Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Torguard "stealthvpn" vs cryptostorm

Encouraging best practices in the VPN industry via independent, community-certified verification of clean installers and clean basic service operations. Let's reward the good, and make the bad a little bit less tempting 〰 github repo#cleanVPN

Topic Author
Guest

Torguard "stealthvpn" vs cryptostorm

Postby Guest » Thu Oct 24, 2013 1:57 am

would stealth vpn style like torguard uses, where they disquise traffic as http traffic benefit cryptostorm users any? or is it a useless effort?

User avatar

cryptostorm_team
ForumHelper
Posts: 159
Joined: Sat Mar 02, 2013 12:12 am

Re: Torguard "stealthvpn" vs cryptostorm

Postby cryptostorm_team » Thu Oct 24, 2013 3:10 am

Guest wrote:would stealth vpn style like torguard uses, where they disquise traffic as http traffic benefit cryptostorm users any? or is it a useless effort?


Excellent question, excellent subject for discussion.

We first deployed HTTPS-flavoured spoofing back in 2008, so it's a topic we're worked on for a little while already. Good to see others coming on board, now.

Do you perhaps have access to some pcaps from a "stealth vpn" session? Full packet data - including payload (encrypted, of course) - is ideal, but even just headers would be helpful. We prefer to come at these kinds of things with verifiable data on hand, versus making assumptions.

Thanks for bringing forth a great area of conversation - one that can benefit from much more work, in the future, as well...

    ~ cryptostorm_team
cryptostorm_team - a shared, team-wide forum account (not a person)
PLEASE DON'T SEND PRIVATE MESSAGES to this account, as we can't guarantee quick replies!
--> feel free to use any of our other contact channels, or post in the support forum
cryptostorm: structurally anonymous, token-based, unlimited ☂ bandwidth, opensource, darknet data security for everyone!
keybase.io validatorsonename.io validatorsPGP key @ MITnetwork statuscryptostorm github
support team bitmessage address: BM-2cTMH8K5JnjbfSALjZtSkRWCLfc3Tr8GBV
support team email: support@cryptostorm.is
live chat support: #cryptostorm

User avatar

Baneki
Posts: 49
Joined: Wed Jan 16, 2013 6:22 pm
Contact:

Stealth.256Bit.AES.txt.ovpn

Postby Baneki » Sun Nov 30, 2014 7:40 pm

client
dev tun
proto udp
remote-random
remote 89.248.172.172 53
remote 184.75.210.42 53
remote 184.75.209.122 443
remote 184.75.208.130 443
resolv-retry 5
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
route-delay 5 30
script-security 3 system
mute-replay-warnings
verb 3
cipher AES-256-CBC

User avatar

cryptostorm_dev
ForumHelper
Posts: 20
Joined: Wed Jan 23, 2013 5:31 am

Re: Torguard "stealthvpn" vs cryptostorm

Postby cryptostorm_dev » Tue Dec 09, 2014 4:17 pm

So I'm obviously missing something here.

Where's the "stealth?" Is it just because it's on port 443?

Here's their "standard" (non-stealth) config:

client
dev tun1
proto udp
remote au.torguardvpnaccess.com 443
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca [inline]
fast-io
cipher AES-256-CBC
auth-user-pass
ping-restart 0
comp-lzo
verb 3
float

User avatar

marzametal
Posts: 504
Joined: Mon Aug 05, 2013 11:39 am

Re: Torguard "stealthvpn" vs cryptostorm

Postby marzametal » Wed Dec 10, 2014 4:59 am

Nothing exciting about it...

User avatar

DesuStrike
ForumHelper
Posts: 346
Joined: Thu Oct 24, 2013 2:37 pm

Re: Torguard "stealthvpn" vs cryptostorm

Postby DesuStrike » Wed Dec 10, 2014 5:59 am

My guess is that the "stealth" config is "stealthy" because it chooses randomly from 4 exit nodes thus changing your visible IP around a bit. It's very far fetched to call such a thing "stealthy" but that never hindered anybody of those money grabbing wannabe VPNs from talking marketing bs all day long.
home is where the artillery hits

User avatar

parityboy
Site Admin
Posts: 1104
Joined: Wed Feb 05, 2014 3:47 am

Re: Torguard "stealthvpn" vs cryptostorm

Postby parityboy » Wed Dec 10, 2014 9:37 pm

@thread

I have to agree with Desu - I think you can substitute "stealth" for "logistically hard to block"; I certainly don't think this is anything like the Obfsproxy work conducted by the Tor project.

We first deployed HTTPS-flavoured spoofing back in 2008, so it's a topic we're worked on for a little while already. Good to see others coming on board, now.


This will sound like a dumb question but I'll ask it anyway: between two secure network sockets (client & server) where the payload of the IP packets is encrypted, apart from the port number how would a sniffer tell the difference between (for example) HTTPS and IMAPS?


Return to “#cleanVPN ∴ encouraging transparency & clean code in network privacy service”

Who is online

Users browsing this forum: Baidu [Spider] and 3 guests

cron

Login