Your browser (Internet Explorer 6) is out of date. It has known security flaws and may not display all features of this and other websites. Learn how to update your browser.
X
Post

Proxy ARP Protocol

One of the most common requests that a router will get on a busy network are ARP requests.  They can easily overload hardware so it’s important to have facilities which can share the burden.  Proxy ARP allows a router to answer ARP requests on one of it’s networks for a host on another network.    This involves fooling the sender or the ARP request into believing that the router is the destination host where in fact the destination host is actually on another interface of the router.    The router is effectively acting as a proxy agent for the destination host relaying packets across adjacent networks.

One of the best ways to illustrate proxy ARP is by means of an example.  Imagine a system connected to ethernet networks.  They may look connected but in fact they’re not merely connected by a router operating on two different subnets.  The router will perform the hardware ARP requests across both of the networks which means that they will appear as a single entity.  You can even cross country borders and hide two networks for example a French and a UK proxy like this.

The router will perform complex calculations in order to determine which networks the datagrams need to be sent to.  At the core of the calculations are the network IDs which are essential in order to keep track of source and destinations of the network data.  The router will build up a large table of the various hardware addresses across all connected networks.  Then it can use this information to effectively route data through the most efficient interface like a fast VPN.

You can use various tools to troubleshoot both ARP and proxy ARP functions. One of the most useful is obviously the arp command which will list the various addresses stored in the table, use it with the -a switch for easy reference.  You can usually pick up the communications that will commonly take place when proxy ARP is being used fairly easily.

Other commands that are useful include the ifconfig command which can list IP addresses for ports and interfaces.  You can also reconcile hardware addresses, serial links and interface information using this command.  Effectively though you can understand proxy ARP by the simple fact that it tries to hide two physical networks from each other.   IN fact when it is configured correctly you can actually have a single network id to represent two distinct networks.

 

Post

EU Web Proxy for Grown Up Internet Laws

Many areas of the world are of course obsessed with making rules and legislation that cover the internet.  Unfortunately much of it seems to be focused in specific areas:

  1. Allowing large companies to make more money.
  2. Allowing large companies to buy, sell and trade personal data.
  3. Allowing Governments to access all your personal data.

There genuinely seems to be a bias, there seems little legislation which works the other way.  Nothing which protects privacy or makes using the internet safer and fairer for private individuals.   There’s a billion dollar industry set up simply on farming your personal data in order to sell you stuff or influence your political opinions.   The countries we usually look for a lead in democracy such as the USA and UK again seem set more on the above three areas.

Fortunately there are some options we can take, which are well worth exploring.  For example – what is a web proxy?  Until recently this would be a simple option to at least hide your web browsing history from being logged at your ISP.  Although this will work to some extent, there’s little point in looking for a free euro proxy for any real sense of privacy.   The reality is that if you use a web browser then unfortunately most of your browsing happens in clear text registered quite visibly against your ISP allocated IP address.  Which unfortunately means that you have virtually no chance of keeping your online activity private.

EU Web Proxy

It’s hardly surprising then, that people feel the need to use VPNs and proxies to take back a little bit more control and privacy online.   In facts it’s one of the only steps you can take to genuinely keep some of your online activities a little more secure. Yet even then there is an issue, these EU proxies and VPN servers have to reside somewhere so where is best to choose?

Use an EU Web Proxy

Well most of the major VPN services allow you to select which country you wish, so fortunately we do have a choice.    Of course, often this is controlled by other considerations such as geo-location – you want a BBC VPN then it’s going to have to be in the UK.  The same with lots of other media sites, pick the country that gives you the best access.  Speed and privacy are essential and you’ll unfortunately definitely need a paid service, alas there are no super fast proxy sites in existence anymore.

If you’re not restricted like this, then it’s sensible to look to the European Union.  Yep a EU Web proxy is likely to be the most secure and protected by decent and fair privacy laws.   In fact any of the best paid proxy server companies will have numerous servers available across the European Union and an extensive choice in their Eu proxy list.  What’s more some of the EU countries servers are more likely to be quicker and less populated than US and UK servers (although yes the UK is still in the UK at the moment, it does have poor privacy laws).

It’s of course tempting especially if privacy is your main aim, to look for a fast proxy server IP address in somewhere a bit more remote like Russia.  However this is not always a wise move,  you might think your data there is more secure yet corruption is rife there. That high speed proxy server which is supposed to be secure might be exactly the opposite if there’s a small bribe involved, don’t expect much help from Russian authorities either.

The EU does seem to be at least making an attempt to create a sensible digital market place which looks out for both sides.   For instance it is currently implementing some changes that stop European digital providers from blocking access based on their location.  So a German user cannot access their German Netflix account currently when they happen to be in another European country.

At the moment they too need to use a specific VPN in that country to do this.  Just like you do for the BBC, Netflix and most other media companies of any size – it does get complicated simply to watch the BBC abroad as you can see.  Perhaps the new legislation being implemented will stop this forcing digital providers to ensure access across the single market.  It is hoped that this will happen in 2018 and from then Netflix will no longer be able to block access across European borders, although they’ll probably still do this for the rest of the world.

Post

Hey How do I Hide My VPN Connection?

The problem with being a super sneaky ninja surfer and using a VPN is that anyone with a little IT knowledge and access to ISP logs can see that you are using one.   For the ordinary user, internet logs are a myriad of calls and get requests to hundreds of different web servers and IP addresses.  However if you’re using a VPN then it all get’s channeled through a single IP address, that of the VPN server.

Of course, it’s all encrypted and hidden so your actual web activity is hidden.  However signalling the fact that you’re using a VPN does kind of decrease the feeling of privacy somewhat.  So is there a way of becoming a little more discrete and hide VPN connection from various nosey people?   Well it depends on which VPN service you’re using but the most secure services have configuration options that enable to make the fact you’re using a VPN almost invisible too.

Here’s a video explaining the options in Identity Cloaker – entitled Hide my VPN, where you can see how to make VPN use invisible.

The key factor in hiding the use of a VPN or proxy is to make your browsing look similar to everyone else’s and that involves rotating your internet addresses that are used. If your connection simply uses a single IP address all the time it’s fairly easy to identity it’s a VPN or Proxy server being used. However if this IP addresses is rotated slightly then your connections will sink back into the shared anonymity of the logs.

Identity Cloaker also allows you to configure some applications to be encrypted and redirected whilst others operate as normally. For instance you can configure one browser like Firefox to be encrypted and routed through the VPN server, whilst Chrome operates like a normal insecure browser. You then switch to the secure browser when you want some privacy and to hide your browsing whilst everything else is normal. Activists use this technique to just switch to their secure browser when posting on social media or making controversial posts.

Post

Best VPN for Anonymity

Have you ever wondered what is the extent of your digital identity and if  you can control it?  Mostly people completely underestimate the scale of their digital imprint and imagine they have some control over it.  Firstly they imagine that if you delete or remove something about you online that it’s then gone, unfortunately that it is rarely the case.

best vpn for anonymity

The problem with this concept is that there’s rarely a single location where you can delete information.   If you send an email, it will transfer from your client through your ISP (Internet Service Provider) and then routed through a variety of shared hardware, servers, routers and switches until it reaches it’s destination.  At any point the data can be logged, recorded or copied so that email doesn’t only exist on the senders and recipients computers but potentially in many other places too.   Effectively you would have to delete every single copy wherever they may be.

It’s the same with anonymity, it’s reassuring to think that what you do on your computer is completely private but it’s simply untrue.   Most data sent from your computer shares some important properties which make anonymity online difficult –

  • It’s traceable back to your computer and location via your IP address.
  • Most of the data is in clear text and easily readable.
  • It’s transported via other people’s hardware.

In many ways using and communicating via the internet is like sending a postcard through the mail – everyone who comes across it can read it (and copy it if they so wished).   Understanding this makes at least possible to increase your level of privacy online.

There are of course a whole host of tools which can help reduce the risk however one of the most essential is to use a VPN (Virtual Private Network) or perhaps an EU based proxy. Although a VPN doesn’t guarantee complete anonymity it’s without doubt the biggest single step you can take to protect your data online.  So it makes sense to find and purchase the best VPN you can find but remember it does depend on your requirements, for example many don’t allow anonymous torrenting .

The crucial protections that a VPN gives you are many, but these are probably the highlights:

  • Encrypts all your data being transmitted which means although it can still be intercepted, none of the content is readable.
  • Stops your internet activity being logged at your ISP.  Without a VPN every website you visit, every file you download or video you watch is recorded and logged at your ISP.
  • Stops websites you visit from recording your address and location.

There are other areas you would need to protect of course to minimize your digital footprint but most are irrelevant unless you use something to protect the internet connection you use.  Make sure you use a VPN that is run by a company who take security seriously.

The best VPN for anonymity is one where security is paramount and under no account will they log any of your data, at  the moment the best legal protection comes from European privacy legislation  so it’s worth considering companies based there.  It’s tempting to pick a more obscure location, but if you start routing your connection through something like a Russian or Indian proxy make sure you know them well as there’s likely to be little legislation protecting your rights and their conduct.

Our recommendation for the most secure service and the best VPN for anonymity would be ..

Post

Community College in Los Angeles Pays Ransom

There’s little doubt that ransomware is becoming the hottest cyber crime at the moment.  The concept is quite old, yet the increasing reports of ransom payments being made suggests that the tactic is becoming much more effective.

The latest report comes from the US, where the Los Angeles Community College District has reportedly paid a ransom demand of $28000 to some crooks who had infected their network with ransomware.   The attack took place at the end of December, seemingly timed to coincide with the start of the new term.  We’ve not been told the type of ransomware but the attack followed a familiar pattern – an initial infection then spread using the internal network encrypting key files as it went.

They then received the demand, they were given one week to pay the ransom in order to access their files.  The college decided to pay for a variety of reasons.  Obviously the driving force was recovering their files, however the college also had invested in an insurance policy which covered these situations.  Cyber security experts and law enforcement agents advised that paying the ransom offered a good chance of recovering their data.  So the ransom was paid anroney but it is not an exorbitant amount.  The cost compared to the value of the data to the organisation is worth paying.  The cyber criminals have also learned that it is important to actually provide the decryption key when they are paid.  Earlier extortion attempts would simply disappear, which made paying the ransom of little benefit to organisations, by keeping their word more victims are taking the risk.

Of course, the crazy situation is that if organisations simply invested in a decent back up system and some sort of disaster recovery plan then this sort of attack would be ineffective.  It’s not hard to infect a poorly protected network, it only needs one avenue of attack – a clicked spear phishing email or infected memory stick left around and the ransomware can spread across the network.

The vast majority of organisations which are being targeted seem to be those who are potentially more vulnerable.   Hospitals and educational establishments often have large networks with many users.  They also often have under-resourced IT departments who don’t always follow security best practices.  It is easy to defeat this particular form of attack but it involves investing in IT infrastructure and the relevant staff until organisations start doing this instead of paying ransoms expect these attacks to escalate.

 

Post

The Return of US DNS Netflix

It’s been a few months now since Netflix instigated it’s comprehensive and extremely effective VPN and Smart DNS block.  Overnight literally millions of people found that they were blocked from accessing their Netflix version of choice as suddenly their VPN or US DNS Netflix solutions simply stopped working.  When they connected to Netflix by using one of these methods instead of being redirected to their selected version as soon as a movie or video was played – this was the message most users received:

US DNS Netflix

Most people used these solutions to access different versions of Netflix, generally the US, UK or Canadian versions simply because they are much bigger and better.  The US version of Netflix for example has thousands more movies and TV shows than some of the smaller countries have access to, despite the subscription cost being fairly standard across the world.  For expats or travellers this was even more inconvenient as their US Netflix subscription suddenly was inaccessible and they were redirected to whatever the local version happened to be.

It looked like the media giant had won and the internet had got a little bit smaller again.  However there is hope, we’ve already written on these pages about one residential VPN system which now works after some serious upgrade work.   Now there is a Smart DNS solution too, implemented by the company . .   I believe it is the only US DNS Netflix based system which currently works with Netflix and it works very well indeed.

Smart DNS systems are actually preferred by many users because they don’t require any software and you can install them on all sorts of devices.   They work by only redirecting part of your internet connection and only when you’re using a region blocking media site like Netflix.  Remember though they provide no real anonymity, so if that’s a requirement you’ll need a VPN.  All you need to do is to use the Unblock-US DNS servers instead of your normal ones.  They’ll work normally until you visit a website like Netflix at which point you’ll be redirected through a server in the country you have specified.

usdnsnetflix

Here’s the screen where you specify which country to be routed through.  In this example I’ve chosen Canada as Canadian Netflix has some great shows not available on any other Netflix regions, although I usually leave this set to US Netflix.  If you’ve changed your DNS settings, that’s all you need to do – simply specify which region you wish to use.  You can use this on virtually any device as long as you are able to access the DNS server settings – including phones, smart TVs, media streamers and games consoles. You can even assign these settings on devices which restrict access to the network settings like the Roku. However it can be a little trickier as you have to assign the DNS settings via a DHCP allocation if your router or access point supports that facility.

You still need a valid Netflix subscription of course, but it effectively gives you access to any version of Netflix instantly from anywhere in the world.

However don’t take my word for it, simply click here – . and try it for yourself.   Remember all you need to do is to change your DNS server address and select your Netflix Region and that’s it.