|
||||
Featured Articles           This post will describe how to detect if your network is blocking outgoing ports. In this test, we’ll be using nmap and the fine website portquiz.net Michael Altfield Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡ About Michael This article will describe how to bypass censorship from within any network that uses firewalls using Deep Packet Inspection (DPI) built by the Israeli software company Check Point Software Technologies Ltd, such as is being used by the Miami-Dade’s Public Library System to censor on their public wifi. I’ve been very fortunate to live in a country where freedom of speech is a well-protected human right and censorship is generally unaccepted. But, I’ve long been aware that many States prefer to assert their control over their citizens by controlling their available information. One of the shining achievements from the Tor Project is a system that allows these unfortunate souls to be able to bypass these censors and access the unfettered Internet. Indeed, the UN affirmed that a State’s attempt to prevent or disrupt dissemination of information online is a violation of international human rights law, as defined by article 19 of the Universal Declaration of Human Rights. Of course, many States today continue to ban access to the Tor network. In response, Tor provided hidden entry-points called bridge relays that are harder to block. In response to Tor bridges, States purchased firewalls from companies like Check Point to analyze the 
This post will describe what hardware to buy & how to configure it so that you have 2 wireless networks in your house: One that seamlessly forces all of the traffic on that network through a VPN–and one that connects to the Internet normally . When finished, the internet activity for any device connected to the first network will be entirely encrypted so that the ISP cannot see which websites are visited*, what software you use, and what information you send & receive on the internet. * Assuming your config doesn’t leak DNS; see improvements section Update 2017-08-25: Added “kill switch” firewall rule that prevents LAN traffic from escaping to the ISP unless it passed through the VPN’s vtun0 interface first. Following this change, if the VPN connection is down, the internet will not be accessible (as desired) over the ‘home’ wifi network (without this, the router bypasses the VPN by sending the packets straight to the ISP–giving a false sense of privacy). Update 2021-02-01: Fixed GitHub URL of cryptostorm’s free OpenVPN configuration file Update 2021-02-14: Fixed GitHub URL of cryptostorm’s paid OpenVPN configuration file Update: I wrote this guide in 2017. It’s intended for an audience that has Jesus. It’s only the second week of school and I’ve already pulled my first all-nighter. This time, however, it was not for school. I was determined to get my OpenVPN server properly setup so that I could finally browse the web securely from the dorms. I only expected this to take a few minutes, but I ended up spending over 7 hours of research, troubleshooting, and configuration changes. This post will contain a slew of information about smoothwall, zerina, openvpn, and iptables. I’m mostly just going to throw all of my findings here without much of any logical flow. Michael Altfield Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡ About Michael |
|
|||
|
Copyright © 2024 Michael Altfield's Tech Blog - All Rights Reserved Powered by WordPress & Atahualpa |
||||
