Featured Articles

Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)
Crowdfunding on Crowd Supply (Review of my experience)
Introducing BusKill: A Kill Cord for your Laptop
Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)
Hardening Guide for phpList
Trusted Boot (Anti-Evil-Maid, Heads, and PureBoot)
WordPress Multisite on the Darknet (Mercator .onion alias)
WordPress Profiling with XHProf (Debugging & Optimizing Speed)
Detecting (Malicious) Unicode in GitHub PRs
previous arrow
next arrow

Detect outgoing port blocking with nmap and portquiz.net

This post will describe how to detect if your network is blocking outgoing ports. In this test, we'll be using nmap and the fine website portquiz.net

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Detect outgoing port blocking with nmap and portquiz.net

Howto Guide: Whole House VPN with Ubiquiti + Cryptostorm (netflix safe!)

This post will describe what hardware to buy & how to configure it so that you have 2 wireless networks in your house: One that seamlessly forces all of the traffic on that network through a VPN--and one that connects to the Internet normally . When finished, the internet activity for any device connected to the first network will be entirely encrypted so that the ISP cannot see which websites are visited*, what software you use, and what information you send & receive on the internet.

* Assuming your config doesn't leak DNS; see improvements section

Update 2017-08-25: Added "kill switch" firewall rule that prevents LAN traffic from escaping to the ISP unless it passed through the VPN's vtun0 interface first. Following this change, if the VPN connection is down, the internet will not be accessible (as desired) over the 'home' wifi network (without this, the router bypasses the VPN by sending the packets straight to the ISP--giving a false sense of privacy).

Update 2021-02-01: Fixed GitHub URL of cryptostorm's free OpenVPN configuration file Update 2021-02-14: Fixed GitHub URL of cryptostorm's paid OpenVPN configuration file

Update: I wrote this guide in 2017. It's intended for an audience that has
. . . → Read More: Howto Guide: Whole House VPN with Ubiquiti + Cryptostorm (netflix safe!)

Tor->VPN in TAILS to bypass tor-blocking

This post will describe how to route outgoing traffic in a python script running on TAILS first through Tor, then through a SOCKS proxy created with an ssh tunnel. This is helpful when you want to use the anonymizing capabilities of tor, but you need to access a website that explicitly blocks tor exit nodes (common with sites running CloudFlare on default settings).

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Tor->VPN in TAILS to bypass tor-blocking

kmhssoccer.org Update

To a degree, I still actively work on my high school soccer team's website (which I created back in 2005). I started working on it on and off since summer 2008, and 71 hours of development later, I finally pushed my changes to the live server in January 2009.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: kmhssoccer.org Update