Torguard "stealthvpn" vs cryptostorm

Encouraging best practices in the VPN industry via independent, community-certified verification of clean installers and clean basic service operations. Let's reward the good, and make the bad a little bit less tempting 〰 github repo#cleanVPN
Guest

Torguard "stealthvpn" vs cryptostorm

Post by Guest » Thu Oct 24, 2013 1:57 am

would stealth vpn style like torguard uses, where they disquise traffic as http traffic benefit cryptostorm users any? or is it a useless effort?

cryptostorm_team

Re: Torguard "stealthvpn" vs cryptostorm

Post by cryptostorm_team » Thu Oct 24, 2013 3:10 am

Guest wrote:would stealth vpn style like torguard uses, where they disquise traffic as http traffic benefit cryptostorm users any? or is it a useless effort?
Excellent question, excellent subject for discussion.

We first deployed HTTPS-flavoured spoofing back in 2008, so it's a topic we're worked on for a little while already. Good to see others coming on board, now.

Do you perhaps have access to some pcaps from a "stealth vpn" session? Full packet data - including payload (encrypted, of course) - is ideal, but even just headers would be helpful. We prefer to come at these kinds of things with verifiable data on hand, versus making assumptions.

Thanks for bringing forth a great area of conversation - one that can benefit from much more work, in the future, as well...
  • ~ cryptostorm_team

cryptostorm_dev

Re: Torguard "stealthvpn" vs cryptostorm

Post by cryptostorm_dev » Tue Dec 09, 2014 4:17 pm

So I'm obviously missing something here.

Where's the "stealth?" Is it just because it's on port 443?

Here's their "standard" (non-stealth) config:
client
dev tun1
proto udp
remote au.torguardvpnaccess.com 443
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca [inline]
fast-io
cipher AES-256-CBC
auth-user-pass
ping-restart 0
comp-lzo
verb 3
float

User avatar
marzametal
Posts: 434
Joined: Mon Aug 05, 2013 11:39 am

Re: Torguard "stealthvpn" vs cryptostorm

Post by marzametal » Wed Dec 10, 2014 4:59 am

Nothing exciting about it...

User avatar
DesuStrike
Posts: 288
Joined: Thu Oct 24, 2013 2:37 pm

Re: Torguard "stealthvpn" vs cryptostorm

Post by DesuStrike » Wed Dec 10, 2014 5:59 am

My guess is that the "stealth" config is "stealthy" because it chooses randomly from 4 exit nodes thus changing your visible IP around a bit. It's very far fetched to call such a thing "stealthy" but that never hindered anybody of those money grabbing wannabe VPNs from talking marketing bs all day long.
home is where the artillery hits

User avatar
parityboy
Site Admin
Posts: 1262
Joined: Wed Feb 05, 2014 3:47 am

Re: Torguard "stealthvpn" vs cryptostorm

Post by parityboy » Wed Dec 10, 2014 9:37 pm

@thread

I have to agree with Desu - I think you can substitute "stealth" for "logistically hard to block"; I certainly don't think this is anything like the Obfsproxy work conducted by the Tor project.
We first deployed HTTPS-flavoured spoofing back in 2008, so it's a topic we're worked on for a little while already. Good to see others coming on board, now.
This will sound like a dumb question but I'll ask it anyway: between two secure network sockets (client & server) where the payload of the IP packets is encrypted, apart from the port number how would a sniffer tell the difference between (for example) HTTPS and IMAPS?

Locked