HOW TO USE VPN TO DEFEAT DEEP PACKET INSPECTION
Imagine a technology that can stop spam and malware, identify and block illegal downloads, and allow ISPs to prioritize the data they transmit by content as well as by type. Sounds pretty good.
Now imagine a technology that gives network managers and governments the ability to monitor everything you do on the Internet, including reading and recording your e-mail and other digital communications, and tracking your every move on the Web.
Of course, it’s the same technology—deep packet inspection (DPI) by name. That’s how governments around the world are able to spy on their citizens’ online activities and control their access to the Internet.
ISPs have long been able to record every site you visit and track what you do on those sites. They can and do block access to specific sites.
But only recently has it become practical from a bandwidth and resource perspective for network providers to read all the data in the packets sent from and delivered to their customers’ computers without slowing their networks to a crawl.
North Korea, China, Iran, and other countries routinely use deep packet inspection to block Internet content and keep tabs on their citizens.
The easiest way to cover your Web tracks is to encrypt your data and network connection. The most popular encryption services use a virtual private network(VPN).
Free VPN services come with a price
The free HTTPS Everywhere Firefox add-on from the Electronic Frontier Foundation automatically encrypts connections on sites that support the technology. Unfortunately, not all sites support HTTPS, among other limitations.
A more thorough technique for preventing your Web activities from being recorded is to establish a VPN connection. The Tech Support Alert site rates several free VPN services in its guide to anonymous-surfing products.
Topping the list are CyberGhost VPN, ProXPN, and SecurityKiss.
I tried the free versions of ProXPN and OpenVPN’s Private Tunnel, but the first is too slow (and annoying), and the second gives you only 100MB of data transfers. The paid versions of both products remove these limitations, as you might have guessed.
Quick and simple setup, but painful performance in the free version
It took only a few minutes to install ProXPN and sign up for a free account. Click the red lock icon that appears in the Windows notification area or Mac menu bar to establish an encrypted connection.
Once your VPN connection is established, hover over the green lock icon to view the IP address and other information about the VPN server you’re linking through.
The free version’s slow 100Kbps maximum transfer speed harkens back to the pre-broadband days of dial-up modems. Also, when you open your browser you have to click through an annoying ProXPN “upgrade now” screen to get to your designated home page.
According to the company’s site, the ProXPN Premium service has “no bandwidth restrictions, all available ports are open, PPTP VPN enabled (in addition to our standard OpenVPN), full access to all proXPN servers world-wide, and port selection.” The premium version costs $10 a month or $50 for six months; the company offers a 7-day free trial.
Not much encryption offered by the free version of OpenVPN’s Private Tunnel
Apart from the 100MB data limit, the open-source Private Tunnel service is a breeze to sign up for and use. But most Internet users will burn through the free version’s data-transfer allotment in a couple of days. As with ProXPN, Private Tunnel places an icon on the desktop that you click to establish an encrypted connection.
The service offers 50GB of protected data transfers for $12 a year, 100GB for $20 per year, and 500GB for $50 per year; the company estimates that most people transfer between 50GB and 100GB of data per year.
By comparison, the free version of the OpenVPN-based SecurityKiss service provides up to 300MB of encrypted data transmissions per month for free. An account allowing up to 20GB per month costs $3.97 for one month or $31.71 for one year; while the service’s unlimited plan costs $13.25 for one month or $119.26 for one year. (Three-month and six-month plans with various data limits are also available.)
Many people will respond to the privacy threat posed by deep packet inspection with a big yawn. After all, if you don’t want to be tracked, don’t use the Internet. But privacy advocates such as the Electronic Privacy Information Center and the Electronic Frontier Foundation are unanimous in their opposition to indiscriminate online eavesdropping, whether it’s done by public or private entities. For the time being, it remains possible to keep the trackers at bay. Use it or lose it.
By Anonymous Productions NO©™
Share by #OpHackStorm #OpShitStorm Joint-Venture
Putting toys in the hands of Boys
#Anonymous #H4ck3rz
Will Prepare You to Share chaos & mayhem for #LulzWar
☣ I’m a Pirate ☠
I am a 21st century Revolutionary, liberating files from the English, capitalist overlords.
☢☢☢ ☠ ☢☢☢ ☠ ☢☢☢
Long live the ones who dare.
UNITED AS ONE DIVIDED BY ZERO #WeAreLegion #SailStrong
☠SHARE ☠SHARE ☠SHARE ☠SHARE ☠SHARE ☠ SHARE NO©
☠SHARE ☠SHARE ☠SHARE ☠SHARE ☠SHARE ☠ SHARE NO©
![Brute Force tools to crack Wi-Fi security in hours, millions of wireless routers vulnerable (Expect Us)
If you set WPA/WPA2 security protocol on your home or small business wireless router, and you think your Wi-Fi is secure, there two recently released brute force tools that attackers may use to bypass your encryption and burst your security bubble. The irony is that the vulnerability which can be exploited was intended to be a security strength, a usability issue to help the technically clueless setup encryption on their wireless networks. Wi-Fi Protected Setup (WPS) is enabled by default on most major brands of wireless routers including Belkin, Buffalo, D-Link, Cisco’s Linksys and Netgear, leaving millions of wireless routers around the world vulnerable to brute force attacks which can crack the Wi-Fi router’s security in two to ten hours.
Most wireless routers come with a WPS personal identification number (PIN) printed on the device. When a user is setting up a wireless home network via a network setup wizard, enabling encryption is often as easy as pushing a button on the router and then entering the eight digit PIN which came with it. When an attacker is attempting to brute force the PIN and an incorrect value was entered, a message is sent that basically tells an attacker if the first half of the PIN was right or not. Additionally, according to Stefan Viehbock, the security researcher who reported the flaw, “The 8th digit of the PIN is always the checksum of digit one to digit seven,” meaning it only takes an attacker about 11,000 brute force guesses to own the password. Unfortunately most wireless routers don’t have a lockout policy after several failed password attempts.
Viehbock reported the Wi-Fi Protected Setup (WPS) PIN brute force vulnerability to the Department of Homeland Security’s U.S. Computer Emergency Readiness Team (US-CERT). US-CERT issued a warning which included, due to a “design flaw” in WPS, “an attacker within range of the wireless access point may be able to brute force the WPS PIN and retrieve the password for the wireless network, change the configuration of the access point, or cause a denial of service….The lack of a proper lock out policy after a certain number of failed attempts to guess the PIN on some wireless routers makes this brute force attack that much more feasible.”
Viehbock released a whitepaper, “Brute forcing Wi-Fi Protected Setup - When poor design meets poor implementation” [PDF] as well as a proof-of-concept brute force tool called wpscrack which is capable of cracking a home Wi-Fi network in about two hours but does not work with all Wi-Fi adapters.
Tactical Network Solutions (TNS), another security team, had also discovered the WPS wireless router flaw that comes enabled by default in “roughly 95% of modern consumer-grade access points.” After the vulnerability went public, TNS released Reaver, an open-source tool that also exploits the vulnerability via a brute force attack. “Once you have the WPS pin you can instantly recover the WPA passphrase, even if the owner changes the passphrase,” TNS reported. “Reaver is capable of breaking WPS pins and recovering the plain text WPA/WPA2 passphrase of the target access point in approximately 4-10 hours (attack time varies based on the access point).”
The US-CERT advisory states, “We are currently unaware of a practical solution to this problem.” The recommended workaround is to disable WPS. “Within the wireless router’s configuration menu, disable the external registrar feature of Wi-Fi Protected Setup (WPS). Depending on the vendor, this may be labeled as external registrar, router PIN, or Wi-Fi Protected Setup.”
#OpHackStorm ☣
Putting toys in the hands of Boys #Anonymous #H4ck3rzWill Prepare You to Share chaos & mayhem for #LulzWar
UNITED AS ONE DIVIDED BY ZERO #WeAreLegion #SailStrong
☣ I’m a Pirate ☠I am a 21st century Revolutionary, liberating files from the English, capitalist overlords.
Long live the ones who dare..
NO©](http://25.media.tumblr.com/tumblr_lxrlkwG4Zr1r9ch8ko1_1280.jpg)
