I never watched Star Wars but this cracks me up: https://www.youtube.com/watch?v=lg_FoEy8T_A ___and even more___ https://www.youtube.com/watch?v=84YXPw4htnQ
it's good ol' uncle DesuStrike and I've got a little "present" for everyone who wants things to be a tad more secure than the CryptoStorm standard. (Which is the most secure out there already so this is for my fellow tinfoil heads. <3)
Basically I'll give you my personal config files (based on df's most recent release) which are slightly modified to work without DNS. This makes it possible to use as strict as possible iptable config files (which I will upload as well) and thus effectively preventing any kind of leaks may it be DNS or even worse.
In short: My setup makes sure that your computer only can talk to the local network and to the CryptoStorm exit nodes. EVERYTHING ELSE IS BLOCKED.
What you need:
- A debian based Linux (though others might work as well)
- OpenVPN (Duh! sudo apt-get install openvpn)
- Persistent iptables (sudo apt-get install iptables-persistent)
- A file named "password" with your hashed CryptoStorm token and a random password (I'll add a template)
1. Place ONE (1!) of my config files with your desired exit node into /etc/openvpn/
(You need root permissions for that, so use "sudo cp" command.)
2. Place the password file with your credentials already added into /etc/openvpn/
3. Install persistent iptables and exchange the rules.v4 in /etc/iptables/ with my version.
4. Restart your system
5. Enjoy your private internets!
For even more snuggly tinfoil follow dfkt's awesome firefox about:config tweaks at: https://github.com/dfkt/firefox-tweaks/ ... er/user.js (not all of this is privacy related and some can break your browsing experience so use with care!)
PS: I had to rar everything because the forum doesn't like unknown or no file extensions.