Search found 434 matches

by marzametal
Tue Feb 02, 2021 10:29 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: The CryptoStorm Speed Test Thread
Replies: 83
Views: 284610

Re: The CryptoStorm Speed Test Thread

I've been having speed issues for over 3 weeks now. Can't break 50kb/s, regardless of server selected.
Tried changing the port and swapping from UDP to TCP, no help whatsoever.
My firewall shows no blockages relating to CS.
Killswitch is actvated.
Torrents don't break 30kb/s barrier.
Not sure what is going on, even tried a new token but the problem still exists.

Windows widget, latest version.
by marzametal
Fri Jan 22, 2021 1:24 pm
Forum: member support & tech assistance
Topic: Killswitch / DeepDNS Problem
Replies: 10
Views: 10965

Re: Killswitch / DeepDNS Problem

Tried that... didn't work. I am stumped!
by marzametal
Wed Jan 20, 2021 1:40 pm
Forum: member support & tech assistance
Topic: Killswitch / DeepDNS Problem
Replies: 10
Views: 10965

Re: Killswitch / DeepDNS Problem

I tried activating killswitch with the firewall completely disabled. The error still popped up.

The DNS entries are empty prior to running the widget. After I load the widget, the DNS is set to 127.0.0.1

I have also tried manually setting the DNS entries to 1.1.1.1 and 8.8.8.8, but the error still pops up.

Also, would you have a link for the latest version please?
by marzametal
Sat Jan 16, 2021 5:16 am
Forum: member support & tech assistance
Topic: Killswitch / DeepDNS Problem
Replies: 10
Views: 10965

Re: Killswitch / DeepDNS Problem

I tried a fresh install, just in case I made some dodgy changed to my OS. The error is still present.
by marzametal
Wed Jan 13, 2021 5:33 am
Forum: member support & tech assistance
Topic: Killswitch / DeepDNS Problem
Replies: 10
Views: 10965

Killswitch / DeepDNS Problem

I've recently ran into an issue when applying the killswitch on the windows widget.

When it comes to getting the DeepDNS IPs, it pops up with an error.
"Error: Cannot resolve. The requested name is valid, but no data of the requested type was found."

https://ibb.co/XDM9055

Any ideas?
by marzametal
Fri Nov 15, 2019 6:05 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

I recently upgraded to the latest version of the widget.
This time around, the widget actually completes executing the killswitch (before it stopped on one of the exit nodes).

However, the widget now changes my dns to 127.0.0.1, which results in no chance in connection.
I have to use the Cloudflare 1.1.1.1 dns if I want to connect.
This did not happen with the previous release, which let me connect automatically.

NOTE: This is not the error with the tap adapter, a different error pops up. I will disconnect and connect again to provide a print screen.
DNS error message
DNS error message
by marzametal
Thu Mar 21, 2019 11:40 am
Forum: member support & tech assistance
Topic: block outside dns
Replies: 5
Views: 18079

Re: block outside dns

Thought I'd ask a question in my old thread...

Where abouts is the list of exit nodes? I think it was called whitelist.txt?
by marzametal
Wed Mar 13, 2019 6:19 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

I tried disabling "Enable DNS leak prevention" and the block-outside-dns thing still shows up.
by marzametal
Tue Mar 12, 2019 6:49 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

@df
Blocking outside DNS
Block_DNS: WFP engine opened
Block_DNS: Using existing sublayer
Block_DNS: Added permit filters for exe_path
Block_DNS: Added block filters for all interfaces
Block_DNS: Added permit filters for TAP interface

No browsing allowed.
by marzametal
Mon Mar 11, 2019 12:05 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

Getting the blockotsidedns thing on the new version...

To make things worse, I forgot what version I was using so I could go back!
by marzametal
Wed Mar 06, 2019 8:46 am
Forum: member support & tech assistance
Topic: NBN (National Broadband Network) in Australia
Replies: 2
Views: 9656

NBN (National Broadband Network) in Australia

I was wondering if there are any users in Australia who successfully use Cryptostorm and the NBN together?

Some hints and tips etc..., would be great.

Maybe I am having a blonde moment can't figure out how the two will work together.

Thanks in advance for any info...
by marzametal
Sun Oct 21, 2018 3:20 am
Forum: member support & tech assistance
Topic: block outside dns
Replies: 5
Views: 18079

Re: block outside dns

:( :(
by marzametal
Sat Oct 20, 2018 2:33 am
Forum: member support & tech assistance
Topic: block outside dns
Replies: 5
Views: 18079

block outside dns

Any chance of disabling server-side dns blocking?

I am still on 3.17.0.200 to avoid this issue, but it is back.

Widget eventually connects but there is no internet access after because of this server side setting. I have "# block-outside-dns" in custom.conf and ZERO options ticked and still nothing.

Please!

-----
Fri Oct 19 16:47:19 2018 us=52274 Blocking outside DNS
by marzametal
Fri Oct 19, 2018 9:18 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

I still get blocking of outside dns even after unticking the relevant option and adding it to custom.conf. How to remove this option?

Also the dns proxy is clashing with dns crypt. The widget turns dns crypt off now after a warning.

I disappear for a month and everything is changed! Wow.
by marzametal
Sat Jul 14, 2018 11:22 am
Forum: member support & tech assistance
Topic: https://whoer.net Request for comments
Replies: 9
Views: 25798

Re: https://whoer.net Request for comments

Ahhhh, thanks for the explanation mate! Rock on!
by marzametal
Thu Jul 12, 2018 9:05 am
Forum: member support & tech assistance
Topic: https://whoer.net Request for comments
Replies: 9
Views: 25798

Re: https://whoer.net Request for comments

One question about USA SOUTH...
I've noticed recently that when I connect to any of the 64.x.x.x IPs and access whoer, they show no time details for ZONE and LOCAL.

However, when I connect to the 209.x.x.x IPs, they do populate the ZONE and LOCAL fields.

Is this because CS is preparing for replacing 108.x.x.x (resurgens) with 64.x.x.x (resurg)?
by marzametal
Thu Jul 12, 2018 8:59 am
Forum: member support & tech assistance
Topic: All vpn detected as proxy
Replies: 5
Views: 18606

Re: All vpn detected as proxy

\m/
by marzametal
Wed Jul 11, 2018 4:36 pm
Forum: member support & tech assistance
Topic: All vpn detected as proxy
Replies: 5
Views: 18606

Re: All vpn detected as proxy

Just a little FYI, maybe someone can confirm, even the original poster.

Try logging onto a voodoo node, and check if Proxy is shown as YES. For me, it is shown as NO on Voodoo Denmark-IOM (I nearly typed IRON MAIDEN because I was listening to an album of theirs hahaha).

Maybe it can't detect a proxy because it is half voodoo?

I am not sure if I can remember if there was ever talk about full voodoo? I think there was, but not sure what happened to it.

EDIT: By the way, just saw the 60% in the posted pic... I think you got better things to look at to improve that %... eg: modifying time etc... it's easy to get it to 100%, regardless of the open port stuff...
by marzametal
Sat Jul 07, 2018 4:55 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

I have noticed that all relevant DNS addresses relating to the specific node you are connecting to have to be reachable to prevent the user being asked if they want to go to 1.1.1.1

I found this out because I use a DNS Proxy, and since for this example, USA SOUTH has 3 DNS addresses, if two are commented out in my proxy configuration file, and the widget references one of the commented DNS addresses,then it throws that option.

So, to prevent the 1.1.1.1 reference, for those who use a DNS Proxy such as Acrylic, uncomment all DNS addresses relating to the node you want, and then post-connection comment out the ones that were not used by widget.

Also, for those who use Acrylic (not sure how this would be done for other DNS Proxy software), I now have two entries that bypass 127.0.0.1 and go straight to the DNS Server (on router have CS DNS entries)... without these two entries, every time I click on the UPDATE button for node list, it would time out, and when the latest widget would resolve on connection, it would also time out... just for those who are interested :)
NAME1=cryptostorm.nu
NAME2=cstorm.pw

Thanks for adding the extra information on the whitelist df... makes things easier!
Keep up the good work!

I knew I was doing something wrong!
"10.5.0.2-10.5.255.254,10.44.0.2-10.44.255.254,10.66.0.2-10.66.255.254,10.84.0.2-10.84.255.254,10.86.0.2-10.86.255.254,10.88.0.2-10.88.255.254,10.92.0.2-10.92.255.254" this is what it looks like at the moment for an outbound rule hahaha
by marzametal
Sat Jul 07, 2018 11:17 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

don't worry about the updating node list issue... I went a bit spastic during a copy and paste and ruined a rule!

By the way, I've noticed when it connects now...
Sat Jul 07 00:57:18 2018 us=108037 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.84.0.1

How often does the 10.84.0.1 change?
In the past 3 connections, I've seen it go from 10.84 to 10.88 and then 10.94...

No big deal, just means I gotta broaden the rules haha
by marzametal
Sat Jul 07, 2018 9:36 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

"The widget now "pre-resolves" the host you're connecting to"

Would it be safe to assume that the above means if I choose a random node to connect to in the widget, then all nodes will be attempted to be pre-resolved... and if I choose one specific node from the dropdown, then just that one will be pre-resolved?

Also, is there any documentation that shows me which country the server names relate to? eg: brabant, blocko, etc...

With the new additions to the widget, have to sorta' redesign my firewall rules to accomodate. Just trying to get enough info to work with... thanks in advance!

UPDATE:
What is the IP address that is referenced when I want to update node list?
Not sure is cryptostorm.nu is down? Just saw this post from @df "about node list"
Is it still 212.83.185.245
by marzametal
Tue Jul 03, 2018 7:11 am
Forum: member support & tech assistance
Topic: cryptostorm freezes sometimes when disconnecting
Replies: 8
Views: 23706

Re: cryptostorm freezes sometimes when disconnecting

parityboy wrote:MARZA!!! :D

It's been a loooong time, my friend. How are you?
Ahhhh buddy, you're always happy to read me... glad to know I have fan somewhere :)

Not bad here, my PC time is limited at the moment. But once in a while, I pop up like a meerkat and make an appearance!

Hope all is well on your end mate.
by marzametal
Sat Jun 30, 2018 8:59 am
Forum: member support & tech assistance
Topic: All vpn detected as proxy
Replies: 5
Views: 18606

Re: All vpn detected as proxy

I have encontered this as well. I was told I couldn't treat these sites like gospel. Sometimes the ports would appear and disappear after xx amount of refreshes. As for the proxy thing, that is a hit and miss situation too, for me anyway. Comes and goes like cravings for cleavage.

I don't think CS restrict ports anyway. So this site showing some ports open is irrelevant. It's a non-issue. They don't know where you are, so even if the server gets crapped on, how would they get to you?
by marzametal
Sat Jun 30, 2018 8:52 am
Forum: member support & tech assistance
Topic: cryptostorm freezes sometimes when disconnecting
Replies: 8
Views: 23706

Re: cryptostorm freezes sometimes when disconnecting

Also happened to me if my firewall rules were too strict. Sometimes for some reason the widget would try and reference a dns belonging to an alternative exit node that I didn't allow through rules, and hence... the stall.

Check your firewall block log, and see if there is an IP that is being denied repeatedly at the same time the widget is switching back to DNSCrypt.

It hasn't happened to me for a while though. The only workaround I found for this was to allow the DNS IP into firewall rule (I have a set of firewall rules for every exit node and every DNS address... eg: when widget loads up and it tries to reach all the addresses relating to CS connection, all are blocked except for the node I wish to reach), and then check periodically to see if it stalls or not if the address is removed.
by marzametal
Fri Mar 16, 2018 6:33 am
Forum: member support & tech assistance
Topic: Internet is broken after the update v3.13
Replies: 64
Views: 68000

Re: Internet is broken after the update v3.13

No wonder I couldn't find the custom.conf file on 3.13 hahahaha
Back to 3.12!
by marzametal
Thu Mar 15, 2018 12:51 pm
Forum: member support & tech assistance
Topic: Internet is broken after the update v3.13
Replies: 64
Views: 68000

Re: Internet is broken after the update v3.13

For me, the killswitch deleted all my firewall rules... had to reinstall 3.12 and reload rules. Just a heads up for peeps...

Also, in latest version, I cannot keep the port to stay on 443, even if random port tickbox is empty. Can anyone confirm?
by marzametal
Thu Jan 18, 2018 11:14 am
Forum: member support & tech assistance
Topic: Cannot resolve host after connection loss, Android
Replies: 5
Views: 14344

Re: Cannot resolve host after connection loss, Android

DudeOfLondon wrote:@marzametal

On his github he answered in the issues thread in December 2017.
And he made changes 9days ago. https://github.com/schwabe/ics-openvpn/ ... 2b7457fe05

So he seems to do something still.
Oooeeerrrrrr.... nice, thanks for that!
by marzametal
Fri Jan 12, 2018 8:36 am
Forum: member support & tech assistance
Topic: Cannot resolve host after connection loss, Android
Replies: 5
Views: 14344

Re: Cannot resolve host after connection loss, Android

Arne Schwabe's OpenVPN for Android @ http://plai.de/android/ hasn't been updated for a while. Has the bloke stopped working on it?
by marzametal
Fri Nov 10, 2017 3:28 pm
Forum: member support & tech assistance
Topic: Two random questions...
Replies: 2
Views: 8416

Re: Two random questions...

This is doing my head in...

Now both of the above issues are non-existant!

On Whoer, I get 100%, so no open ports, and can also disconnect from widget without being annoyed by the CS-North DNS address...

*headbutts a closet*
by marzametal
Fri Nov 10, 2017 2:38 pm
Forum: member support & tech assistance
Topic: Two random questions...
Replies: 2
Views: 8416

Two random questions...

Hi... :)

I use v3.0.0.72, Windows 7 HP.

Problem #1:
When I go to disconnect the Windows Widget, it stalls. It keeps on trying to access "173.234.56.115", which is CS-North DNS. This occurs on any of the exit nodes. I have to kill the widget via Task Manager to shut it down. If I enter the above address in firewall rules (I have a rule-set for every exit node), then it works.

But, why would I need to allow a CS-North DNS if I specifically use the DNS for the exit node I am using? eg: When on CS-South, I use CS-South DNS via widget and select firewall rules for CS-South.


Problem #2:
I check my status on Whoer from time to time, and didn't notice anything concerning. I used to get 100% all the time, until recently. I ran it today, and I noticed in the OPEN PORTS section, it says I have some open...

Open ports - 80, 1723, 3128, 8080

I am wondering, is this on client side or server side?
by marzametal
Tue Oct 24, 2017 12:44 pm
Forum: general chat, suggestions, industry news
Topic: Split Tunneling
Replies: 27
Views: 67578

Re: Split Tunneling

parityboy wrote:@marzametal

Haven't seen you around in a little while, how's things? :D
Yeah, I've got a bit going on behind the scenes, which is keeping me away from the PC. Overall, still alive (I think)! How's your side treating you?

Hoping the CS Router will be out soon. Bit apprehensive about this :)
by marzametal
Thu Oct 19, 2017 3:28 pm
Forum: general chat, suggestions, industry news
Topic: Split Tunneling
Replies: 27
Views: 67578

Re: Split Tunneling

Still, a good bit of info... thanks!
by marzametal
Tue Aug 01, 2017 3:31 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostormusersguidev2 <-- feedback & guidance requested
Replies: 11
Views: 162936

Re: cryptostormusersguidev2 <-- feedback & guidance requested

I think the .ovpn extension can be manually changed to .conf without any issues.
by marzametal
Sun May 28, 2017 3:48 pm
Forum: member support & tech assistance
Topic: Token repeatedly has auth failures, too many logons.
Replies: 19
Views: 24011

Re: Token repeatedly has auth failures, too many logons.

Wow, thought as per norm, just me having auth fail issues on mobile... oh well, prefer CS on PC anyway, hardly use it on mobile.

I have had this 1 year token since February 2017.
by marzametal
Sun Mar 26, 2017 6:04 am
Forum: member support & tech assistance
Topic: Firefox Reveals My System's Time; Need to Obfuscate
Replies: 10
Views: 15510

Re: Firefox Reveals My System's Time; Need to Obfuscate

Change your system time, it will do the trick. Just match it to the VPN exit node.

Then add another clock in the "Additional Clock" tab to reflect your real location time. So when you hover your mouse over the time/date section, it will pop up a box showing both local time and additional clock time.
by marzametal
Sun Mar 26, 2017 6:02 am
Forum: member support & tech assistance
Topic: Windows Widget IPV6 Issue
Replies: 3
Views: 7000

Re: Windows Widget IPV6 Issue

In the Widget Options, untick "Disable IPv6"... if you handle this yourself, there is no need to pass the responsibility over to the widget.
by marzametal
Mon Feb 20, 2017 5:53 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

Khariz wrote:I'm keeping the 2.4 widget. It works great for me on Windows 10. I just keep answering no when it asks me to "upgrade" to 2.3
Maybe you could roll back to .66 which has 2.4... saves you clicking No all the time.
by marzametal
Wed Feb 08, 2017 10:04 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

bricus wrote:Hi,

I was on a previous v3 build, and since several updates happened within the widget, I’m not able to use a v3 build any more – well, I just have the v3.0.0.66 to test.
It stops at the “Logging into the darknet” step, no log is visible, just a black square.
Is there a way to get the log elsewhere?
Widget v2.22 is working.

Thanks in advance for any help.
I am having the same issue. Tracked it down to csvpn.exe (the openvpn version - openvpn.exe after renaming to csvpn.exe also misbehaves)
by marzametal
Mon Jan 16, 2017 8:38 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

What firewall do you use? Maybe I can think of something...

I make use of Windows Firewall with Advanced Security, but I use a 3rd party app called Windows Firewall Control to act as an interface for WFwAS for the purposes of monitoring connection logs, and a 3rd party app called Acrylic DNS Proxy to handle DNS (along with wildcards in Hosts file).

NOTE: WFwAS does not provide such logging capabilites... one would have to navigate to "C:\Windows\System32\LogFiles\Firewall\pfirewall.log" to see any resemblance of a connection log... very ugly looking, but it is plain text after all...

Essentially, it would be a guessing game to figure this out without firewall connection logs. Hence why I asked at the beginning of this post about your firewall software.

The basic rules needed would be: (each line represents a rule)
DHCP Inbound
DHCP Outbound
DNS Resolving C:\Windows\system32\svchost.exe - tied to DNS Windows Service
DNSCrypt C:\Program Files (x86)\Cryptostorm Client\bin\dnscrypt-proxy.exe
NETSH C:\windows\syswow64\netsh.exe
WIDGET C:\program files (x86)\cryptostorm client\bin\client.exe

I have attached a print screen of my rules for an exit node, along with DHCP rules. The NLA Outbound Snooping rule (tied to Network Location Awareness Service) and the Crypto Outbound Snooping rule (tied to Cryptographic Services Service) are there, but are denied via a global Block Rule. The other rules are active when connecting to said exit node. Also, disregard the rule for Acrylic.

I will keep an eye on this thread for any of your replies... very interesting as to why you are having dramas.

Cheers.

P.S.: In regards to router, I have replaced my ISP DNS entries with CS DNS entries, and before I started using Acrylic DNS Proxy, I would have included two CS DNS addresses for ISP connection, but left the TAP Adapter DNS fields to populate automatically.

P.S.: Just remembered there is also an outbound rule for "C:\Program Files (x86)\Cryptostorm Client\bin\csvpn.exe"...

My approach is tedious, but once set up, it allows for transparency because the rules that are active only apply for the exit node that I am connecting to. I could provide more details, but will wait for a response so we are on the same page. Good luck buddy!
by marzametal
Sat Jan 14, 2017 6:55 am
Forum: member support & tech assistance
Topic: CryptoStorm filtering web traffic.
Replies: 7
Views: 12820

Re: CryptoStorm filtering web traffic.

Pentester908 wrote:No, I'm not worried about anti-tracking. That won't affect me much. I'm using OpenVPN and dns leaks aren't something that affects me, either.

The above message from Cryptostorm specifically references "Snort" an open sourced IDS/IPS. This means Cryptostorm is specifically monitoring and then altering web traffic. Now, they may not be logging what they monitor and it may all be automated, but they are changing traffic.

Can anyone from CryptoStorm point to their own documentation or announcement concerning this? I don't mind if CS will not allow "malicious" (even if its for security testing) traffic. I just need to make a decision on a VPN here shortly. I've been with CS for about three years now. I love them, but I have to be able to do my job.
This is a Reddit page which discusses SNORT, and has a reply/explanation after the opening post provided by df @ CS.
by marzametal
Fri Jan 13, 2017 8:08 am
Forum: member support & tech assistance
Topic: CryptoStorm filtering web traffic.
Replies: 7
Views: 12820

Re: CryptoStorm filtering web traffic.

I know the Windows Widget can disable IPv6 and prevent STUN/WebRTC leaks. CS also has something called Tracker Smacker.

If the above relates to anything you are doing, then hmmm... bummer.
by marzametal
Sun Jan 01, 2017 7:58 am
Forum: member support & tech assistance
Topic: cryptostorm freezes sometimes when disconnecting
Replies: 8
Views: 23706

Re: cryptostorm freezes sometimes when disconnecting

This happens with me too... but only if I switch off the router, and then try to disconnect via widget... it stalls on the reverting to dnscrypt part.

I suppose your situation is the same, in relation to "dropped connection vs router turned off"... the internet feed is broken and the widget cannot do its job.

I am not sure if this can be rectified or not, since the widgets role is to connect/disconnect; its 2nd function is nerfed if the connection drops or device is turned off.
by marzametal
Wed Dec 28, 2016 7:18 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

The scenario in the above post happened to me as well...

It turns out that the widget defaults to a specific exit node after install/update, and unless the end user picks it up by checking connection logs, he/she will throw a fit because s**t doesn't work.

For me, it was one of the US nodes, off the top of my head, cannot remember which one.
by marzametal
Sat Nov 26, 2016 5:22 am
Forum: general chat, suggestions, industry news
Topic: Add multi-hop functionality to cryptostorm
Replies: 2
Views: 20963

Re: Add multi-hop functionality to cryptostorm

CS has this. It is called Voodoo.
by marzametal
Fri Nov 04, 2016 1:19 pm
Forum: member support & tech assistance
Topic: (shrug) From my standpoint your network is falling apart
Replies: 4
Views: 8707

Re: (shrug) From my standpoint your network is falling apart

I've been going for a while without an issue either...
by marzametal
Fri Oct 21, 2016 9:35 am
Forum: crypto, VPN & security news
Topic: How NSA access was built into Windows
Replies: 2
Views: 16491

Re: How NSA access was built into Windows

Is it even possible to delete these DLLs? I tried restricting their execution, and it resulted in a BSOD at startup.
by marzametal
Sun Sep 18, 2016 8:45 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

@df

much appreciated my good man... keep up the great work! It's been an honour thus far to be a part of the CS community.
by marzametal
Sat Sep 17, 2016 3:18 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

Are these the latest hashes for cryptostorm_setup.exe v3.0.0.56 ?

md5 - 2570E4A6A1A020A5C9114B9E55E197D7
sha1 - BB230429D53363A81B010AF2EE58EE154CEE5FF0
sha256 - 0F8594A3714C9639668ED62995F56C8C15C540167CFE396335621BAC4D257981
by marzametal
Fri Jun 24, 2016 7:42 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

Cheers for the update df!
by marzametal
Wed Jun 22, 2016 8:19 am
Forum: member support & tech assistance
Topic: VPN noob
Replies: 8
Views: 12915

Re: VPN noob

You could implement firewall rules to block ISP access before VPN connects, and also firewall rules to only allow connection while VPN is active. This is time-consuming, and customised per user.

If you use Windows 7 and have .NET framework 4 or above installed, you could give this a go...
http://vpnetmon.webs.com/
After adding your torrent executable to it, when your VPN drops, the torrent client will shutdown as well.

You were right, the volume of stuff you could implement is ridiculously large, but gotta' take certain steps first.
by marzametal
Thu Jun 09, 2016 9:22 am
Forum: member support & tech assistance
Topic: New German & Canadian Nodes
Replies: 2
Views: 7501

New German & Canadian Nodes

Hi...

I was wondering if anyone has an issue with logging into LastPass via FF browser addon, while on these two new nodes? It's weird how I can log onto LastPass via addon through the older German and Canadian nodes, but on the newer ones I am unable to.

There is only one entry for Germany and Canada in LastPass country restrictions.
by marzametal
Sun May 29, 2016 11:54 am
Forum: member support & tech assistance
Topic: VPN problem and unidentified network message
Replies: 8
Views: 12618

Re: VPN problem and unidentified network message

No I don't. I think you can take two approaches with this... 1) is a manual approach, and 2) is via v2 widget

1) Try including some CS DNS addresses in the TCPIPv4 DNS Section of your Nerwork Interface Card (Control Panel/Network and Internet/Network Connections)... not the TAP one. If this is set to "Obtain DNS Server addresses automatically", it will pick up your ISP DNS addresses, which I think it is doing since you blacked them out. If you enter values such as these two 162.221.207.228 and 185.60.147.77, then they will replace your ISP ones, so nothing will need to be blacked out in your images. I went a bit further and also populated the DNS address boxes in my router config.

2) Tick the DNS Leak Protection box in the widget. I think this will add a CS DNS server address into your TCPIPv4 DNS box. Then, when you disconnect, it will return the values back to normal. I am not sure what happens if you shut down your PC before disconnecting the widget.

Hope this helps.
by marzametal
Fri May 27, 2016 12:11 pm
Forum: member support & tech assistance
Topic: VPN problem and unidentified network message
Replies: 8
Views: 12618

Re: VPN problem and unidentified network message

Mine looks like that as well!
by marzametal
Thu May 26, 2016 8:35 am
Forum: member support & tech assistance
Topic: VPN problem and unidentified network message
Replies: 8
Views: 12618

Re: VPN problem and unidentified network message

The black part is your DNS provider? Wouldn't that mean you are leaking DNS, since CS provides their own DNS addresses?

By the way, Netflix, and maybe Hulu... filter out proxy and VPN connections. They now forbid it.
by marzametal
Fri May 20, 2016 8:05 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

marzametal wrote:Should be interesting... the dnscrypt stuff might force me to ditch my dns proxy... time will tell :) thanks df!
I never managed to track down info on how to fix up the blockoutsidedns issue... localhost loopback stuff. Any documentation or advise flying around? W7 Home Premium.
by marzametal
Fri May 20, 2016 5:56 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

Should be interesting... the dnscrypt stuff might force me to ditch my dns proxy... time will tell :) thanks df!
by marzametal
Tue May 17, 2016 8:37 am
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: "VPN review" websites: Good, Bad, & Scammy
Replies: 10
Views: 89163

Re: "VPN review" websites: Good, Bad, & Scammy

I came across this recently... seems to cover a lot of VPNs, CS as well...
Two relevant options on left hand side... simple view and detailed view... Enjoy!

VPN Details
by marzametal
Mon Apr 25, 2016 5:16 pm
Forum: member support & tech assistance
Topic: What's happened to PJ ?
Replies: 28
Views: 35861

Re: What's happened to PJ ?

Cheers for putting out the fire of the nay-sayers dee eff...

Soon as some randoms hear about stories of animals and stuff (well, anything really...), they go bezerk with insane thoughts. I bet they all hold skeletons in their closets too. Just shut the fuck up already, all of you.

If you like the service CS provides, then subscribe; if not, then take your whinging, sooking and he-said/she-said mumbo jumbo straight up your poop shoot.

If the shitstorm surrounding one bloke is enough for you to ditch this wonderful product, it is proof enough that you don't deserve to make use of such a service. Go suck the tinea off of iVPN's toes. Nuff said.
df wrote:Voodoo options are pretty much "If we think it looks like a cool exitnode and it's not insanely expensive", it gets thrown into the pot.
I'm loving the USA West - Iceland Voodoo Node... she's a hottie ;)
by marzametal
Mon Apr 18, 2016 5:54 am
Forum: DeepDNS - cryptostorm's no-compromise DNS resolver framework
Topic: cryptostorm's DNS resolvers
Replies: 7
Views: 38124

Re: cryptostorm's DNS resolvers

JH wrote:But Tracker Smacker is working on all servers now? There is not more a "free TS" server like the old England server?
I think Voodoo US West - Iceland is TS free. I try other exit nodes and cannot view Vine Videos via Twitter. Nslookup on "vine.co" shows 127.0.0.1 as the last entry. So give the node I mentioned above a shot.
by marzametal
Wed Apr 13, 2016 11:08 am
Forum: member support & tech assistance
Topic: RIAA Notice
Replies: 4
Views: 8676

Re: RIAA Notice

Does your torrent app have a little text box entry where you can input your CS IP?
by marzametal
Wed Apr 06, 2016 7:08 am
Forum: DeepDNS - cryptostorm's no-compromise DNS resolver framework
Topic: cryptostorm's DNS resolvers
Replies: 7
Views: 38124

Re: cryptostorm's DNS resolvers

I didn't want to start another thread just for this, so decided to post here...

Is it possible to assign/re-assign deepDNS hostnames across all DNS addresses used by CS? As per following screenshot, some do not resolve to a hostname, while others don't mention "deepDNS" at all. I am not sure if this is actually tied in with HAF, which might be deprecated?

P.S.: Not all DNS are referenced in screenshot.

IPNetInfo
by marzametal
Tue Mar 22, 2016 5:27 am
Forum: general chat, suggestions, industry news
Topic: browser fingerprinting: research, defences, future avenues of development
Replies: 39
Views: 125025

Re: browser fingerprinting: research, defences, future avenues of development

In Firefox 45 and above, the addon "Random Agent Spoofer" has borked. The Script Injection options don't seem to commit, even though the Developer has confirmed on GitHub that the code executes.

The relevant issue thread can be found here.
by marzametal
Tue Mar 22, 2016 4:59 am
Forum: member support & tech assistance
Topic: Icelandic exit nodes and config files?
Replies: 9
Views: 21206

Re: Icelandic exit nodes and config files?

NSA = USA nodes... lol
by marzametal
Mon Mar 21, 2016 1:49 pm
Forum: member support & tech assistance
Topic: Icelandic exit nodes and config files?
Replies: 9
Views: 21206

Re: Icelandic exit nodes and config files?

According to widget connection details, 3 of the NSA exit nodes are the same IP, 76.x.x.x; so the comment about nodes all over the NSA isn't accurate. However, according to GitHub, there is no duplicates across the NSA nodes.

I tried to connect to the various NSA nodes via widget, and never received the IPs that were displayed in the GitHub page. What gives?
by marzametal
Mon Mar 21, 2016 3:44 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget v3
Replies: 278
Views: 1659715

Re: widget v3

Made a post in another thread that sorta' relates to v3 release...

Thoughts are very much appreciated.

Windows Telemetry vs Acrylic / DNSCrypt
by marzametal
Mon Mar 21, 2016 3:41 am
Forum: crypto, VPN & security news
Topic: Win 10 traffic analysis- it's 100% spyware/malware.
Replies: 3
Views: 25416

Re: Windows Telemetry vs Acrylic / DNSCrypt

I have a query about Windows Telemetry and DNSCrypt.

As we are well aware, v3 of the Windows Widget will include DNSCrypt. My concern is that domains such as www.download.windowsupdate.com have been proven to bypass HOSTS file entries, even with modification of the dnsapi.dll files located in system32 and SysWOW64. This has been shown in Wireshark; a call is made to www.download.windowsupdate.com, and it receives a valid reply. Another one that couldn't be silenced was related to *msftncsi*.

I have had to implement Acrylic DNS Proxy as a workaround, which nullifies calls to both www.download.windowsupdate.com and *msftncsi*. It also has another beautiful feature, which allows for wildcards such as *. Lots of power.

What I am essentially trying to figure out is if DNSCrypt can nullify replies made to the above two callouts like Acrylic does, or is it only for encrypting DNS traffic? I quote something I found on the DNSCrypt site...
DNSCrypt is a protocol that authenticates communications between a DNS client and a DNS resolver. It prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered with.

Please note that DNSCrypt is not a replacement for a VPN, as it only authenticates DNS traffic, and doesn't prevent "DNS leaks", or third-party DNS resolvers from logging your activity.
I also ponder the success rate of combining the two apps, Acrylic + DNSCrypt. As a Windows User, I think the % rate of implementation objectives is sliiiiightly in favour of silencing MS callouts. However, MITM is a bitch in itself. So, better to trust the devil you know, rather than the one you don't, eh? lol...

Thoughts?
by marzametal
Thu Mar 17, 2016 6:58 pm
Forum: member support & tech assistance
Topic: ISP throttling VPN or other issue?
Replies: 6
Views: 16742

Re: ISP throttling VPN or other issue?

cryptostorm_support wrote:
I don't know if you are using dnscrypt in combination with block-outside-dns. As block-outside-dns only allows DNS on TAP interfaces it could be that the DNS queries to localhost are being blocked.

Addition: Just talked to df. Df indicates this should work (and has been tested) as localhost doesn't make use of a physical adapter.
"block-outside-dns" is working fine for me on W7 with the latest v2 widget.

This localhost loopback thingamabob is what I am contending with at the moment... bit of a ballbreaker!
by marzametal
Thu Mar 17, 2016 3:05 am
Forum: member support & tech assistance
Topic: ISP throttling VPN or other issue?
Replies: 6
Views: 16742

Re: ISP throttling VPN or other issue?

I can't load those images up... are they not available anymore?

EDIT: I can if I examine the image code and load URL into another tab... wierd.

EDIT: Figured it out... Random Agent Spoofer FF addon... unticked "block display mixed content"
by marzametal
Tue Mar 15, 2016 2:19 am
Forum: DeepDNS - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: adware/crapware-blocking done right
Replies: 67
Views: 375550

Re: TrackerSmacker: adware/crapware-blocking done right

I reckon there should be an exit node or two that do not cater for the serer-side adblocks. I've been using Acrylic DNS for ages and have managed to get quite a block list going. It also supports wildcards which makes things much easier (slapping a block on *usercontent* blocks everything with that term in it, same thing for *microsoft*, *twitter*, *akamai*, etc...). I am not sure if I will be able to use this when v3 Windows Widget comes out since it will incorporate DNS Crypt, but am willing to tinker with it to see if it can work in tandem.

I found one clash already, not sure if it is my side; haven't tested fully yet. Cannot play animated GIFs or videos on Twitter anymore. Anyone else experiencing this? I have a workaround since I can just download the video using a 3rd party app called Internet Download Manager... just curious is all.
by marzametal
Fri Mar 11, 2016 12:05 pm
Forum: general chat, suggestions, industry news
Topic: From the datacentre perspective: cartel spambot extortion
Replies: 8
Views: 27422

Re: From the datacentre perspective: cartel spambot extortion

Welcome back PJ...

Lurky lurky, huh? Much like Rambo in First Blood, covered in mud, stuck to a small cliff-face... eyes open, and BANG. pwned!!!
by marzametal
Sat Feb 20, 2016 5:37 am
Forum: member support & tech assistance
Topic: London access point down?
Replies: 4
Views: 10353

Re: London access point down?

Yeah it was or still is temporarily down... I think Fermi mentioned it in the chat rooms.

You can also bookmark this website to check status of servers.

http://uptime.statuscake.com/?TestID=tZj3HbyKm5
by marzametal
Sun Feb 14, 2016 6:52 am
Forum: member support & tech assistance
Topic: gateway port options?
Replies: 4
Views: 10247

Re: gateway port options?

Wow, an ISP blocking 443. I thought this never happened. If you're on the widget, you can choose a custom port to connect to.