Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Search found 38 matches

by hashtable
Sat Oct 22, 2016 8:14 pm
Forum: member support & tech assistance
Topic: Connecting from Raspberry PI
Replies: 8
Views: 9624

Re: Connecting from Raspberry PI

I'll probably set up a pi this weekend (it's been a few months since I used it but flashed fresh raspian), so I can post some specific links if I can remember how i set it up last time. The most important config for setup is actually the iptables firewall rules / Internal routing. I was only able to...
by hashtable
Sun Sep 25, 2016 6:52 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm
Replies: 9
Views: 12163

Re: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm

My hope is that someone will come along and explain what voodoo is, an elegant and memorable paragraph or two. In fact, as we've been asked in twitter to do a nontechnical "this is what voodoo is" post, my hope that someone savior will appear and solve that problem gets riper by the day! ...
by hashtable
Sun Sep 25, 2016 6:49 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm
Replies: 9
Views: 12163

Re: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm

My hope is that someone will come along and explain what voodoo is, an elegant and memorable paragraph or two. In fact, as we've been asked in twitter to do a nontechnical "this is what voodoo is" post, my hope that someone savior will appear and solve that problem gets riper by the day! ...
by hashtable
Sat Sep 24, 2016 6:49 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

the above commands aren't necessary because openvpn automatically does this - but still useful info
by hashtable
Sat Sep 24, 2016 6:34 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: OpenWRT Routers
Replies: 6
Views: 14648

Re: HOWTO: OpenWRT Routers

fuck it - i've changed my attitude - vpn on local devices is probably safest method - assuming it's capable. many devices aren't - so putting it in the router allows devices to connect securly that otherwise wouldn't be able to. but the catch-22 is routers are weird, they have different firewall rul...
by hashtable
Sat Sep 24, 2016 6:27 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: Live-Capture Forensics of Corruptor-Injector Network injecting fake Chrome install via [email protected]
Replies: 15
Views: 70873

Re: Live-Capture Forensics of Corruptor-Injector Network injecting fake Chrome install via [email protected]

check this article: https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/ On Monday, a hacking group calling itself the “ShadowBrokers” announced an auction for what it claimed were “cyber weapons” made by the NSA. Based on never-before-published documents provided by the...
by hashtable
Sat Sep 24, 2016 5:22 pm
Forum: member support & tech assistance
Topic: Macos Sierra: Cryptostorm+ Tor
Replies: 3
Views: 783

Re: Macos Sierra: Cryptostorm+ Tor

the torstorm url seemed to work. Is torstorm routed different than onions?
by hashtable
Fri Sep 16, 2016 2:25 pm
Forum: general chat, suggestions, industry news
Topic: Wtf is happening
Replies: 0
Views: 1170

Wtf is happening

Does anybody know what is happening? What's real and what's fake? Everyday a new hack, scandal. Was Dropbox hacked? Or was Dropbox spyware? Or has the Dropbox spyware been hacked and now is being used by.. who knows? Can we distinguish a nation state from a hacker in a basement? How many high profil...
by hashtable
Sun Aug 07, 2016 7:05 am
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: OpenWRT Routers
Replies: 6
Views: 14648

Re: HOWTO: OpenWRT Routers

Is anybody down to take this shit to the next level!!!!! Okay . so. I've been compiling openwrt firmware for the last month or so, getting my feet wet. The process isn't that complicated, but it takes a little getting used to. First, what's the difference between compiling your own build or just dow...
by hashtable
Sun Jul 10, 2016 8:48 am
Forum: member support & tech assistance
Topic: Connecting from Raspberry PI
Replies: 8
Views: 9624

Re: Connecting from Raspberry PI

I figured out how to create a permanent firewall (that starts one on load) and literally kills the internet unless you are connected to a specific node on cryptostorm (you could do the wildcard one theoretically but I don't know how to sync that with dns). Mostly derived from crypstorm's github scie...
by hashtable
Sun Jul 10, 2016 8:33 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

Hey, so I noticed in the linux repo lists a few commands to disable ipv6 - but why not the love for mac??? networksetup -setv6off Wi-Fi It should work on 10.9 > (even works on macOS beta so hopefully future proof) To see a list of avail ports you can do networksetup -listallnetworkservices // It'll ...
by hashtable
Fri May 20, 2016 2:40 pm
Forum: member support & tech assistance
Topic: Connecting from Raspberry PI
Replies: 8
Views: 9624

Re: Connecting from Raspberry PI

Hi dastardly, This should do the trick: sudo apt-get install liblzo2-dev sudo apt-get install libpam0g-dev sudo apt-get install libssl-dev cd /tmp wget --no-check-certificate https://www.openssl.org/source/openssl-1.0.2d.tar.gz;tar zxf openssl-1.0.2d.tar.gz;rm -f openssl-1.0.2d.tar.gz;cd openssl-1....
by hashtable
Mon May 16, 2016 5:14 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

If you don't mind, can you share those confs and prog? 5) Vallum firewall is officially released - but the only way set up mac in such a way that it can only connect to the internet with vpn is if you change the pf settings. I have program capable of creating pre-configured pf rules that can be sha...
by hashtable
Fri May 06, 2016 7:55 pm
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: How do I use your dns services via dnscrypt?
Replies: 2
Views: 8434

Re: How do I use your dns services via dnscrypt?

They're all in the public csv by now I think, most at least
by hashtable
Fri May 06, 2016 7:51 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: General Question About SHA-512 Calculator
Replies: 10
Views: 4987

Re: General Question About SHA-512 Calculator

I'm not so worried about someone backing out my token by using what the calculator calculates, I'm confident in my admittedly limited knowledge of the coding behind it to agree with you that I don't think they could do it. My worry is that by connecting with the hash and then something directly lin...
by hashtable
Fri May 06, 2016 11:22 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: General Question About SHA-512 Calculator
Replies: 10
Views: 4987

Re: General Question About SHA-512 Calculator

@Roboute Guilliman - yes it effectively is the same as logging with the token without being hashed. But, let's say someone tried to bruteforce entry into the network. Considering we don't use passwords, the length of the username needs to be significantly long in order to use it as the main method o...
by hashtable
Tue May 03, 2016 10:18 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

also, was anybody able to get iOS working without adding

client-cert-not-required

???
by hashtable
Tue May 03, 2016 10:11 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

Hey, So I've gained a slightly more comprehensive understanding of the situation now. 1) Apple's court battle with FBI has shifted the entire companies stance on encryption for the better. 2) VPN's broke during the beta phase of 10.11.4 - because they changed the some underlying protocols for how to...
by hashtable
Thu Apr 28, 2016 11:23 pm
Forum: member support & tech assistance
Topic: What's happened to PJ ?
Replies: 28
Views: 10480

Re: What's happened to PJ ?

Thanks for the detailed responses :) I only wrote 'assuming what said is true' as a logical clarification - just to cover all the grounds. I trust the CS team more than myself setting up the local configs. I literaly have no idea what I'm doing - but I know bullshit when I see it, and everything her...
by hashtable
Fri Apr 22, 2016 8:44 pm
Forum: member support & tech assistance
Topic: What's happened to PJ ?
Replies: 28
Views: 10480

Re: What's happened to PJ ?

I think he would just as soon shut this whole company down than sell us all out to a government honeypot. The deliberately distributed and decentralized nature of the CS team will likely make even that extremely difficult, if not impossible. But like you say, if df disappears, it's time to flee. Al...
by hashtable
Wed Apr 20, 2016 4:41 pm
Forum: general chat, suggestions, industry news
Topic: On the state of OSX - how to protect
Replies: 6
Views: 6918

Re: On the state of OSX - how to protect

update: it's getting better ;) the effects of the recent legal battle have already started to trickle down into the newest dev environments...
by hashtable
Wed Apr 20, 2016 4:34 pm
Forum: member support & tech assistance
Topic: What's happened to PJ ?
Replies: 28
Views: 10480

Re: What's happened to PJ ?

I've gathered enough info from blog / forum posts (sometimes you have to dig deep to find the stuff) to feel like I know what's up, and it all seems rather personal / indirectly related to the cs service itself. Most of the protocol / design is talked about very openly - assuming what they say is tr...
by hashtable
Wed Apr 20, 2016 4:13 pm
Forum: member support & tech assistance
Topic: What router would you recommend for Cryptostorm
Replies: 8
Views: 4022

Re: What router would you recommend for Cryptostorm

I'd recommend using multiple routers capable of running openwrt - chained together - ideally one that's already prebuilt by arokh - https://forum.openwrt.org/viewtopic.php?id=50914 - It's also prob good knowing how to ssh into the router via the cmdline and feel comfortable debricking it (reset it a...
by hashtable
Thu Apr 07, 2016 3:44 am
Forum: general chat, suggestions, industry news
Topic: On the state of OSX - how to protect
Replies: 6
Views: 6918

Re: On the state of OSX - how to protect

Vallum firewall beta just officially released to the public!!! http://vallumfirewall.com/downloads/ Also, If you want any vials, download the injector: http://murusfirewall.com/downloads/ My advice is to log in normally - after connected to vpn - inject the vpn vial (which only allows traffic on ipv...
by hashtable
Sun Apr 03, 2016 6:10 am
Forum: general chat, suggestions, industry news
Topic: On the state of OSX - how to protect
Replies: 6
Views: 6918

On the state of OSX - how to protect

First, I want to start by saying I love apple's products. I haven't used anything since windows 98' that made me feel this good. With that being said, apple's megalithic status is making them become jaded, similar to microsoft during the height of that era. Apple has secret schools, secret labs, the...
by hashtable
Sat Apr 02, 2016 9:21 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

But if you can't tunnel it.. block it :) murusfirewall.com/docs13/ murusfirewall.com/downloads/ murusfirewall.com/forum/ apple kept openbsd's pf firewall (pfctl) it's not even used and rarely mentioned. amazing guide on everything here: github.com/drduh/OS-X-Security-and-Privacy-Guide (they're highl...
by hashtable
Sat Apr 02, 2016 9:11 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

This is what I was able to gather from the dev forums.. not trying to be a bummer... :wtf: AFAIK OS X does not have OpenVPN support built-in.  You would have to talk to the OpenVPN about how best to import your .ovpn file (and, indeed, whether you'd need to install their software to act on it). I wo...
by hashtable
Fri Apr 01, 2016 11:48 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

I don't want to change the Cryptostorm config files fundamentally (eg removing mention of certificate in the configs) unless the CS staff is cool with that. On the other hand, the configs optimized for Mac (on GitHub) do work, when you add the ca.crt as standalone file during the process of install...
by hashtable
Thu Mar 31, 2016 9:10 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

Actually there's one line you need to change: client dev tun #randomly select a node from the list below, for redundancy against DNS blacklisting-based session blocking attacks. #see https://openvpn.net/archive/openvpn-users/2004-12/msg00055.html resolv-retry 16 remote-random #switch the urls for di...
by hashtable
Tue Mar 29, 2016 9:19 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: github repository for Mac confs
Replies: 26
Views: 12597

Re: github repository for Mac confs

Thanks! I tried viscosity for a month or so - it had a nice interface but the connections began acting weird and then I read in the docs the were using 2 different protocols to simulate openvpn (which isn't supported 'natively' on OSX FYI - I found it in the dev forms trying to troubleshoot viscosit...
by hashtable
Tue Mar 29, 2016 12:47 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm
Replies: 9
Views: 12163

Re: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm

One of the challenges is that, in the usual "multi-hop" snake oil diagram out there, it's all made to look simple and easy to do. Of course, the only reason that's the case is that they're not actually implementing anything I completely agree, and I hadn't heard of 'GRE tunnels' before re...
by hashtable
Sat Mar 26, 2016 5:40 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: OpenWRT Routers
Replies: 6
Views: 14648

Re: HOWTO: OpenWRT Routers

I found a great guide on hide.me's forum - linked here . It took me a while get all the settings right - and I'd also recommend checking out some of the latest community releases if you have a router that supports those builds, everything will be optimized and compiled for the router - and the lates...
by hashtable
Sat Mar 26, 2016 5:16 pm
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: philosophical considerations
Replies: 11
Views: 8900

Re: TrackerSmacker: philosophical considerations

I don't see any downside to this. It's the right thing to do - if someone wants access to ads or whatever shit is being blocked they just use turn cryptostorm off or use a different service. I think it's good to have this protection on by default and I don't know why anyone would want this turned off?
by hashtable
Sat Mar 26, 2016 5:06 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Mac/OSX connects via Tunnelblick
Replies: 19
Views: 22570

Re: HOWTO: Mac/OSX connects via Tunnelblick

Update tunnelblick to the latest beta version - either in the settings or you could download it here . Also make sure to use the latest configs ( here ). Comment out the line the last line with the 'ca ca.crt': # ca ca.crt <ca> .... </ca> And it should work. Also make sure it's going through ipv4 an...
by hashtable
Sat Mar 26, 2016 4:56 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Mac/OSX connects via Viscosity
Replies: 3
Views: 13248

Re: HOWTO: Mac/OSX connects via Viscosity

The latest version of the configs works fine. It doesn't have the -txqueuelen line so you only need to comment out the ca ca.crt right above the <ca></ca> block. With your current version you'll need to delete the -txquelen but the latest version of the configs works fine - even on ios. if i I can f...
by hashtable
Sat Mar 26, 2016 4:52 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm
Replies: 9
Views: 12163

Re: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm

The voodoo network is unique / insane ? I can't explain it verbally, but something below the threshold of my consciousness understands the topology of the network. It worked during testing - it was slow - but I expected that. The test only used one exit node - but the whitepaper talks about creating...

Go to advanced search

cron
Nothing to display.

Login