Torguard "stealthvpn" vs cryptostorm
-
Guest
Torguard "stealthvpn" vs cryptostorm
would stealth vpn style like torguard uses, where they disquise traffic as http traffic benefit cryptostorm users any? or is it a useless effort?
-
cryptostorm_team
- ForumHelper
- Posts: 121
- Joined: Sat Mar 02, 2013 12:12 am
Re: Torguard "stealthvpn" vs cryptostorm
Excellent question, excellent subject for discussion.Guest wrote:would stealth vpn style like torguard uses, where they disquise traffic as http traffic benefit cryptostorm users any? or is it a useless effort?
We first deployed HTTPS-flavoured spoofing back in 2008, so it's a topic we're worked on for a little while already. Good to see others coming on board, now.
Do you perhaps have access to some pcaps from a "stealth vpn" session? Full packet data - including payload (encrypted, of course) - is ideal, but even just headers would be helpful. We prefer to come at these kinds of things with verifiable data on hand, versus making assumptions.
Thanks for bringing forth a great area of conversation - one that can benefit from much more work, in the future, as well...
- ~ cryptostorm_team
☂ cryptostorm_team - a shared, team-wide forum account (not a person) ☂
PLEASE DON'T SEND PRIVATE MESSAGES to this account, as we can't guarantee quick replies!
--> feel free to use any of our other contact channels, or post in the support forum
cryptostorm: structurally anonymous, token-based, unlimited ☂ bandwidth, opensource, darknet data security for everyone!
keybase.io validators ☂ onename.io validators ☂PGP key @ MIT ☂ network status ☂ cryptostorm github
☂ support team bitmessage address: BM-2cTMH8K5JnjbfSALjZtSkRWCLfc3Tr8GBV
☂ support team email: support@cryptostorm.is
☂ live chat support: #cryptostorm
PLEASE DON'T SEND PRIVATE MESSAGES to this account, as we can't guarantee quick replies!
--> feel free to use any of our other contact channels, or post in the support forum
cryptostorm: structurally anonymous, token-based, unlimited ☂ bandwidth, opensource, darknet data security for everyone!
keybase.io validators ☂ onename.io validators ☂PGP key @ MIT ☂ network status ☂ cryptostorm github
☂ support team bitmessage address: BM-2cTMH8K5JnjbfSALjZtSkRWCLfc3Tr8GBV
☂ support team email: support@cryptostorm.is
☂ live chat support: #cryptostorm
-
cryptostorm_dev
- ForumHelper
- Posts: 19
- Joined: Wed Jan 23, 2013 5:31 am
Re: Torguard "stealthvpn" vs cryptostorm
So I'm obviously missing something here.
Where's the "stealth?" Is it just because it's on port 443?
Here's their "standard" (non-stealth) config:
Where's the "stealth?" Is it just because it's on port 443?
Here's their "standard" (non-stealth) config:
client
dev tun1
proto udp
remote au.torguardvpnaccess.com 443
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca [inline]
fast-io
cipher AES-256-CBC
auth-user-pass
ping-restart 0
comp-lzo
verb 3
float
-
marzametal
- Posts: 442
- Joined: Mon Aug 05, 2013 11:39 am
Re: Torguard "stealthvpn" vs cryptostorm
Nothing exciting about it...
-
DesuStrike
- ForumHelper
- Posts: 288
- Joined: Thu Oct 24, 2013 2:37 pm
Re: Torguard "stealthvpn" vs cryptostorm
My guess is that the "stealth" config is "stealthy" because it chooses randomly from 4 exit nodes thus changing your visible IP around a bit. It's very far fetched to call such a thing "stealthy" but that never hindered anybody of those money grabbing wannabe VPNs from talking marketing bs all day long.
home is where the artillery hits
Re: Torguard "stealthvpn" vs cryptostorm
@thread
I have to agree with Desu - I think you can substitute "stealth" for "logistically hard to block"; I certainly don't think this is anything like the Obfsproxy work conducted by the Tor project.
I have to agree with Desu - I think you can substitute "stealth" for "logistically hard to block"; I certainly don't think this is anything like the Obfsproxy work conducted by the Tor project.
This will sound like a dumb question but I'll ask it anyway: between two secure network sockets (client & server) where the payload of the IP packets is encrypted, apart from the port number how would a sniffer tell the difference between (for example) HTTPS and IMAPS?We first deployed HTTPS-flavoured spoofing back in 2008, so it's a topic we're worked on for a little while already. Good to see others coming on board, now.