Torguard "stealthvpn" vs cryptostorm
Torguard "stealthvpn" vs cryptostorm
would stealth vpn style like torguard uses, where they disquise traffic as http traffic benefit cryptostorm users any? or is it a useless effort?
Re: Torguard "stealthvpn" vs cryptostorm
Excellent question, excellent subject for discussion.Guest wrote:would stealth vpn style like torguard uses, where they disquise traffic as http traffic benefit cryptostorm users any? or is it a useless effort?
We first deployed HTTPS-flavoured spoofing back in 2008, so it's a topic we're worked on for a little while already. Good to see others coming on board, now.
Do you perhaps have access to some pcaps from a "stealth vpn" session? Full packet data - including payload (encrypted, of course) - is ideal, but even just headers would be helpful. We prefer to come at these kinds of things with verifiable data on hand, versus making assumptions.
Thanks for bringing forth a great area of conversation - one that can benefit from much more work, in the future, as well...
- ~ cryptostorm_team
Re: Torguard "stealthvpn" vs cryptostorm
So I'm obviously missing something here.
Where's the "stealth?" Is it just because it's on port 443?
Here's their "standard" (non-stealth) config:
Where's the "stealth?" Is it just because it's on port 443?
Here's their "standard" (non-stealth) config:
client
dev tun1
proto udp
remote au.torguardvpnaccess.com 443
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca [inline]
fast-io
cipher AES-256-CBC
auth-user-pass
ping-restart 0
comp-lzo
verb 3
float
- marzametal
- Posts: 434
- Joined: Mon Aug 05, 2013 11:39 am
Re: Torguard "stealthvpn" vs cryptostorm
Nothing exciting about it...
- DesuStrike
- Posts: 288
- Joined: Thu Oct 24, 2013 2:37 pm
Re: Torguard "stealthvpn" vs cryptostorm
My guess is that the "stealth" config is "stealthy" because it chooses randomly from 4 exit nodes thus changing your visible IP around a bit. It's very far fetched to call such a thing "stealthy" but that never hindered anybody of those money grabbing wannabe VPNs from talking marketing bs all day long.
home is where the artillery hits
Re: Torguard "stealthvpn" vs cryptostorm
@thread
I have to agree with Desu - I think you can substitute "stealth" for "logistically hard to block"; I certainly don't think this is anything like the Obfsproxy work conducted by the Tor project.
I have to agree with Desu - I think you can substitute "stealth" for "logistically hard to block"; I certainly don't think this is anything like the Obfsproxy work conducted by the Tor project.
This will sound like a dumb question but I'll ask it anyway: between two secure network sockets (client & server) where the payload of the IP packets is encrypted, apart from the port number how would a sniffer tell the difference between (for example) HTTPS and IMAPS?We first deployed HTTPS-flavoured spoofing back in 2008, so it's a topic we're worked on for a little while already. Good to see others coming on board, now.