VPN Recommendations for pfSense?

AmeerRizviOnline

Hi as relevant as your question is I'm still wondering why you would need a VPN for pfSense because it is a Firewall technology that is doing half the job the VPN would do. If you do need one anyway that is based outside USA and takes no logs, I have been reviewing them for a long time now so here are the best ones I can suggest:

1. PureVPN - based in Hong Kong
2. Boleh VPN - based in Iran
3. Ivacy VPN - based in Hong Kong

KOM

Since my last post, I spun up an OpenVPN instance on my VPS.  Works like a charm, and no logs.

Marvho

But it's still your server, so you are responsible for it.. Or am I wrong?

KOM

Of course I'm responsible for it.  However, I run a Tor Exit node on that VPS as well, so I have some plausible deniability.  At the end of the day, if I feel like stealing a movie I really don't give two shits about the MPAA.  What are they going to do, nibble my bum?

Derelict

ProXPN claims to keep no logs and I think you can pay in bitcoin.

firewalluser

@KOM:

Seriously, if you are worried about logs, don't go with any commercial VPN provider.  Rent your own VPS for $10-20/month and run your own VPN on it, as well as lots of other cool stuff.  All these VPN providers taht say they don't log… how do you know, and why would you take them at their word?  Run your own box and be done with the uncertainty.

Most VPS will come with a fixed ip, so it doesnt really matter too much what solution is used, beit VPS, Tor or a free Proxy service of sorts, logging will always take place at one or more points along the route.

This kind of explains the situation https://blog.torproject.org/blog/plaintext-over-tor-still-plaintext and when you consider things like Web browsers report back to Google, and all activity if running windows is reported back to MS, theres few ways to surf anonymously.

The problem with Tor, is that it doesnt add a variable delay to the traffic it routes, which is also a flaw with some Bitcoin tumblers incidentally, as you dont need to see whats encrypted as long as you can trace the encrypted data as it passes along nodes, until it reaches its destination. Even though traffic is encrypted, its possible to work out when data is encrypted and when its just an empty tube shielded by encryption, they have different patterns.

Even if using a VPS or Tor Exit nodes that exist in a hostile territory, its still possible to work out and spot identifying patterns which can be used to aggregate various online sessions together which will over time usually make it possible to identify who someone is, as we all leak data, even simple things like the time of posting can link someone to a timezone. Thats sums up some of the work of the NSA & other spooks.

willieaames

no logs…..US servers

I've tried Mullvad, NordVPN and Anonine. Mullvad should be fine because they don't want name, email. Nord sucks because I got disconnected every now and then. Moreover, they renew your account automatically. With Anonine my connection goes down virtually every hour! And they won't do a refund! This is almost theft. Don't ever subscribe to Nord or Anonine. Lokun looks promising since they are based in Iceland and they don't do advertising. But quite expensive. I use Ipvanish, I did some research a few month ago before all this nonsense for ways to get out of my corporate network, they seemed to come back the best for anonymity.

KOM

Thats sums up some of the work of the NSA & other spooks.

Nothing is perfect but you want to make it as hard as possible for them.  No free lunch for snoops.

n3by

here it is explained properly why not to use VPNs services from USA.

https://www.privacytools.io/

topherbeats

@n3by:

here it is explained properly why not to use VPNs services from USA.

https://www.privacytools.io/

Definitely plenty VPN providers around nowadays that are based outside of US jurisdiction and law.

Very relevant to this entire topic thread: I just wrote up this 10,000+ word "ultimate guide to privacy" – http://fried.com/privacy , and would really like feedback on it. I want it to be as useful and all-encompassing at is can be, so any feedback or suggested additions are hugely appreciated guys.

Chris

ash0400

This post is deleted!

AR15USR

In case no one has seen it…

WHICH VPN SERVICES TAKE YOUR ANONYMITY SERIOUSLY? 2016 EDITION

https://torrentfreak.com/vpn-anonymous-review-160220/

jpvonhemel

AirVPN

pamelabrya.nt4.5.4

I like Cyberghost

KOM

I've said it here before, but I like running my own VPS so that I can implement OpenVPN on it and then I am SURE that no logs are being stored.  You can rent some VPSes for like $5/month.  A few of those around the world and you have your own VPN network chain with multiple PoPs.

As for that VPN Privacy survey dealie, I don't really trust the entity to accurately report on itself.  "Do you keep logs?"  "NO WAY MAN!!!"  Except that they do, and you can't prove it, and there is no penalty for them lying to you.  That is why I refuse to rely on a 3rd-party service for privacy.  Granted I don't really care too much about logging.  I'm not hacking the Pentagon, and the RIAA/MPAA can kiss my shiny metal ass since I'm not in the US.

guardian

My vote goes to Private Internet Access - their "no logs" was tested with a court order (look on torrentfreak.com you should be able to find the article.)  Service is reliable based on my experience and can't beat the price.

Renting your own box is a pretty bad idea since anything in or out of it will be traced back to you very easily.

If you need more security then you should likely nest VPNs.

KOM

Renting your own box is a pretty bad idea since anything in or out of it will be traced back to you very easily.

How so?  They would either have to have direct control over my box, or be in a position to monitor the traffic coming and going from my host.  If they're already at that point, you're screwed anyway.  I didn't mention that I'm also a Tor exit node, so I have a shit-ton of random traffic flying around at a sustained 10 Mb/s.

guardian

@KOM:

Renting your own box is a pretty bad idea since anything in or out of it will be traced back to you very easily.

How so?  They would either have to have direct control over my box, or be in a position to monitor the traffic coming and going from my host.  If they're already at that point, you're screwed anyway.  I didn't mention that I'm also a Tor exit node, so I have a shit-ton of random traffic flying around at a sustained 10 Mb/s.

Being a Tor Exit point may give you "plausible deniability" and help you "hide in a crowd", but if your remote host IP becomes the subject of interest - all they have to do is "ask" the entity renting the host, and that exit IP is directly traceable to you.  If it comes from VPNx, then they have to "ask" VPNx, and if they don't have logs, then VPNx can say "no idea, we don't log".

KOM

They can say I rent the box, but they have no insight into what's going on there.  There is so much traffic that, like you said, there is plausible deniability.  I still have zero trust in any VPN service that claims to not log.  Given time, there will be laws in all countries that force VPN companies to log all traffic in the name of "national security".

guardian

If it goes though the US, then it's likely all being vacuumed up and stored on a hard drive far for analysis anyway.  ;-)