Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Search found 256 matches

by df
Sun Oct 05, 2014 2:46 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree.me: pre-launch brainstorming & roadmap | CLOSED
Replies: 33
Views: 47191

Re: cryptofree.me - alpha announcement

I couldn't see any way this would work by doing the capping from the widget's side. As someone said above, that would only work on Windows. Since the widget is basically just a front-end to OpenVPN, it wouldn't be hard to just use OpenVPN manually to bypass it. Plus doing anything like that client-s...
by df
Tue Sep 30, 2014 11:49 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: #SHELLSHOCK (another heartbleed, sorta, but not really :P )
Replies: 5
Views: 9934

Re: #SHELLSHOCK (another heartbleed, sorta, but not really :

CGI is still fairly popular these days, even on major sites. What most of them do (including some of my websites) is use rewrites to hide the .cgi (or .pl) extension from the URL. They often do the same for .php/.asp/.aspx/etc. I don't have a problem with letting people know I'm using CGI, it's just...
by df
Thu Sep 11, 2014 1:07 am
Forum: member support & tech assistance
Topic: Windows Widget keeps losing the connection
Replies: 3
Views: 2958

Re: Windows Widget keeps losing the connection

Where do you see "cannot resolve IP"? Can you post a screenshot?
by df
Wed Aug 20, 2014 12:17 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Forum Outage - Aug 16/2014
Replies: 2
Views: 5550

Re: Forum Outage - Aug 16/2014

Sorry about that, took us a while to figure out where we originally bought that SSL cert.
It's renewed now, as is the cryptostorm.is cert.
by df
Fri Jul 04, 2014 12:49 am
Forum: general chat, suggestions, industry news
Topic: XKEYSCORE source code
Replies: 8
Views: 11695

Re: XKEYSCORE source code

Looked more like C++ to me at first, but the $ in the variables told me it probably wasn't. It's not standard, but I think there are extensions to C++ that allow that sort of thing. Since I don't know Ruby that well, I just googled random bits of code that looked like it wasn't application-specific ...
by df
Fri Jul 04, 2014 12:25 am
Forum: general chat, suggestions, industry news
Topic: XKEYSCORE source code
Replies: 8
Views: 11695

Re: XKEYSCORE source code

Looks like Ruby
by df
Wed Jul 02, 2014 4:01 am
Forum: member support & tech assistance
Topic: pre-1.21 widget feedback (mostly closed, now...)
Replies: 23
Views: 13399

Re: widget v1.0 official release

Must be a bug in the cron job that checks which node has the least users, cause I just checked manually and got: bruno: 2 cantus: 3 shadow: 6 fenrir: 1 chili: 2 onyx: 3 maple: 1 emerald: 3 but the file the widget grabs (cryptostorm.nu/usercount.txt) says BRUNO (1), which isn't right. I'll look into ...
by df
Wed Jun 18, 2014 2:15 am
Forum: member support & tech assistance
Topic: All nodes down?
Replies: 15
Views: 7956

Re: All nodes down?

You should be able to get to this forum from any node, but I did just noticed I forgot to add "maple" and the other new node "emerald" to the psad whitelist for this server. (Google psad if you don't what it is. It's the first link). Let me know if you can't get to this forum fro...
by df
Wed Jun 18, 2014 2:02 am
Forum: member support & tech assistance
Topic: can I get a sig made
Replies: 9
Views: 5654

Re: can I get a sig made

Tattoos!
by df
Tue May 27, 2014 11:51 am
Forum: member support & tech assistance
Topic: pre-1.21 widget feedback (mostly closed, now...)
Replies: 23
Views: 13399

Re: widget v1.0 official release

No, the disconnect button also exits and kills the vpn (I'll change that in the future).
For now, another fix is to open up the logo.jpg file in \Program Files (x86)\Cryptostorm Client\user\ using a text editor and changing the line:
autocon=on
to
autocon=off
by df
Wed May 21, 2014 2:13 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

I can do raw-bruno-2 right now, but chili doesn't have any available IPs for a new raw instance. Gotta wait for the leaseweb order to go through.
by df
Sat May 17, 2014 10:41 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Then use their IPs. (174.142.78.196 bruno, chili only has windows atm, no more free IPs til we order more).
by df
Sat May 17, 2014 1:56 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

I haven't gotten around to setting up the hostnames for each individual post-heartbleed node, but I did add them to the balancers: windows-balancer-dynamic.cryptostorm.net and raw-balancer-dynamic.cryptostorm.net But you're right, the raw-cantus-2 one isn't listed in the raw balancer on .org or csto...
by df
Fri May 16, 2014 12:17 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: server-side configuration publication
Replies: 19
Views: 19059

Re: cryptostorm: server-side configuration publication

According to the Linux kernel source code (and https://www.kernel.org/doc/Documentatio ... sysctl.txt ), it's defined as simply an integer.
So whatever INT_MAX is defined as in /usr/include/limits.h would be the max. (on all our systems it's 2147483647).
by df
Wed May 14, 2014 1:33 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Leaseweb finally fixed the IP for the new rawvpn on cantus, it's at raw-cantus-2.cryptostorm.net (46.165.222.248)
by df
Tue May 13, 2014 11:52 pm
Forum: member support & tech assistance
Topic: pre-1.21 widget feedback (mostly closed, now...)
Replies: 23
Views: 13399

Re: widget v1.0 official release

Yea, 10.44.0.4 would be your IP, and 10.44.0.1 is the gateway. Those are just internal IPs for the node though. Without some tricky routing on your side, you wouldn't be able to do anymore to that IP than you would 127.0.0.1.
by df
Tue May 13, 2014 2:24 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Yea, prolly just bad luck. Normally they're quick about this sorta thing, but turns out someone at leaseweb screwed up and gave us an IP that's already assigned to another system on their network. Waiting for the ticket response to that problem now. When I assigned an eth0 alias to cantus for the ne...
by df
Mon May 12, 2014 6:45 am
Forum: member support & tech assistance
Topic: pre-1.21 widget feedback (mostly closed, now...)
Replies: 23
Views: 13399

Re: widget v1.0 official release

All fixed, grab this one from the same location as before.
by df
Mon May 12, 2014 6:04 am
Forum: member support & tech assistance
Topic: pre-1.21 widget feedback (mostly closed, now...)
Replies: 23
Views: 13399

Re: widget v1.0 official release

Yea, it's a small bug that I introduced when trying to fix another HTTPS bug.
I'm recompiling it now with a fix that should work, shouldn't be more than 10 minutes or so.
I'll replace the setup.exe with the fixed one once it's compiled
by df
Mon May 12, 2014 4:38 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Still waiting on a response from leaseweb. In the meantime, onyx (in France) has a new raw & windows instance at: raw-onyx-1.cryptostorm.net (212.83.167.81) and windows-onyx-2.cryptostorm.net (212.83.163.209) The balancers raw-balancer-dynamic.cryptostorm.net & windows-balancer-dynamic.crypt...
by df
Sun May 11, 2014 10:10 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Windows widget release (v2.22), incl. release notes
Replies: 0
Views: 14148

Windows widget release (v2.22), incl. release notes

This is information about the latest widget, v2.22 "Narwhal". As always, download links are at https://cryptostorm.is/connect.html. Anyone using v1.20 or later should automatically see a notification that this new version is available the next time they run the widget. The only changes in ...
by df
Sat May 10, 2014 8:47 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: server-side configuration publication
Replies: 19
Views: 19059

Re: cryptostorm: server-side configuration publication

I don't think any other server config tweaks were needed after kfox, but I'm not the one who researched these sysctl settings or the server config settings, so I might not be the best person to ask. As for why we use CentOS, it's mostly a personal preference among most of the staff. They find it eas...
by df
Fri May 09, 2014 9:37 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm: server-side configuration publication
Replies: 19
Views: 19059

Re: cryptostorm: server-side configuration publication

I don't think TCP sessions would cause any problems. In case you don't have it already (I think it's somewhere here on the forum), here's the current sysctl.conf the nodes all use: # cryptostorm.is modded perf-tuned sysctl rev. 1.6 # CentOS 6.whatever - tweaked by p_j # For binary values, 0 is disab...
by df
Wed May 07, 2014 4:01 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Nah, that's just some leftover rDNS from when fenrir did have an android node. Since that's not running anymore and the IP was available, I binded the new windows vpn to it. Don't worry, the rDNS will be changed eventually (and some proper hostnames will be setup).
by df
Wed May 07, 2014 12:39 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Yea, that's a problem I've talked with PJ about before. I think it's great to provide the in-depth analysis of every aspect of what's going on here, but only to the people who actually care about that stuff. Average users just wanna click a buy button, throw some money at it, then click "Connec...
by df
Wed May 07, 2014 12:12 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

I agree this needs to be organized more. I just happened to stumble upon this thread myself, and while I normally don't do anything on the forum I thought it would be nice to share those IPs since they're all setup and good to go. Only thing left is the threads about them. Normally, other people org...
by df
Tue May 06, 2014 9:59 pm
Forum: general chat, suggestions, industry news
Topic: Strange services on exit nodes
Replies: 3
Views: 5039

Re: Strange services on exit nodes

You're misinterpreting the nmap output. Those ports aren't open locally on the systems so there's no need to filter them. What's probably happening is your ISP is firewalling the SYN packets going to those ports to prevent worms/attacks against netbios-based services, since that's a popular attack v...
by df
Tue May 06, 2014 6:33 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Yea, they'll get hostnames shortly. While it's true that you shouldn't get too used to using the IPs, I figured I might as well just send these out as is so people can connect to something with new certs. We'll order more IPs on some of the servers (i.e., cantus) so they all can have an equal amount...
by df
Tue May 06, 2014 9:18 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Post-Heartbleed Certificate Upgrade Trajector
Replies: 85
Views: 110806

Re: cryptostorm's Post-Heartbleed Certificate Upgrade Trajec

Just an FYI, when I put up the new client certs I forgot to remove the "clientgeneric" ones that aren't even used by our setup. Our setup still only requires the CA cert (ca2.crt, or whatever inline). To everyone who's been waiting forever and a day (sorry, busy with the techie devy stuff)...
by df
Sat Feb 15, 2014 4:29 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: progress update on 1.0 widget... :-)
Replies: 1
Views: 4873

progress update on 1.0 widget... :-)

Current status update on 1.0 widget development:
BgSwpaUIMAAWdxl.jpg

(h/t twitterverse)

BdBp0gwCUAAfpFI.jpg

Go to advanced search

Nothing to display.

Login