Wednesday, July 31, 2013

What is OpenVPN

OpenVPN (open source virtual private network) is an open source virtual private network (VPN) product that offers a simplified security framework, a modular network design and cross-platform portability. OpenVPN is licensed under the GNU General Public License (GPL). It includes several techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses SSL/TLS security for encryption and is capable of traversing network address translators (NATs) and firewalls. It was published under the GNU General Public License (GPL).
OpenVPN allows peers to authenticate each other using a pre-shared secret key, certificates, or username/password. When used in a multiclient-server configuration, it allows the server to release an authentication certificate for every client, using signature and Certificate authority. It uses the OpenSSL encryption library extensively, as well as the SSLv3/TLSv1 protocol, and contains many security and control features. It is sometimes used by computer gamers as a way of accessing LAN games over the internet.

Encryption: OpenVPN uses the OpenSSL library to provide encryption. OpenSSL supports a number of different cryptographic algorithms such as 3DES, AES, RC5, Blowfish. 128 bit Blowfish encryption with a A 1024 bit key will be used for encryption, while 256bit encryption is used for the control channel (password, authentication, etc.)
Ports used: OpenVPN can be easily configured to run on any port using either UDP or TCP. To easily bypass restrictive firewalls, OpenVPN can be configured to use TCP on port 443 which is indistinguihasble from standard HTTP over SSL making it extremely difficult to block. For UDP we are using port 53. The OpenVPN management port is 13010.
Supported operating systems: Windows, Mac, Linux, iOS (?), DD-WRT

Advantages

  • Security provisions that function against both active and passive attacks.
  • Compatibility with all major operating systems.
  • High speed (1.4 megabytes per second is typical).
  • Ability to configure multiple servers to handle numerous connections simultaneously.
  • All encryption and authentication features of the OpenSSL library.
  • Advanced bandwidth management.
  • A variety of tunneling options.
  • Compatibility with smart cards that support the Windows Crypto application program interface (API).

Comparison to other protocols

Personal experiences may differ, so bare with me if you have a different opinion. You can discuss your speed experiences with and without VPN in the HMA Forums (http://forum.hidemyass.com).
Several people agree that OpenVPN is faster than PPTP as protocol for VPN connections. Of course this depends on many other factors and can thereby be different on every computer, internet connection and network.
It's also safer than PPTP and has a high compatibility; it's supported by numerous operating systems and devices.

What is PPTP VPN?

The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
The PPTP specification does not describe encryption or authentication features and relies on the PPP protocol being tunneled to implement security functionality. However the most common PPTP implementation, shipping with the Microsoft Windows product families, implements various levels of authentication and encryption natively as standard features of the Windows PPTP stack. The intended use of this protocol is to provide similar levels of security and remote access as typical VPN products.
Encryption: The PPP payload is encrypted using Microsoft's Point-to-Point Encryption protocol (MPPE). MPPE implements the RSA RC4 encryption algorithm with a maximum of 128 bit session keys.
Ports used: PPTP uses TCP port 1723 and GRE (Protocol 47). PPTP can be easily blocked by restricting the GRE protocol.
Supported operating systems: Windows, Mac, Linux, iOS, Android, DD-WRT
Also supported: OpenWRT, Tomato, Mikrotik, DrayTek, BoxeeBox, Touchpad...


Comparison to other VPN protocols

PPTP often seems to be slower than OpenVPN and it's security is mainly estimated to be lower than with other protocols. However, the feeling of speed is subjective; there are many factors that determine the connection speed, like network, ISP, ethernet adapter, operating system, etc. If you're having speed issues, check this page: Speed

For a comparison between the VPN protocols OpenVPN, PPTP and L2TP please refer to the article: VPN protocol comparison

Guides for setting up PPTP-connections

More PPTP guides, L2TP and OpenVPN instructions and tutorials for other operating systems and devices can be found @ Connection Instructions


Troubleshooting


Windows
If you're unable to connect via PPTP protocol with our HMA Pro VPN client, the first thing you should do is to uninstall our client, reboot your computer and reinstall our client. This will revert all settings back to default and often solves the problem.
If the problem remains, or if you're using a manual PPTP connection (WinXP: newmastervpn.blogspot.com/2013/04/how-to-create-pptp-connection-on.html - Win Vista / 7: http://vpn.hidemyass.com/vpncontrol/pptp/7.html), your problem may be caused by non-activated services.

This PPTP issue may occur if the following windows services are disabled:
• Telephony
• Remote Access Connection Manager
• Remote Access Auto Connection Manager

To resolve this issue, enable the disabled services, then start the services, and set them to automatic.
Either do it manually as described below, or let a batch script do it for you: startservices.bat

1. Click Start, right-click My Computer, and then click Manage.
2. Double-click Services and Applications, and then double-click Services.
3. Right-click Telephony, and then click Properties.
4. On the General tab, click Manual next to Startup type.
5. On the General tab, click Start under Service status, and then click OK.
6. Repeat steps 3 - 5 for the Remote Access Connection Manager service and for the Remote Access Auto Connection Manager service.

This applies to:
• Microsoft Windows XP Professional Edition
• Microsoft Windows XP Home Edition

With Windows Vista and Win7 configuring services may be a little different. In your start menu type in the search field: "Component Services". Run it. Find "Services" and make sure you enable the services mentioned.

Java

What is Java?

Java Platform, Standard Edition or Java SE is a widely used platform for programming in the Java language. It is the Java Platform used to deploy portable applications for general use. In practical terms, Java SE consists of a virtual machine, which must be used to run Java programs, together with a set of libraries (or "packages") needed to allow the use of file systems, networks, graphical interfaces, and so on, from within those programs.

Why do I need Java?

There are lots of applications and websites that won't work unless you have Java installed, and more are created every day. Java is fast, secure, and reliable. From laptops to datacenters, game consoles to scientific supercomputers, cell phones to the Internet, Java is everywhere.
You need java for Javascripts, Java-Applets, .jar-files and many applications.

Why should I have the latest version?

The latest Java version contains important enhancements to improve performance, stability and security of the Java applications that run on your machine. Installing the latest update will ensure that your Java applications continue to run safely and efficiently.
You should regularly update Java for avoid bad things like getting hacked, computer crashes, instability, performance slowdown, etc. . If your computer is somewhat older and Java-applications take all system resources, an update may improve the performance of all java-based programs. Keep also in mind that running older versions of any software, and especially software like Java, is a security risk.

Where to get Java

You can download the latest version of Java for your computer at the official website:
http://www.java.com/en/download/index.jsp

Privacy & Java

When using proxies (IP:Port proxies or Webproxies), your real IP can be revealed by Java. This means, every website that uses Java can identify you online. You can test this @ IP-score.com.
To avoid this, you can disable Javascript either in your browser's settings (in case you're using IP:Port proxies).
Or disable Javascript in the settings of your webproxy (*[http://hidemyass.com/proxy @ "Advanced option")
disablejava.jpg

The same goes for Flash, Silverlight, Windows Media Player and several other plugins/add-ons. They all might reveal your real identity. The reason for this is that a usual proxy works only within your browser; but plugins and add-ons work like independent applications, so your proxy may get ignored by them. Note: This can happen only with webproxies and IP:Port proxies. When using HMA's Pro VPN service, your real IP will be safe in these cases.

Microsoft Silverlight - MasterVPN

What is "Silverlight"?

Microsoft Silverlight is an application framework for writing and running browser plug-ins or other rich internet applications, with features and purposes similar to those of Adobe Flash. The run-time environment for Silverlight is available as a plug-in for most web browsers. While early versions of Silverlight focused on streaming media, current versions support multimedia, graphics and animation, and give developers support for CLI languages and development tools.

Do I need Silverlight?

No, at least not yet. Microsoft would like to replace Adobe Flash with it's "Silverlight"… but that's unlikely.
There are only a few websites that use Silverlight; You won't miss something in the web when not having it installed.
Silverlight gets also installed by using Windows-Update.

Silverlight & Privacy

Similar to Flash, Java and other plugins, Silverlight may also be a security risk. It can reveal your real IP-address when using a proxy service (IP:Port proxy or web-proxy). The reason for this is that a usual proxy works only within your browser; but plugins and add-ons work like independent applications, so your proxy may get ignored by them. Better turn off plugins/addons that you don't really need.

Silverlight official Website: http://www.silverlight.net/

What is Webproxy

Definition

Many services in the Internet (www, e-mail and news) collect a lot of personal data without any obvious reason and use this data without informing the users. Using a web-proxy is a possibility to prevent this sort of data acquisition, while showing the visited websites its own IP instead of the users IP. This gives anonymity and privacy on a basic level.

A web-proxy basically just forwards the internet to your computer; It requests the internet pages you want, using it's own IP, then forwards them to your browser. It works completely different from an IP:Port proxy. There are well-known compatibility problems, with Flash, Java or other plugins and addons. A webproxy works only within your web-browser.

Difference Webproxy <> IP:Port proxy

The difference is mainly the functionality and compatibility; with a web-proxy you only can browse the web, navigate from here to there and maybe download a file. So it basically just forwards the web to your computer, giving you a different IP on the websites you visit. A web-proxy works only within your browser, and nowhere else. This limits the functionality, and results in compatibility problems, like when having issues with interactive Flash objects, Javascript or other plugins and add-ons. For example that you can't play a video or a Flash-game, or the navigation on some website won't work correct. This is where you reach the limits of a web-proxy.

An IP:Port proxy on the other hand offers the things you miss with a webproxy: You can use it for other applications than just your browser; every application that supports proxy use, like games, email clients, download managers is able to work behind an IP:Port proxy, giving you anonymity and security. You won't have problems with Flash, Java or with registering/logging in at websites. But: An IP:Port proxy (and also a webproxy) doesn't give you the security a VPN-service offers. Your real IP can be still be revealed. So go - get VPN now! :)

HideMyAss Web-proxy

webproxy.jpg
Use our free webproxy to surf anonymously online, hide your IP address, secure your internet connection, hide your internet history, and protect your online identity
  • With unencrypted web browsing every website you visit will be accessible by your internet service provider and anyone else spying on your network. Use our free web proxy to hide from people monitoring your HTTP web traffic.Hide from hackers and network spies:
  • SSL encryption for all websites: Some websites may not offer SSL (HTTPS://) and so your sensitive data (such as a site user/pass) is at risk of being stolen on an insecure network. Use our web proxy to add SSL to all websites you visit.
  • Anonymous Search: Use our free proxy to surf websites anonymously in complete privacy. Hide your IP address ('online fingerprint') and route your internet traffic through our anonymous proxy servers.
  • No software required: All you need is a web browser to use our free proxy, no third-party software is required to be downloaded.
  • Bypass internet restrictions: Certain websites may be blocked on your internet connection. Use our free web proxy to virtually reside on another network and bypass web blocks.
  • Hide your IP address: Your IP address is your 'online fingerprint'. Use our proxy to hide your true online identity and hide behind one of our anonymous IP's. You can also select which specific IP address and server you wish to hide behind, by clicking the 'advanced options' link.
  • No annoying advertisements or pop-ups: Unlike other free web proxies we do not have annoying obtrusive pop-ups or flashing advertisements plastered on every page you visit.
  • Works with popular video sites: Popular video streaming websites such as YouTube.com work behind our web proxy.
Link: http://hidemyass.com/vpn/proxy


Using different servers and IPs for the Webproxy

If you want to let the webproxy use a different IP or server, you can easily do this by changing the URLs.
We have 7 servers for the webproxy. 
Access them by using this URLs:
Each server offers the use of different IPs.
Access them by changing the URL accordingly, e.g.:



Youtube, Facebook and Gmail proxy

otherproxies.png
To guarantee you the best compatibility, we're providing you extra web-proxies for YouTube, Facebook and GMail. This services require different proxy settings (concerning cookies, ActiveX and Flash), so follow these URLs if you want to use this services safe, fast and anonymously:
Link: YouTube proxy
Link: Facebook proxy
Link: Gmail proxy

Proxy - IP:Port proxy


proxy.png

Definition

A proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services. It is specified by his IP and a port (e.g. 241.12.132.78:8080), under which the proxy server is accessible. A client connects to the proxy server, then requests a connection, file, or other resource available on a different server. The proxy provides the resource either by connecting to the specified server or by serving it from a cache. In some cases, the proxy may alter the client's request or the server's response for various purposes.

Difference IP:Port proxy <> Web-Proxy

A IP:Port proxy works different from a webproxy - an IP:Port proxy works with all applications that support proxy-use, and that's a big plus compared to webproxies, which only work within your browser, and nowhere else. With IP:Port proxies you won't have the compatibility issues and limitations of a webproxy, like Java and Flash-issues on certain websites, or that you can't register or login at a website, or problems with captcha codes. IP:Port proxies can fully emulate add-ons and plugins like Java, Flash, Silverlight, etc.
A webproxy, on the other hand basically just forwards the internet to your browser, showing the websites you visit through it a different IP. Nothing more.
See the article "Webproxy" for more info's web-proxies.

What is flash?

What is Flash?

Adobe Flash (formerly SmartSketch FutureSplash, FutureSplash Animator and Macromedia Flash) is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and cartoon serials. Flash manipulates vector and raster graphics to provide animation of text, drawings, and still images. It supports bidirectional streaming of audio and video, and it can capture user input via mouse, keyboard, microphone, and camera.

Why do I need Flash?

There are lots of applications and websites that won't work unless you have Flash installed, and more are created every day. Flash is fast, secure, and reliable. From laptops over cell phones to the Internet, Flash is everywhere. You need flash to see the web as it is, without Flash the web would still be text+logos. It brought real animation to a place that was very monotone.

Why should I have the latest version?

The latest Flash version contains important enhancements to improve performance, stability and security of the Flash applications that run on your machine. Installing the latest version will ensure that your Flash applications continue to run safely and efficiently. If your computer is somewhat older and Flash takes all system resources, an update may improve the performance of Flash. Keep also in mind that running older versions of any software, and especially software like Flash, is a security risk.
You should regularly update Flash for avoid bad things like getting hacked, computer crashes, instability, performance slowdown, etc.

Where to get Flash

You can download the latest version of Flash and Shockwave for your computer at the official website:
get_adobe_flash_player.png get_adobe_shockwave_player.png

Privacy & Flash

When using proxies (IP:Port proxies or Webproxies), your real IP can be revealed by Flash. This means, every website that uses Flash can identify you online. You can test this @ IP-score.com.
To avoid this, you can disable Flash either in your browser's settings (in case you're using IP:Port proxies).
Or disable Flash in the settings of your webproxy (*[http://www.hidemyass.com/proxy/ @ "Advanced option")
disableflash.jpg

The same goes for Java, Silverlight, Windows Media Player and several other plugins/add-ons. They all might reveal your real identity. The reason for this is that a usual proxy works only within your browser; but plugins and add-ons work like independent applications, so your proxy may get ignored by them.

Note: This can happen only with webproxies and IP:Port proxies. When using HMA's Pro VPN service, your real IP will be safe in these cases.