Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 26

Thread: Setting up a VPN, Securing Computer?

  1. #11
    Join Date
    Jun 2011
    Location
    Arizona
    Beans
    23
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Setting up a VPN, Securing Computer?

    I'm not uber-experienced in the world of networking... I'm more of a OS guy than anything else. I do see your point though, in stating that it's essentially a stupid idea. I don't really know much about network security, so that's probably the source of my ignorance in this discussion. I have a firewall set up properly (I think), Tor+vidalia, and various other things like that as a safegaurd against casual hacking and tracing attempts, but I'm well aware that it would only slow down an experienced hacker and/or tyrannical Gov't snoop at best. In that vein and based on your combined recommendations, my goal is this: how can I better protect myself from a) tracing and traffic analysis b) hacking c) data theft/encryption cracking.

    And yeah, I'm a tinfoil hat-type guy. Hasn't anyone read the text of the Patriot Act or the TIA Act?

  2. #12
    Dangertux is offline Chocolate Ubuntu Mocha Blend
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,771
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Setting up a VPN, Securing Computer?

    Quote Originally Posted by Bryant.GhostInTheMachine View Post
    I'm not uber-experienced in the world of networking... I'm more of a OS guy than anything else. I do see your point though, in stating that it's essentially a stupid idea. I don't really know much about network security, so that's probably the source of my ignorance in this discussion. I have a firewall set up properly (I think), Tor+vidalia, and various other things like that as a safegaurd against casual hacking and tracing attempts, but I'm well aware that it would only slow down an experienced hacker and/or tyrannical Gov't snoop at best. In that vein and based on your combined recommendations, my goal is this: how can I better protect myself from a) tracing and traffic analysis b) hacking c) data theft/encryption cracking.

    And yeah, I'm a tinfoil hat-type guy. Hasn't anyone read the text of the Patriot Act or the TIA Act?
    First things first. Security and Privacy are not the same thing, though they are not mutually exclusive of eachother they are not necessarily inclusive either. It's best to separate the two.

    Example : The Great Wall of China was pretty secure, it wasn't particularly inconspicuous.

    Now let's look at your actual questions

    A -- This isn't easy, Tor is a decent way to maintain a shred of anonymity , though its not a catch all solution and isn't untraceable by any stretch of the imagination.

    B -- Learn to secure your system and network : http://ubuntuforums.org/showthread.php?t=510812

    *note : if you're using the non-malicious and correct definition for hacking why would you want to stop? It's a blast

    C -- See B.

    Hope this is helpful.

  3. #13
    Join Date
    Jun 2011
    Location
    Arizona
    Beans
    23
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Setting up a VPN, Securing Computer?

    I know it's been awhile since the last post, but I had another related query and figured I might as well post it here instead of starting a new thread. I have decided (after reading all your excellent and informative answers) on a final course of action, and I need assistance in going about it.

    I plan on creating a server out of an old laptop (gave the aforementioned Dell to my sister with Lubuntu on it) and setting it up to act as a firewall, proxy filter, and SSH tunnel for any devices that connect to it. That is, it acts as the network gateway for my LAN: all devices connected to the server have their incoming and outgoing internet traffic pass through the server's proxy, firewall, and packet sniffer, and are tunneled through SSH on their way to the internet. The server would also have to log all internet traffic passing through. I would also like it to fetch my emails from an online account and store them locally, so that they can then be downloaded to my regular computer with thunderbird. Finally, I would also like this server to be able to mask my ip and, (though I haven't the faintest idea how this would be possible) broadcast a fake identity in terms of ip address, location in the real world, and other such publicly identifiable information. Feel free to ignore this last option if there's no ready answer, it seems like it would be complicated beyond all my capabilities.

    Is it possible to set up a server with these capabilities and to perform these tasks? how would one go about setting up such a server if so? I know that this is kind of overboard for a civilian, but as I have pointed out, I AM paranoid...

  4. #14
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Setting up a VPN, Securing Computer?

    Possible, yes. Dovecot/Postfix come to mind for the mail thing, but I don't know how to configure them.

    Not sure for the other portions, but I think Squid/dans guardian can be set up as a proxy for web filtering.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  5. #15
    Dangertux is offline Chocolate Ubuntu Mocha Blend
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,771
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Setting up a VPN, Securing Computer?

    What Charles said. Also hiding your ip without using a proxy external to you and still being able to make an actual connection is not just difficult it's impossible. Perhaps consider leasing a VPN?

  6. #16
    Join Date
    Apr 2011
    Beans
    20

    Re: Setting up a VPN, Securing Computer?

    I admire your dedication to security, but honestly I think you may going tad overboard.

    If you are going to use a VPN, I would drop Tor. I use and love Tor, but I prefer using a VPN to connect to outside resource for security reasons. You don't know who your node is on Tor.

    Ultimately unless you control both points on the connection, you can't be sure of the packet integrity, but I could talk about this all day.

  7. #17
    Join Date
    Jun 2011
    Location
    Arizona
    Beans
    23
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Setting up a VPN, Securing Computer?

    I think I can configure the email server myself without a gigantic amount of trouble... a little googling should show me the path.

    As for the proxy, I would like to use a proxy that would shield my ip. Any ideas?

    And as for VPN... my earlier post was made in ignorance of what a VPN actually is. based on what I now know, the idea I had was to use VPN to let devices (such as my phone, comp, etc.) connect to my server securely. That way, traffic heading over a public wifi or cellular data network would be fairly secure until it reached my server. At that point, the traffic would then be sent through a proxy or system of proxies to shield my ip address and other traceable/identifiable data. Finally, it would be sent over Tor or a network tunnel to hide the traffic and it's origin. I know that Tor isn't all that secure in terms of data integrity because of the way it works, and I'm still not sure about what a network tunnel is, so I have no idea if that scheme would work. (Can anyone clarify what a tunnel is and whether it has any bearing on the above idea?)

    As for me going overboard... yeah, I agree with you. I'm doing it mostly as a challenge and for fun, but I really am concerned about my privacy and security. I don't trust the government any farther than I can punt the average politician, and the PATRIOT act scares the hell out of me... it's not that I'm doing anything illegal, it's just that they don't have the right to take away my digital freedoms without my consent (which, by the way, I will NEVER consent to.) So humor me on that count.

  8. #18
    Join Date
    Jul 2008
    Location
    Canada
    Beans
    1,947
    Distro
    Ubuntu Development Release

    Re: Setting up a VPN, Securing Computer?

    Quote Originally Posted by mattxhand View Post
    I admire your dedication to security, but honestly I think you may going tad overboard.

    If you are going to use a VPN, I would drop Tor. I use and love Tor, but I prefer using a VPN to connect to outside resource for security reasons. You don't know who your node is on Tor.

    Ultimately unless you control both points on the connection, you can't be sure of the packet integrity, but I could talk about this all day.
    +1 drop the Tor and use VPN for outside sites.
    UsingTheTerminal

    Smile today, cry tomorrow!
    ( Read this everyday )

  9. #19
    Join Date
    Jun 2011
    Location
    Arizona
    Beans
    23
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Setting up a VPN, Securing Computer?

    The basic idea I have is to set up a server. This server connects to a router, which in turn connects to the internet via a wireless bridge to my home network and cable modem. The server would have a set of proxies, a firewall, packet logger, and intrusion detection system residing on it.

    The server, then acts as a secure gateway to the internet by the following method: one connects to the server from any network over a VPN or similarly secure connection. From that point on, all internet traffic from the connected device is piped through the server's anonymizing proxies, firewall, etc. and then, scrubbed and masked, is allowed to head on to the public internet. Incoming traffic passes through the same process but in reverse and is then routed back to the device it came from.

    Is that a viable idea? I wasn't sure if I really explained it earlier... I tend to ramble more often than not

  10. #20
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,554
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Setting up a VPN, Securing Computer?

    The best way to attack this program is in layers. Total security is only done as a series of steps and if your a beginner, just take one step at a time. Its going to take months to tweak your system how you would like. The good part is that most Linux systems are fairly secure by default so at least its not like you are starting at ground zero.

    The easiest thing to start with is likely setting up an SSH server. You can then tunnel your remote http requests and DNS requests from your remote computer to your ssh server. This isnt an every application solution, but its a no brainer and quick, fast to setup, and fast to execute. Heck you can even accomplish it on a rooted android phone.

    The second layer would be establish a full fledged vpn (whereby not only http and dns lookups are tunneled), but every port is tunneled from client to server. I've only done this using openvpn, however there are other such methods. This too is a fairly straightforward process, and is both computer and phone compatible (if your running a rooted phone that contains a tun/tap driver -- most rooted kernels do!).

    Implicit in this discussion is the subject of firewalls -- iptables, or ufw. This is an entire subject to itself and takes many months to master. Its easy to get up and running initially, but a long time to tweak the system.

    On top of this, you could run port-knocker utilities, and selinux varietis (bodhi has a good tutorial on this), however these are very advanced concepts that you would be ready for if you've already done all the background work.

Page 2 of 3 FirstFirst 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •