LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-14-2014, 12:26 PM   #1
MBA Whore
Member
 
Registered: May 2006
Location: Kansas City, MO
Distribution: Various: pclos, Debian, Ubuntu, etc . . .
Posts: 649

Rep: Reputation: 30
How to replicate these services for free


My VPN service does the following for a fee:

a) Encrypt all my internet traffic. The company stated I must connect to it before doing anything online in order for the encryption to work.

b) provide proxy service by making my IP address appear as a different IP address. The company has servers in other countries so I assume it routes my encrypted traffic through those overseas servers.

c) the customer support gave me what it called "Google DNS" numbers to use when I first installed the VPN software.

My goal is replicating those 3 functions instead of purchasing them. How can I do it? Is openvpn all I require? Or would I require more?

Thank you.
 
Old 11-14-2014, 03:08 PM   #2
jefro
Moderator
 
Registered: Mar 2008
Posts: 22,048

Rep: Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632
So basically you feel safe connecting to and paying a company that is set up to avoid possible legal issues? I'd assume the company is crooked.

There are plenty of web pages devoted to what you want already. The entire problem still ends up at the encryption end point. They can monitor and track all your actions. They have even more control over your system if you set settings that reflect a trusted connection to them.

You have no reasonable expectation of security if any part of the chain is not trusted.
 
Old 11-14-2014, 03:26 PM   #3
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142
What are you expecting to gain by encrypting all of your internet traffic? It still has to travel unencrypted to the server, so all you're doing is moving the "snoopable packets" from your current network to the VPN's network, and god knows whatever else is there. As jefro pointed out, unless you absolutely trust the VPN and every single machine on that network, you're probably better off avoiding it completely.

If you simply don't trust your current network, then you can use an SSH proxy to tunnel the traffic to a trusted location (home, work, etc.) where it can travel unencrypted from there, I do it all the time when I'm traveling and using hotel/airport wifi networks.

If you are trying to "cover your tracks" so you can do some less-than-desirable things, then you'd be better off with something like Tor anyway.


As for c, Google runs DNS servers at 8.8.4.4 and 8.8.8.8. Anybody can use them, there's nothing special about what the VPN is doing there. You can use also openDNS at 208.67.222.222 and 208.67.220.220.
 
Old 11-17-2014, 12:08 PM   #4
MBA Whore
Member
 
Registered: May 2006
Location: Kansas City, MO
Distribution: Various: pclos, Debian, Ubuntu, etc . . .
Posts: 649

Original Poster
Rep: Reputation: 30
My purpose is general privacy. I figured if my stuff were encrypted then it would be harder for other parties, like my ISP, to snoop. I don't do anything illegal. Still, I am becoming increasingly concerned with how readily corporations, with or without US government influence, hand over data to marketers, governments, etc.

Yes, I realize many VPNs will also sell your data for a nickle. I am sure ISPs would too. However, I trust my VPN (a little) more than my ISP. Of course, that doesn't mean that I fully trust either.

As a result, I want to learn if it is possible to replicate those services I listed. Items A and B are the main items. Item C looks simple enough to do.

Suicidaleggroll - You mentioned using an SSH proxy to tunnel the traffic to a trusted location where it would then travel unencrypted. Would you explain what that means? Sorry, I am new to networking and don't know much. How would that be different from a VPN?
 
Old 11-17-2014, 01:40 PM   #5
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142
Quote:
Originally Posted by MBA Whore View Post
Suicidaleggroll - You mentioned using an SSH proxy to tunnel the traffic to a trusted location where it would then travel unencrypted. Would you explain what that means? Sorry, I am new to networking and don't know much. How would that be different from a VPN?
Nothing, really. It's just easy to use and it's free if you own the box at the other end of the tunnel, also if you own the box at the other end of the tunnel and trust the network there you don't need to worry about snooping like you would with an untrusted VPN.
 
Old 11-17-2014, 02:42 PM   #6
jefro
Moderator
 
Registered: Mar 2008
Posts: 22,048

Rep: Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632Reputation: 3632
The problem is that a VPN set up between trusted points can be or is assumed to have some level of trust. Actually VPN's can be so secure that they can't be sent over the internet.

In your situation, you are exposing one end to the outside. It has no practical advantages. If you use a company, at their end, they have more than enough ways to monitor all your actions and possibly have greater access to your system. Most VPN configs assume a more liberal security setting.
 
Old 11-20-2014, 08:34 PM   #7
MBA Whore
Member
 
Registered: May 2006
Location: Kansas City, MO
Distribution: Various: pclos, Debian, Ubuntu, etc . . .
Posts: 649

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by suicidaleggroll View Post
Nothing, really. It's just easy to use and it's free if you own the box at the other end of the tunnel, also if you own the box at the other end of the tunnel and trust the network there you don't need to worry about snooping like you would with an untrusted VPN.

So this would be very similar but I would have more control over the hardware and software along the chain. Correct?

Is there anywhere I could read / watch / learn more about this approach?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Dynamic IP services that are free and don't suck? browny_amiga Linux - Networking 7 02-26-2015 03:40 AM
Am getting error while checking the free-radius services. kiranchintu Linux - Newbie 2 05-28-2014 04:40 AM
remote host free GNU services candido General 1 05-01-2011 11:49 AM
LXer: The Office-free life: Surviving on free Web-based services alone LXer Syndicated Linux News 0 12-22-2005 05:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration