What VPN does /G/ use?
Openvpn with aes-256-cbc cipher, 4096b RSA key authentication, a non standard port and LZO data compression.
1 server at home and 1 on my mail VPS. That lets me only open ssh, smtp submission and imap ports on the VPS to my home IP and anyone on the VPN tunnel interface and still be able to access it from anywhere.
none
My country isn't cucked enough to require a vpn for basic internet browsing and torrenting
...for now
>>55613610
Your country has no public wifi hotspots?
What's a vpn?
>>55613629
Are you joking or do you actually not know?
>>55613626
>using public wi-fi
Just use your phone or make a hotspot from your phone's unlimited data.
>>55613610
Kids know fucking shit.
>proof
>>55613629
viral porn name
Betternet
Always free ^ω^
>>55612653
Who or what is /G/?
I only torrent games and the occasional album. I don't leave my client running 24/7 downloading every piece of shit movie that comes out like all the dipshits who get warning letters from their ISPs.
>>55613581
This. OpenVPN masterrace.
mullvad
>>55616432 Shadowsocks is faster, cant be blocked by dpi and works much better on poor wifi/4g connections.
>>55613581
>a non standard port
what's the point?
I have a friend in Lithuania who has a VPN for me to use on his Synology server
It's free and more reliable than a company
>>55613581
>Openvpn with aes-256-cbc cipher
Enjoy your massive crypto overhead and slowdown for minimal security gain over aes-128
>b-but more == better!
Nope. https://security.stackexchange.com/questions/14068/why-most-people-use-256-bit-encryption-instead-of-128-bit
The one I selfhost on a VPS.
>>55616570
If someone has a 0-day for OpenVPN, they're less likely to find out that it's there.
>>55618577
I'm not some commercial VPN provider who has to worry about efficiency. The VPS only has to run Postfix, Dovecot and OpenVPN with me being the only user. CPU usage hovers below 5%.
>>55618577
>https://security.stackexchange.com/questions/14068/why-most-people-use-256-bit-encryption-instead-of-128-bit
But it is more secure, only slower. Depends on your priority, also cpu's are cheap.
>>55618907
What's the point? Vps can be traced to you. Unless you're according government censors, that's pointless. May as well stay on your own ip
>>55618577
>Enjoy your massive crypto overhead and slowdown for minimal security gain over aes-128
AES-256 is just as fast as AES-128 on modern CPUs with AES-NI support.
>>55619140
is it worth sacrificing possibly having that port blocked for?
>>55619246
With a commercial VPN it's clear to people between you and it that you're using a VPN and the VPN's IPs are likely to be blocked by services either because of abuse by other users or because they aren't allowed to provide services to people concealing their location.
>>55619291
By who?
>>55619454
public access points
>>55619637
Why would they block it?
What makes it more likely to get blocked than the standard port?
>>55619905
I should probably add that it's in the dynamically allocated range.
>>55619905
lots of APs in airports and such block everything but 80 and 443.
>>55620003
Well, they're not gonna have the standard 1194 open anwyway, are they?
Although now that you mention it, moving it to 443 might be a good idea.
>>55620131
>>55620003
OpenVPN over TCP can share port 443 with a web server. When someone accesses it with a browser they get the normal website.
Search for OpenVPN+port+sharing
>>55612653
My own SSH tunnel with RSA key-based authentication. Don't want my university knowing what sites I go to.
>>55612653
>tfw no stalker 2
>>55618383
>>55620473
>brown
Nasty
>>55620249 OpenVPN could be easily blocked on any port.
http://www.ntop.org/products/deep-packet-inspection/ndpi/
>>55612653 Go-vpn
>It uses fast strong passphrase authenticated key agreement protocol with augmented zero-knowledge mutual peers authentication (PAKE DH A-EKE). Encrypted, authenticated data transport that hides message's length and timestamps. Optional encryptionless mode, that still preserves data confidentiality. Perfect forward secrecy property. Resistance to: offline dictionary attacks, replay attacks, client's passphrases compromising and dictionary attacks on the server side. Built-in heartbeating, rehandshaking, real-time statistics. Ability to work through UDP, TCP and HTTP proxies. IPv4/IPv6-compatibility. GNU/Linux and FreeBSD support.
>>55612653
I started using the free VPN included in Opera's Developer edition. But now I discover that they are actively blocking my favorite download sites.