4:29 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

I'm pretty sure my Inno Setup pascal code for the installer was incorrect. It wasn't actually removing some of the cached files it needed to remove in order to update from a previous v3 install, so some of my fixes weren't getting to systems that already had an older v3 installed. That code is funct...
by df
Tue Jun 14, 2016 9:29 am
Forum: member support & tech assistance
Topic: Get more IPs?
Replies: 1
Views: 3612

Re: Get more IPs?

The only time we ever get any additional IPs is whenever we add new servers. Our goal isn't to obtain as many different IPs as possible since there are very few reasons a client would require that outside of abuse. We could do the same thing every other provider does and buy a bunch of cheap VPSes s...
by df
Tue Jun 14, 2016 9:17 am
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: iOS Connection Guide
Replies: 44
Views: 52837

Re: HOWTO: iOS Connection Guide

scottb: i don't have an iOS devices to test with, but my guess would be that you imported the HTML version of the page. I.e., https://github.com/cryptostorm/cryptostorm_client_configuration_files/blob/master/mac/cstorm_Dynamic.ovpn the page you should be importing is the one in raw format from: http...
by df
Sun Jun 05, 2016 11:14 am
Forum: member support & tech assistance
Topic: Error downloading nodelist
Replies: 1
Views: 2920

Re: Error downloading nodelist

The widget uses cryptostorm.nu/nodelist.txt , not crypostorm.nu/nodelist.txt
Also, it access that URL automatically.
There's no reason for a Widget user to visit cryptostorm.nu/nodelist.txt manually.
by df
Wed May 25, 2016 12:40 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

Thanks to @microsol (on IRC here) for pointing out a bug in the openvpn/openssl version checking code. Turns out the code that did those checks were in a section of code that only runs if the splash screen is enabled. So disabling the splash screen would cause the message: "You are using OpenVP...
by df
Tue May 24, 2016 10:21 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

@JTD121 The latest build is at https://b.unni.es/cryptostorm_setup.exe , but to avoid confusion I've also put the latest build up at https://b.unni.es/setup.exe (where the pre-alpha build was) since nobody should have been using the pre-alpha one to begin with. If the hashes listed above match the o...
by df
Sun May 22, 2016 11:40 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

@JTD121 That error was from the pre-alpha v3 (the installer was named "setup.exe"). It should be fixed in the current one (installer named "cryptostorm_setup.exe"). It's possible that installing the current v3 didn't correctly overwrite the existing pre-alpha v3, or at least some...
by df
Sat May 21, 2016 3:42 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

@wwee That's incorrect. The type of DNS leak protection they're talking about only applies AFTER you connect to the VPN server. DNS hijacking and all the other DNS security issues still apply to pre-connect DNS queries, which is where DNSCrypt comes in. @Guest Yes, you can use obfsproxy on linux. Th...
by df
Thu May 19, 2016 11:35 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

ALRIGHTY! I think I've finally gotten v3 to a point that I can consider it a proper beta. That means I now need people to test it out and tell me all the horrible ways it breaks your system :-) Most of the features in it were listed above in the original post (DNSCrypt, in-tunnel updates, yadayada)....
by df
Tue May 10, 2016 11:33 am
Forum: general chat, suggestions, industry news
Topic: Get the password of any WiFi network
Replies: 8
Views: 15927

Re: Get the password of any WiFi network

That's accurate. You *could* use a spoon to open a volt. You *could* use windows to pwn some wifi crap. Though the first would electrocute you, the latter would be a waste of time for anything but the most retarded wireless networks (WEP, or WPA/2 with a really simple dictionary/default key, or Reav...
by df
Sat May 07, 2016 9:13 am
Forum: member support & tech assistance
Topic: cryptostorm dns fucked ?
Replies: 12
Views: 20793

Re: cryptostorm dns fucked ?

In the near future this will be an optional service, but we're still trying to decide on the most efficient way to implement the choice. At the very least, it will require us to purchase additional IPs to host non-TrackerSmacker DeepDNS servers, unless we can figure out a way to allow users to remot...
by df
Sat May 07, 2016 8:32 am
Forum: member support & tech assistance
Topic: cryptostorm dns fucked ?
Replies: 12
Views: 20793

Re: cryptostorm dns fucked ?

The purpose of this feature is to help retain privacy/anonymity. The few sites that are being blocked are known to use invasive/malicious methods to track your activity. For example, if you visit one of the blocked sites while not on CS, they could be saving a cookie on your computer that contains y...
by df
Mon May 02, 2016 5:42 am
Forum: member support & tech assistance
Topic: cryptostorm dns fucked ?
Replies: 12
Views: 20793

Re: cryptostorm dns fucked ?

Emailing me with the domain/hostname usually does the trick :-)
(or just tell me it here)
by df
Sun May 01, 2016 6:49 pm
Forum: member support & tech assistance
Topic: cryptostorm dns fucked ?
Replies: 12
Views: 20793

Re: cryptostorm dns fucked ?

That's a result of our new server-side ad/tracker blocking system known as TrackerSmacker. tldr; It uses https://github.com/StevenBlack/hosts to determine which hosts to block. In the words of Steven Black, we're using 0.0.0.0 instead of 127.0.0.1 because "Using 0.0.0.0 is faster because you do...
by df
Fri Apr 29, 2016 12:27 am
Forum: member support & tech assistance
Topic: new user wondering how secure it is to resolve .onion using cryptostorm
Replies: 2
Views: 4591

Re: new user wondering how secure it is to resolve .onion using cryptostorm

@paritboy Yep, that's pretty much how it works. Not much documentation on it aside from the deepdns stuff @ https://github.com/cryptostorm/cstorm_deepDNS . The resolution is done server-side then it's sent to the Tor instance running on that server. Doing it this way means easier .onion access, plus...
by df
Fri Apr 29, 2016 12:14 am
Forum: member support & tech assistance
Topic: Authentication failed with newly created hash
Replies: 2
Views: 4042

Re: Authentication failed with newly created hash

email me at df@cryptostorm.is with your token or token hash, I'll check the token against our side.
by df
Fri Apr 29, 2016 12:12 am
Forum: member support & tech assistance
Topic: What's happened to PJ ?
Replies: 28
Views: 21490

Re: What's happened to PJ ?

Also, I went ahead and ordered a new secondary Switzerland node because you torrent monkeys have been hitting that one up pretty hard. That should balance things out enough that nobody will have anymore speed problems during the busy hours. Oh and I've ordered a new node in Oslo, Norway, for no rea...
by df
Mon Apr 25, 2016 3:23 pm
Forum: member support & tech assistance
Topic: What's happened to PJ ?
Replies: 28
Views: 21490

Re: What's happened to PJ ?

Voodoo options are pretty much "If we think it looks like a cool exitnode and it's not insanely expensive", it gets thrown into the pot.
by df
Mon Apr 25, 2016 9:04 am
Forum: member support & tech assistance
Topic: What's happened to PJ ?
Replies: 28
Views: 21490

Re: What's happened to PJ ?

df here, just noticed this thread so thought I might as well comment on some of what was said: (yea, yea, I know. I don't visit the forum often enough.) Question is: what will be the future of Crypto VPN? CS will continue regardless of whatever happens to PJ. You know PJ has basically nothing at all...
by df
Sun Apr 24, 2016 5:28 pm
Forum: general chat, suggestions, industry news
Topic: Get the password of any WiFi network
Replies: 8
Views: 15927

Re: Get the password of any WiFi network

Post deleted, user banned. And of course that was a trojan: "This software can flawlessly find and decrypt the password of any WiFi network around you". It makes fantastic claims without any kind of technical details on how the software works. Plus the user signed up yesterday and this is ...
by df
Thu Apr 07, 2016 9:29 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

EDIT: updating this post's hashes since setup.exe is now the same thing as the newer cryptostorm_setup.exe md5: 272e60f6b59950638c6fd6f3262b1659 sha1: 37b332d50f6deddbcdd4fb7efabef20ad9745c17 sha256: 0cf5df38be0ade6517b934a9da12d7aa2ea548e44389af5877f24fadd41aab0b sha512: e48a89463033c785e59939ef5a0...
by df
Thu Apr 07, 2016 8:28 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: voodoo.network: topological & routing discussions
Replies: 9
Views: 14232

Re: voodoo.network: alpha token batch, official release

@privangle
Yea, similar to Tor relay chains.
And yes, VPNs can be attacked. Anything online can be attacked (and probably is being attacked), and a lot of offline stuff too.

Voodoo is something the CS-team invented, but it does use existing networking technologies, just in an unusual way :-)
by df
Thu Mar 31, 2016 5:43 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

sysfu: that's one of the reasons v3 should be considered pre-alpha, it's not finished yet. That message is referring to the dnscrypt-resolvers.csv file, which is updated when you connect, but not all servers have been configured yet for the internal server that will have those files.
by df
Wed Mar 30, 2016 1:52 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Linux/RAW IP reference chart
Replies: 13
Views: 28880

Re: Linux/RAW IP reference chart

I realize this is an old thread, which is why I'm going to lock it so nobody else can post here just to avoid confusion (I'll also add a note to the top of this thread). anony: The most up to date configs are always at https://github.com/cryptostorm/cryptostorm_client_configuration_files/ which can ...
by df
Thu Mar 17, 2016 7:50 pm
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

Monica: hop onto London, no TS there.

Also, (hehe) v4 CS, all internet is filtered. You can't connect to anything, nothing can connect to you.
It's the ultimate security! ;-D

The next best thing is throwing your pc and router out the window (aka, microsoft DoS protection) ;-D
by df
Thu Mar 17, 2016 7:08 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

@LoveTheStorm it's not a concern. I was half-joking with the possibility of non-CS IPs being disclosed. Even if I did go forward with the plan mentioned in the post you're referring to, I can ensure you that I would never allow any client IP, CS or otherwise to be embedded in anything that would res...
by df
Thu Mar 17, 2016 6:37 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

Guest: df knows what he's doing with regards to input validation. ;) For those that don't know, input validation is what is sounds like, validating expected input. It is the basis for all vulnerabilities. All vulnerabilities are technically forms of lack-of input validation. df tends to solve this p...
by df
Thu Mar 17, 2016 3:11 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

Actually, if I can figure out a half-decent (super-easy) way to do the opt-out thing, then I might just reverse the effect. What I mean by that is, make TS non-default, as in the client has to specify something in his config in order for it to activate. For widget users, I would set this to default,...
by df
Thu Mar 17, 2016 3:08 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

Either one, anything that tries to resolve that. But yea, post-connect. If you did it preconnect then your real IP would be in a temporary iptables rule, and I doubt any cs member would like that. Non-cs members using deepdns would also have their real ip in a rule (if they know to do that to disabl...
by df
Thu Mar 17, 2016 3:04 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

It'd work the same for all OSes. You resolve nots.cryptostorm.is, DeepDNS picks this up either via pdns-recursor or curvedns (tho the latter would require src-edits), and it would trigger a server-side script that runs some iptables commands that forwards further DNS requests from the same client IP...
by df
Thu Mar 17, 2016 2:24 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

The idea behind the nots.cryptostorm.is resolving thing would work on every node too :-P

And remember, just as important as easy-for-client is easy-for-df ;-P
by df
Thu Mar 17, 2016 2:06 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

I'm still trying to figure out the easiest way for clients to opt-out of this feature completely. Not sure if it's even possible as this is a system-wide (/etc/hosts) method and relies on the pdns-recursor used in DeepDNS which doesn't have any type of conditional functions ( lua-config-file / lua-d...
by df
Wed Mar 16, 2016 6:09 pm
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

Raka74: I'm not seeing that problem when using Chrome. Granted, I don't speak Dutch, but there's enough English on there to guess which sections are the one's you're talking about.
by df
Wed Mar 16, 2016 4:41 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

https://newsletter.askleo.com/what-is-c ... weber-com/ - it sounds like an actual click tracker, but not one of the evil ones (the kind that do hidden/malicious tracking). So I'll add that too.
by df
Wed Mar 16, 2016 4:04 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 165479

Re: TrackerSmacker: adware/crapware-blocking done right

dist.nuget.org canonical name = db16.wpc.azureedge.net. db16.wpc.azureedge.net canonical name = cs1.wpc.v0cdn.net. Name: cs1.wpc.v0cdn.net Address: 0.0.0.0 Looks like cs1.wpc.v0cdn.net is in the blacklist due to some trackyness (probably by something besides nuget.org). Added it to the whitelist, sh...
by df
Mon Feb 29, 2016 1:42 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Can't connect to your favorite node? look here
Replies: 14
Views: 25245

Re: Can't connect to your favorite node? look here

Guest: I just removed the rules that caused the current snort alerts, a lot of them were clearly false positives (only 2 or 3 looked like legitimate attacks).

try apt-get now.
by df
Sat Feb 27, 2016 2:07 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

The option worked fine in my widget tests, but I noticed that even when it's enabled win8.1 will still leak IPv6 DNS since there's really no way to turn that off without something like those .dll's (which I haven't tested yet).
by df
Fri Feb 26, 2016 11:51 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

from that github page - "Functionality of this plugin is integrated into OpenVPN 2.3.9, just use --block-outside-dns". v3 will use the latest OpenVPN and block-outside-dns :-P in my tests it seemed to be working, but i haven't yet tested v3 on win10. if it's still leaking, i'll throw that ...
by df
Fri Feb 05, 2016 12:11 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本
Replies: 37
Views: 56811

Re: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本

@timusan I thought PJ posted somewhere here on the forum some time last year whenever the Japanese node went down. Guess not :/ The Japan node was purchased via OneProvider, who bought it from a DC in Japan (I forget which one). As with any other node, the DC receives DMCA (or whatever) notices, the...
by df
Fri Feb 05, 2016 11:53 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: voodoo.network: topological & routing discussions
Replies: 9
Views: 14232

Re: voodoo.network: alpha token batch, official release

@privangle The lifetime token is called an "aleph". In this forum post PJ was calling the first voodoo tokens "alpha" as in "the first ones". Yea, that is confusing. Poor choice of terms I guess :-P Anywho, the only documentation on "voodoo" is what you find o...
by df
Fri Jan 29, 2016 11:48 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

Re: widget v3

Yea, windows only. I might port it to linux/mac when i'm done tho.
by df
Fri Jan 29, 2016 9:13 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 204
Views: 641663

widget v3

Just to ensure everyone that I (df) didn't fall off the face of the earth, I wanted to give everyone an update on what's coming in v3 of the widget. I wanted to be done with this version on the 1st of 2016, but I kept adding features and fixing new & old bugs etc. that I had to push the release ...
by df
Fri Nov 27, 2015 10:14 pm
Forum: member support & tech assistance
Topic: more open ports to help bypass simple firewalls
Replies: 8
Views: 28416

Re: more open ports to help bypass simple firewalls

mart-e: That's one of the many reasons CS doesn't allow that kind of port forwarding.
So no, CS isn't affected :-)
by df
Mon Nov 23, 2015 11:55 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: LOCKED: voodoo.network: alpha token batch
Replies: 27
Views: 171720

Re: voodoo.network: alpha token batch, official release

DudeOfLondon: At the moment the exit IP isn't chosen randomly. The current server list is @ https://github.com/cryptostorm/voodoo.network
by df
Fri Nov 06, 2015 2:09 pm
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree howto Ubuntu
Replies: 11
Views: 44826

Re: cryptofree howto Ubuntu

Also, IPv6 leaks have been reported in Linux while using Cryptofree. So a good idea would be to disable that by adding to /etc/sysctl.conf: net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 then running the command `sysctl -p`, or by using ip...
by df
Sun Oct 25, 2015 1:23 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: LOCKED: voodoo.network: alpha token batch
Replies: 27
Views: 171720

Re: voodoo.network: alpha token batch, official release

The win .sa IP seems functional to me, but the linux one is acting up. Locally (on the VPS), I can reach the internet using the linux instance IP, but the internet can't reach it unless the connection was related to the outgoing reqeuest. Almost as if .gov.sa or the .sa VPS provider did: iptables -A...
by df
Sat Oct 17, 2015 5:42 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: LOCKED: voodoo.network: alpha token batch
Replies: 27
Views: 171720

Re: voodoo.network: alpha token batch, official release

heh, I've got a hyperv (that's M$) one in Saudi Arabia now. It's @ 5.154.191.28 win, 5.154.191.29 raw if anyone is bored. Just keep in mind that this is a Saudi Arabia exit node, so stuff like porn sites etc. are blocked by the internet.gov.sa entity. I got it mainly just to see how easy it was to b...
by df
Sat Oct 10, 2015 9:04 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: LOCKED: voodoo.network: alpha token batch
Replies: 27
Views: 171720

Re: voodoo.network: alpha token batch, official release

As far as I can tell, the exit VPS needs to be KVM because it requires the ip_gre kernel module. With OpenVZ (probably Xen too, haven't tested) you would need to be able to install the kernel module and setup the GRE tunnel interface on the host (or whatever it's called), which is not likely to happ...
by df
Fri Oct 09, 2015 5:03 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: LOCKED: voodoo.network: alpha token batch
Replies: 27
Views: 171720

Re: voodoo.network: alpha token batch, official release

Not really, as it's easier for someone to just hop on tor after connecting to CS, if they want to. Also tor's way too slow. The production level voodoo nodes will be much faster than they currently are, so speeds will be better than tor :-)
by df
Wed Oct 07, 2015 11:25 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: LOCKED: voodoo.network: alpha token batch
Replies: 27
Views: 171720

Re: voodoo.network: alpha token batch, official release

The speeds are pretty awful at the moment, maybe even worse than tor. But I suspect that's mainly to do with the horrible speeds of the two test VPSes in Indonesia and Serbia and their distance (and lack of relation in uplinks/IXs to the core). Also because we haven't done much perf tuning yet at th...
by df
Tue Oct 06, 2015 7:46 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: voodoo.network: topological & routing discussions
Replies: 9
Views: 14232

Re: voodoo.network: alpha token batch, official release

Because of the way the GRE tunnel is setup, it allows the core to use the voodoo node's IP as the exit IP. Pretty sure it's a form of spoofing, but hey, it works :-P EDIT: It's similar to http://wiki.buyvm.net/doku.php/gre_tunnel, although that setup is designed to protect a server from DDoS by usin...
by df
Tue Oct 06, 2015 1:06 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: voodoo.network: topological & routing discussions
Replies: 9
Views: 14232

Re: voodoo.network: alpha token batch, official release

Still working on it, but it seems stable enough that we'll probably take it out of the testing phase soon. And FYI, the path is actually: User->Core->Voodoo->Core->Internet->Core->Voodoo->Core->User->Taco Bell. Okay maybe I made up that last one.. The whole point of this is to get users more exit IP...
by df
Wed Sep 09, 2015 11:54 pm
Forum: member support & tech assistance
Topic: Narwhal 2.22 windows resizing bug
Replies: 1
Views: 5889

Re: Narwhal 2.22 windows resizing bug

Ah, I vaguely remember there being a subversion of v2.22 that had that bug.
I fixed the bug, but didn't update the version number (cause I'm lazy :P).

Try uninstalling the widget then grabbing a fresh copy from https://cryptostorm.nu/setup.exe or wherever it is on the forum here.
by df
Fri Sep 04, 2015 4:04 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Good times w/ DMCA monkeys & katstorm.faith (et al.)
Replies: 8
Views: 274591

Re: Good times with DMCA monkeys & https://katstorm.party

No, that service was running on a different server that's now also dead and has since been replaced.
Also I forgot about that service..
Lemme throw it up somewhere else... aaand done.
by df
Fri Sep 04, 2015 1:03 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Good times w/ DMCA monkeys & katstorm.faith (et al.)
Replies: 8
Views: 274591

Good times w/ DMCA monkeys & katstorm.faith (et al.)

{direct link: cryptostorm.org/katandmouse + cryptostorm.org/katstorm } BLAH BLAH NEW UPDATED SUPER-UPDATE : So there's been quite a bit of back-and-forth, and we got a bit lazy about keeping this thread updated. Here's the tl;dr... 1. we currently have katstorm.faith working properly via a... cleve...
by df
Sat Aug 29, 2015 5:49 am
Forum: general chat, suggestions, industry news
Topic: Sorry for the disconnect ppl, you'll thank me later :-P
Replies: 10
Views: 14769

Re: Sorry for the disconnect ppl, you'll thank me later :-P

Yet Another Update: After talking with pj & graze, I was reminded that the mongo auth() "bug" is indeed a feature. It was a fix implemented by graze very early on when CS first started. The problem was that in the OpenVPN source, the file src/openvpn/misc.h uses the code: # define USER...
by df
Fri Aug 28, 2015 5:39 pm
Forum: general chat, suggestions, industry news
Topic: Sorry for the disconnect ppl, you'll thank me later :-P
Replies: 10
Views: 14769

Re: Sorry for the disconnect ppl, you'll thank me later :-P

Sorry for all the auth fails everyone. Also the IP cryptostorm.is was on was temporarily down due to some abuse complaint nonsense through LeaseWeb. cryptostorm.is is back up on the original IP, and the auth fails should be fixed now. Problem was that when adding the input validations to auth.sh, it...
by df
Fri Aug 28, 2015 10:13 am
Forum: general chat, suggestions, industry news
Topic: Sorry for the disconnect ppl, you'll thank me later :-P
Replies: 10
Views: 14769

Sorry for the disconnect ppl, you'll thank me later :-P

I was adding a small feature to the OpenVPN instances server-side, and I noticed a possible vulnerability in something near what I was editing, then ended up playing with it for the past couple of hours to see if it was really vulnerable... As some of you already know, server-side, our OpenVPN confi...
by df
Wed Aug 19, 2015 1:49 am
Forum: general chat, suggestions, industry news
Topic: IPMagnet f*** up
Replies: 2
Views: 7809

Re: IPMagnet f*** up

Yea that was me. I used a perl script that dynamically adds the GA code to all html/php responses, so I don't have to bother doing it manually. Source code for that perl script is now up @ https://cryptostorm.is/GA.txt and I just modified it so that it excludes the torrentip URL, so no more ads ther...
by df
Mon Aug 03, 2015 6:39 am
Forum: crypto, VPN & security news
Topic: [The Register] VPNs are so insecure you might as well wear a KICK ME sign
Replies: 7
Views: 18771

Re: [The Register] VPNs are so insecure you might as well wear a KICK ME sign

by parityboy » Sun Jul 05, 2015 5:16 am @marzametal Maybe. I think the tardiness in moving to IPv6 is rooted in commercial interest, Of course it is :-P There's been some innovations in IPv4 subnetting that make IPv6 not as necessary as it once was, but it's still a problem for public facing network...
by df
Sun Aug 02, 2015 10:34 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Forum instability of late
Replies: 4
Views: 16002

Re: Forum instability of late

We could put it in a jail/chroot, but the cPanel problems will continue.
Better to just move it off onto a proper VM.
by df
Sun Aug 02, 2015 9:10 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Forum instability of late
Replies: 4
Views: 16002

Forum instability of late

Just wanted to reassure everyone that the recent SQL errors some people have noticed on the forum is NOT an attack against the website. The error: Table ‘phpbb_sessions’ is marked as crashed and should be repaired Is caused by a change cPanel made to the MySQL database structure when we moved everyt...
by df
Thu Jul 09, 2015 2:54 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本
Replies: 37
Views: 56811

Re: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本

Err, 124.35.151.85 is a DNS server (DeepDNS), not an exit node. When you connect to the Tokyo exit node, our OpenVPN server tells your OpenVPN client to use the DNS server 124.35.151.85. So if your system isn't using that DNS server, it might be a good idea to set it manually maybe via /etc/resolv.c...
by df
Thu Jul 09, 2015 2:18 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本
Replies: 37
Views: 56811

Re: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本

Main reason to use the DeepDNS IP of the node you're on (for Tokyo, that would be 124.35.151.85) is that without it, you won't have transparent .i2p/.onion/.p2p/.bit/etc. access. Also, some OSes ignore the DeepDNS IP that gets pushed to the client from OpenVPN, which might cause DNS leaks. I haven't...
by df
Thu Jul 09, 2015 2:08 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本
Replies: 37
Views: 56811

Re: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本

All fixed. firewalld was fighting with iptables on the Tokyo node. Killed/removed/disemboweled firewalld, so it's happy again.
by df
Thu Jun 11, 2015 11:55 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Redundancy in website, email, & IRC infrastructure (etc.)
Replies: 10
Views: 26319

Re: Iceland went down last night, back up now

We haven't noticed any problems with Montreal. Frankfurt's ISP hasn't mentioned any downtime in the links that control our VPN node, and they're pretty good at notifying all customers about every little hiccup going through the server (even for links that have nothing to do with our server). As for ...
by df
Thu Jun 04, 2015 3:20 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Redundancy in website, email, & IRC infrastructure (etc.)
Replies: 10
Views: 26319

Redundancy in website, email, & IRC infrastructure (etc.)

[i]{merged several related threads into one, for ease of access ~admin}[/i] Our server in Iceland that hosts this forum and cryptostorm.is went down last night, as did the server hosting the Iceland exit node. The remote logs showed no sign of any intrusions or attempts, and after a lengthy email co...
by df
Thu Jun 04, 2015 3:01 am
Forum: member support & tech assistance
Topic: Getting connection timeout
Replies: 17
Views: 14230

Re: Getting connection timeout

You should try adding to your OpenVPN client config file: verb 8 log-append /var/log/openvpn.log (replace /var/log/openvpn.log with wherever you want your openvpn logs to go). And to other people here asking about older versions: It's true, cryptostorm will not work with older OpenVPN/OpenSSL versio...
by df
Wed May 20, 2015 12:04 pm
Forum: member support & tech assistance
Topic: more open ports to help bypass simple firewalls
Replies: 8
Views: 28416

Re: more open ports to help bypass simple firewalls

? Previous post says it works on all the nodes now, not just cryptofree.

Go to advanced search

Nothing to display.

Login