Alert: Don't Use Hotmail Email Accounts for registration

**aplok** · 10-07-2013, 09:36 PM

Re: Sniffing

Originally posted by debbe

the max I'll make a cs between 3-4 relatives and I think it is an exaggeration to use the vpn but probably I may be wrong ..

i aggree with you about the oversizeness of vpn for cs only

cs: ~ similar to ftps, ie crypted (for the content), clear (as always) for the ip address

the cam protocol scrambles the tcp packet payload

vpn is more a tunnel between 2 configured ip (ip0 and ip1), in wich different protocols transit
vpn is prefered to scramble with one key different protocols

**gianni253** · 10-08-2013, 08:11 AM

Re: Sniffing

If you want to be safe, vpn is a wise choice, even for only one client.
OpenVpn is a tiny and clean implementation that will add an irrelevant delay to your network, with no additional hardware required.
It differs from https or ftps because these two protocols can be identified by ports used, by tcp headers and because they use exclusively tcp protocol.
On the contrary, vpn can also use udp protocol, ports are usually arbitrary, and it appears from outside as an obscure encrypted payload.
Not to forget that vpn can be multipoint, i.e. one server to many clients, and you can decide if clients can communicate each other or be isolated.

**aplok** · 10-08-2013, 08:49 AM

Re: Sniffing

@gianni252 and al.

- i agree with this comment, as an argument for the trail vpn vs (https, ftps)

If you want to be safe, vpn is a wise choice, even for only one client.
ok

- for the issue cs vs vpn, just let me nuance this

OpenVpn is a tiny and clean implementation that will add an irrelevant delay to your network, with no additional hardware required.
... and requires a correct configuration on both ends, plus a key file for each client ...
cs: a correct configuration (of course), but no key file

It differs from https or ftps because these two protocols can be identified by ports used, by tcp headers and because they use exclusively tcp protocol.
On the contrary, vpn can also use udp protocol, ports are usually arbitrary, and it appears from outside as an obscure encrypted payload.
ok
cs: server ports are also arbitrary (cfr satlover ) and the payload is also encrypted

Not to forget that vpn can be multipoint, i.e. one server to many clients, and you can decide if clients can communicate each other or be isolated.
cs: idem

at the end, cs seems as vpn, but lighter as without openssl and key file management for each client (just for cs)

**debbe** · 10-08-2013, 08:19 PM

Re: Sniffing

hi, there is a small problem how i do to protect me if as client i use a dec*der as ariva that has not implemented enigma?

**aplok** · 10-08-2013, 08:57 PM

Re: Sniffing

@debbe

to protect against what ?

**debbe** · 10-08-2013, 09:38 PM

Re: Sniffing

Originally posted by aplok

@debbe

to protect against what ?

I tried to install openvpn but then I'm stuck because I understood that even the decoder client must have installed openvpn and therefore if I use a decoder low-level as I do?

**aplok** · 10-08-2013, 09:56 PM

Re: Sniffing

i would suggest to try to install a vpn between 2 pc (linux is better)
- and make it a success
- within a lan
- via the cloud

****** ubuntu openvpn installation
is a good starting point

anyway, it is a interesting learning challenge ...

**debbe** · 10-08-2013, 10:01 PM

Re: Sniffing

Originally posted by aplok

i would suggest to try to install a vpn between 2 pc (linux is better)
- and make it a success
- within a lan
- via the cloud

****** ubuntu openvpn installation
is a good starting point

anyway, it is a interesting learning challenge ...

mmm but if you can not install it on the decoder, the challenge is useless ..

**aplok** · 10-08-2013, 10:15 PM

Re: Sniffing

Originally posted by debbe

mmm but if you can not install it on the decoder, the challenge is useless ..

... if not applicable, it is useless
... but the knowledge is useful

and the challenge is a way to gain it

**debbe** · 10-09-2013, 10:54 AM

Re: Sniffing

I do not understand is possible or not?

**gianni253** · 10-09-2013, 02:01 PM

Re: Sniffing

Originally posted by debbe

I do not understand is possible or not?

Yes, it is possible .... but if your receiver (client) is a dm500 you need some free space in /var for openvpn package.
Of course, the same consideration applies to dm500 acting as vpn server.

@aplok
afaik, all cs protocols (ccc*am, newca*md etc. etc.) even if they use a some kind of encryption, can be easily identified and recognized by network tools and analyzers.
On the contrary, a vpn can be identified as such, but it is impossible to know what is flowing inside the tunnel.

**debbe** · 10-09-2013, 04:17 PM

Re: Sniffing

Originally posted by gianni253

Yes, it is possible .... but if your receiver (client) is a dm500 you need some free space in /var for openvpn package.
Of course, the same consideration applies to dm500 acting as vpn server.

@aplok
afaik, all cs protocols (ccc*am, newca*md etc. etc.) even if they use a some kind of encryption, can be easily identified and recognized by network tools and analyzers.
On the contrary, a vpn can be identified as such, but it is impossible to know what is flowing inside the tunnel.

hi... yes but if my decoder is a ariva without enigma as I do?

**aplok** · 10-09-2013, 05:45 PM

Re: Sniffing

Originally posted by gianni253

can be easily identified and recognized by network tools and analyzers.
On the contrary, a vpn can be identified as such, but it is impossible to know what is flowing inside the tunnel.

that is an interesting point of view:

if the content itself is not available,
try target detection from protocol

good point

**Ivymike** · 11-15-2013, 10:13 AM

Re: Sniffing

specifically ... it is possible that someone can identify who is doing sharing?

**foxy6800** · 11-15-2013, 10:55 AM

Re: Sniffing

Well, if that is the case ( ISP monitoring your traffic), people who use S K Y as their internet service provider would have no chance in CS.
I know few friends that have been using s k y as their ISP and been successfully CSing for a while without having any problem.
But it is always better safe than sorry

Welcome!

Alert: Don't Use Hotmail Email Accounts for registration

Sniffing

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment