I want to start running my own VPN and need noob-level advice for that.
For starters, being a basement user has the advantage I don't have to worry about electricty. Although in the future I would like to be as efficient as possible in order to have a dedicated computer for that. Or even better, a router that could work as VPN if such thing exists.
But back on topic. I need help configuring a basic OpenVPN server on my PC, allowing it to accept connections through the ISP router, and having a decent security to avoid anybody using that VPN against me.
With that, I could go with my laptop to a place I know every morning to work without temptations (like playing videogames or watching porn) The wifi of that place is a honeypot for crackers, many users, most of them unaware of how to protect themselves, and on top of all, said wifi has WEP encryption (although you just need to ask for its password and they give it to you freely) (Yeah, it's a place the local council runs and I guess they couldn't care less about their users' security)
Nicholas Thompson
>knock knock knock >FBI open up we have a warrant >BLAM >You are under arrest for distributing transexual interracial deep web child porn and drugs and guns and stolen credit card data.
B...but it wasnt me... i run a VPN!
>We don't know what that is son, but you are in a lot of trouble
This is your future OP
Enjoy prison.
Aaron Campbell
Firstly, it wouldn't be the FBI. Aside of that, tell me about the obvious exploit I'm not seeing
Tyler Phillips
Just get a router that has built-in OpenVPN capabilities.
Adrian Hughes
>please help me rtfm I'm a dumb shit that can't run man openvpn in the terminal
Levi Reed
Sorry
>Elo elo elo, plod 'ere >Put down your bangers ye cheeky sod >Your off to her magesty's pleasure you are
Jack Russell
tor + onioncat + iptables now gfto
Ethan Stewart
I don't think you know what you want, or why you want it, or what it will do for you...
Nothing about your post makes sense...
You want to connect to your home computer from a free council wifi and use it as a VPN?
Why?
Carter Ramirez
Because the chances anybody is using that public wifi to steal valuable information or doing MITM attacks is worrying.
Sebastian Perez
Also, to learn something interesting
Noah Ramirez
And even if I weren´t using that public wifi but another, I would like to improve the security of my internet connection from public places
Oliver Garcia
1) Whatever you do online, you leave tracks. >like what? Like your IP address, browser fingerprint, soon your (google patented invisible capcha) keyboard delay strokes and mouse movement, 3rd party cookies and obviously stuff you download and upload added up with logs.
2) Most terrorists / pedos need to hide themselves, encrypt their "data", hide their "data" and on top of it they have to look like normies to not attract suspicion (the automated bots searching for unusual behavior are real). >wait what, I need to do all of that? No, you don't in most cases. You most likely just want to avoid banned sites or avoid broken laws about copyright stuff like most normies do.
3) The basic of basic is to hide your "data" from your ISP (the guys you are paying to have internet access). In most places, ISP is watching what you do and in some "not free anymore" countries you get fines for certain behavior (like torrent). >how do I do that? By hiding your data, usually through any weak encryption you can get on top of VPN. Take note in UK there will be soon law prohibiting "hiding your data at all" aka VPNs. Yup, freedom isn't for free. I guess other states will follow once the gov will realize what VPN means.
4) Advanced law breaks require you to hide even from sites you use. This is where encryption doesn't work because the site you use already knows what you do there. So you have to leave "fake tracks" so they know the law was broken, but dont know who did it. The easiest (and unless whole gov is after you also sufficient) way is to spoof your IP. Also again by VPN.
>tldr VPN is used to hide your activities from your own ISP and to fake your real life location. You usually buy VPN in a country with more freedom than your current country (so for USA you can try Russia and vice versa for maximum effect :-) and pay small fee for it.
Andrew Morgan
I'm aware there are VPN you can pay to have more privacity. Still, they don't make me feel safer since I don't know anything about them, and they could behave like a MITM if they wanted to.
So, I only want a VPN to browse the web normally but away from home, without the inconvenient of MITM attacks, or any kind of attack, in public APs
TLDR I will behave like a normie using my own VPN, I just want to protect myself against everybody but the government. For the later, perhaps I would use TOR (even though I think it's not secure anymore)
Levi Stewart
I have my own OpenVPN server running on my raspi. It works great when I'm at work and want to work on my homelab, or i'm travelling connecting to unsecured hotspots it's nice knowing I have more security.
Just follow the hundreds of tutorials on how to set it up. Or just flash your router with DD-WRT mega or tomato with vpn.
Kayden Butler
Regarding the router, I still don't dare to change anything related with the firmware. In case I wanted a router with a VPN server feature I would buy it (but thank you for the suggestion)
About the raspberry, I'll have to check it. The closest thing I imagined to have a small PC running at all times would be a small PC made with discarded components I could buy in any PC workshop. I still would need to learn how to install a basic distro of Linux that allow me to run just the OpenVPN server and just basic utilities I would need, nothing else. It will save money on the electricity bill.
Thomas Brown
Seems like you may just need a way to encrypt your traffic while on an insecure network.
Consider tunneling your traffic through a ssh server at your home.
-set up ssh server -configure (complex password or private keys, change port #) -forward traffic through router to that port -you can use putty on windows to connect to your ssh server, and create a tunnel to forward traffic through
There are many tutorials on all of those key points.
I think a VPN would be overkill unless you want to access network resources on your home LAN remotely.
Jacob Walker
If it helps I have the first gen raspi running arch and openvpn only and I have yet to have any performance problems.
I can pull 2 mb/s at work off my home lan which is just limited to home upload speed.
Ayden Hernandez
one other caveat: with ssh you would have configure each application to use the tunnel.
important!
Dominic Thomas
Your ISP can function as an MITM too.
>VPN is used to hide your activities from your own ISP and to fake your real life location. Faking your real life location is more important, imo. So many sites are profiling people by IP now, it's scary.
Levi Powell
First VPNs aren't for hiding your activities from your ISP, it is used to connect safely to a private network. For example I want to work from anywhere I can use my VPN so I'm securely (encrypted) connected to my work server so people at the coffeeshop can't MITM my connection ( senstivite work data ) That's basically all you do in broad terms ; connecting to another server and shove all your data over that line and hopefully you can trust that place ( work environment usually yes ) but a random provider like those that you can buy "can" be even more dangerous then connecting on a free wifi. But a lot of those companies are shouting privacy and no log policy but there is no way for you to verify that.
Matthew Jenkins
>Still, they don't make me feel safer since I don't know anything about them, and they could behave like a MITM if they wanted to. alright then buy a $4 to $10 per year VPS , then install OpenVPN on that VPS now you can hide who you are, where you are, and what you're doing and you can trust the service because it is just like using your own computer added bonus, it's up and maintained 100% of the time so you don't need to keep your home computer running
Gabriel Cruz
Oh, I thought it was for privacy or something interesting like stopping GCHQ form spying on you.
Jace Cook
Come at me bro, you understand me
Nolan Adams
Do they allow you to install stuff on their servers?
Ryan Flores
you get root access with a VPS, you can do whatever you want there are usually only a couple of restrictions, often you can't send out mass mail and you can never utilize 100% cpu 24hrs a day (unless you pay more)
