Have recently seen people working from their own home, router and devices! This is a bit of a surprise, I have heard this to be unsafe and as a way of asking to get caught. Is this sheer stupidity or is there a way to completely cover your tracks? How does one keep their router clean? Yes, I understand people buying time, however this does not seem to be the case. Would like to hear your perspectives on driving from home, I dont see it being the best idea but as they say, change my mind.
Working from home?! Safe or stupid?
- Thread starter Cardemis
- Start date
Complete anonymity: we protect your home router
Even network routers can start to gossip, especially if you haven't changed the default configuration. We will show you how to set up your router in the best way.
How to access the network via DNS, how to set up a permanently encrypted connection to the Internet, how to protect your home router - and some more useful tips you will find in our article.
Changing the Router Name and SSID
Most protect their networks with a password, but only one in five changes the SSID
To prevent your identity from being tracked by the router configuration, you must turn off the web services of your device to the maximum and change the default SSID. We will show you how to do this using Zyxel as an example. The principle of operation is similar with other routers.
Building DNS protection
First, change the SSID of your router (1). Then, in the DNS settings, specify the Quad9 (2) server. All connected clients are now safe
Your router must also be using an alternate DNS server such as Quad9. Advantage: if this service is configured directly on the router, all clients connected to it will automatically access the Internet through this server. We will explain the configuration again using the Zyxel example.
Configuring Permanent VPN Redirection
You can achieve even more anonymity with a permanent VPN connection. In this case, you no longer have to worry about organizing such a connection on each separate device - each client connected to the router will automatically access the Network through a secure VPN connection. However, for this purpose, you will need an alternative DD-WRT firmware, which must be installed on the router instead of the manufacturer's firmware. This software is compatible with most routers.
For example, the Netgear Nighthawk X10 premium router has DD-WRT support. However, you can use an inexpensive router such as TP-Link TL-WR940N as a Wi-Fi access point. After choosing a router, you need to decide which VPN service you prefer. In our case, we settled on the free version of ProtonVPN.
Installing alternative firmware
After installing DD-WRT, change the DNS server of the device before configuring the VPN connection
We will explain the installation using the Netgear router as an example, but the process is similar for other models. Download DD-WRT Firmware and install it using the update function. After rebooting, you will find yourself in the DD-WRT interface. You can translate the program into Russian by choosing “Administration | Management | Language "option".
Virtual private network (VPN) configuration
Launch OpenVPN Client (1) in DD-WRT. After entering the access data in the "Status" menu, you can check whether the tunnel has been built for data protection (2)
Actually, to configure VPN, you need to change the ProtonVPN parameters. The configuration is non-trivial, so follow the directions strictly. After you register on the ProtonVPN website, in your account settings, download the Ovpn file with the nodes you want to use. This file contains all the information you need to access. For other service providers, you will find this information elsewhere, but most often in your account.
Tips for your router
With a couple of simple tricks, you can turn your home router into a secure site. Before proceeding with the configuration, you must change the default configuration of the device.
Changing the SSID Do not leave the default name of the router. Using it, cybercriminals can draw conclusions about your device and conduct a targeted attack on the corresponding vulnerabilities.
DNS Protection Set the Quad9 DNS Server as default on the configuration page. After that, all connected clients will access the Network through secure DNS. It also saves you the hassle of manually configuring your devices.
Using a VPN Through the DD-WRT alternative firmware available for most router models, you will be able to build a VPN connection for all clients connected to this device. There is no need to configure clients separately. All information enters the Network in encrypted form. Web services will no longer be able to figure out your real IP address and location.
If you follow all the recommendations in this article, even data protection experts will not be able to find fault with your configurations, since you will achieve maximum anonymity.
Even network routers can start to gossip, especially if you haven't changed the default configuration. We will show you how to set up your router in the best way.
How to access the network via DNS, how to set up a permanently encrypted connection to the Internet, how to protect your home router - and some more useful tips you will find in our article.
Changing the Router Name and SSID
Most protect their networks with a password, but only one in five changes the SSID
To prevent your identity from being tracked by the router configuration, you must turn off the web services of your device to the maximum and change the default SSID. We will show you how to do this using Zyxel as an example. The principle of operation is similar with other routers.
- Open your router's configuration page in a browser. Users of Zyxel routers need to enter "my.keenetic.net" in the address bar to do this.
- Now you should enable the display of additional functions. To do this, click on the three dots in the upper right corner of the web interface and click on the radio button for the "Advanced View" option.
- Go to the menu “Wireless | Radio Network "and in the" Radio Network "section enter a new name for your network. Along with the name for the 2.4 GHz frequency, do not forget to change the name for the 5 GHz frequency. Specify any sequence of characters for the SSID.
- Then go to the menu “Internet | Permit Access ". Uncheck the box in front of the "Internet access via HTTPS enabled" and "Internet access to your storage media via FTP / FTPS enabled" options. Confirm the changes made.
Building DNS protection
First, change the SSID of your router (1). Then, in the DNS settings, specify the Quad9 (2) server. All connected clients are now safe
Your router must also be using an alternate DNS server such as Quad9. Advantage: if this service is configured directly on the router, all clients connected to it will automatically access the Internet through this server. We will explain the configuration again using the Zyxel example.
- As described in the previous section, in the section “Changing the name of the router and SSID”, go to the Zyxel configuration page and go to the “Wi-Fi network” section on the “Access point” tab. Here, check the "Hide SSID" checkpoint.
- Go to the DNS Servers tab and enable the DNS Server Address option. In the parameter line, enter the IP address "9.9.9.9".
Configuring Permanent VPN Redirection
You can achieve even more anonymity with a permanent VPN connection. In this case, you no longer have to worry about organizing such a connection on each separate device - each client connected to the router will automatically access the Network through a secure VPN connection. However, for this purpose, you will need an alternative DD-WRT firmware, which must be installed on the router instead of the manufacturer's firmware. This software is compatible with most routers.
For example, the Netgear Nighthawk X10 premium router has DD-WRT support. However, you can use an inexpensive router such as TP-Link TL-WR940N as a Wi-Fi access point. After choosing a router, you need to decide which VPN service you prefer. In our case, we settled on the free version of ProtonVPN.
Installing alternative firmware
After installing DD-WRT, change the DNS server of the device before configuring the VPN connection
We will explain the installation using the Netgear router as an example, but the process is similar for other models. Download DD-WRT Firmware and install it using the update function. After rebooting, you will find yourself in the DD-WRT interface. You can translate the program into Russian by choosing “Administration | Management | Language "option".
- Go to “Setup | Basic setup "and for the parameter" Static DNS 1 "write the value" 9.9.9.9 ".
- Also check the boxes in front of the following options “Use DNSMasq for DHCP”, “Use DNSMasq for DNS” and “DHCP-Authoritative”. Save the changes by clicking on the "Save" button.
- In the section “Setup | IPV6 "disable" IPV6 Support ". This will prevent deanonymization through IPV6 leaks.
Virtual private network (VPN) configuration
Launch OpenVPN Client (1) in DD-WRT. After entering the access data in the "Status" menu, you can check whether the tunnel has been built for data protection (2)
Actually, to configure VPN, you need to change the ProtonVPN parameters. The configuration is non-trivial, so follow the directions strictly. After you register on the ProtonVPN website, in your account settings, download the Ovpn file with the nodes you want to use. This file contains all the information you need to access. For other service providers, you will find this information elsewhere, but most often in your account.
- Open the Ovpn file in a text editor. Then, on the router's configuration page, click on Services | VPN "and on this tab activate the" OpenVPN Client "option with the switch. For available options, fill in the information from the Ovpn file. For a free server in Holland, for example, use the value “nlfree-02.protonvpn.com” in the “Server IP / Name” line, and specify “1194” as the port.
- Set "Tunnel Device" to "TUN" and "Encryption Cipher" to "AES-256 CBC".
- Set the Hash Algorithm to SHA512, enable User Pass Authentication and enter your Proton login information in the User and Password fields.
- Now it's time to tackle the Advanced Options section. Set TLS Cypher to None, LZO Compression to Yes. Activate "NAT" and "Firewall Protection" and specify "1500" for "Tunnel MTU settings". "TCP-MSS" must be disabled.
- In the "TLS Auth Key" field, copy the values from the Ovpn file, which you will find under the line "BEGIN OpenVPN Static key V1".
- In the "Additional Configuration" field, enter the lines you find under "Server Name".
- Finally, for "CA Cert", paste the text you see on the "BEGIN Certificate" line. Save the settings by clicking on the "Save" button and start the installation by clicking on "Apply Settings". After rebooting, your router will be linked to the VPN. For reliability, check the connection through “Status | OpenVPN ".
Tips for your router
With a couple of simple tricks, you can turn your home router into a secure site. Before proceeding with the configuration, you must change the default configuration of the device.
Changing the SSID Do not leave the default name of the router. Using it, cybercriminals can draw conclusions about your device and conduct a targeted attack on the corresponding vulnerabilities.
DNS Protection Set the Quad9 DNS Server as default on the configuration page. After that, all connected clients will access the Network through secure DNS. It also saves you the hassle of manually configuring your devices.
Using a VPN Through the DD-WRT alternative firmware available for most router models, you will be able to build a VPN connection for all clients connected to this device. There is no need to configure clients separately. All information enters the Network in encrypted form. Web services will no longer be able to figure out your real IP address and location.
If you follow all the recommendations in this article, even data protection experts will not be able to find fault with your configurations, since you will achieve maximum anonymity.
CarderPlanet
Professional
We create a router for anonymous surfing the Internet
Working in the shadows, first of all, means ensuring your own safety and anonymity, so I simply could not ignore this topic. Today I will tell you how to create a device with your own hands that will be useful almost every day and will allow you to ensure almost 100% anonymity. Even in unfamiliar networks.Content
1. What do you need?
2. Increasing anonymity
3. I will answer your questions in advance
What do you need?
Our entire assembly will consist of a laptop and a router. The laptop here performs the software role of a router, and the physical router itself is hardware that distributes the Internet via Wi-Fi or an Enternet cable.For example, I will take a regular Xiaomi nano router (it is small, it can be powered from USB and it distributes the Internet both via Wi-Fi and Ethernet cable).
Well, to connect, as I already wrote, you need an Enternet cable, which can be found in any computer store.
Increasing anonymity
Step 1: Standard actions for any router: Click Reset on the router itself to reset everything to factory settings. We connect via the default Wi-Fi network to the point and set the name and password of the Wi-Fi network.
Step 2: We connect the whole thing to (computer / laptop).
Step 3 (software part): Download the software that will distribute the anonymous Internet to our router - Double SSH Tunnel Manager
Step 4: Install Double SSH Tunnel Manager. The program will prompt you to install a virtual adapter, we agree. After that, in the list of adapters you will see something like the following:
Step 5: Uncheck these two adapters:
Step 6: Combine these 2 adapters into a bridge and configure this bridge by unchecking the boxes from IP4 and IP6:
Step 7: We are glad, because after connecting to the anonymous network, everything will be distributed through our router!
I will answer your questions in advance
What anonymous network can I connect?
-The simplest is to connect the TOR network, for this the manager must be connected to the Tor network and you need to point the slider down.
How to connect Socks5, SSH, Socks5 Back-connect, TorOnionSocks, LocalSocks5, ShadowSocks?
Can different chaining be used?
-You can connect Tor, Socks5, SSH, Socks5 Back-connect, LocalSocks5, ShadowSocks as the first connection, use ssh, socks5 as the second chain.
Can I use a VPN?
-Yes, you can. To do this, use the VPN monitor in the program, you will need to register the IP of your VPN there.
What WebRTC will be displayed on whoer.net and similar sites?
-Any browser out of the box will show the WebRTC of your Socks or SSH.
Does the site 2ip.ru/privacy/ determine the ping and say that it is a tunnel or a proxy?
-Some sites can identify you by the time delay, for example - 2ip.ru/privacy/ In order to avoid this, use the AntiPing function (it slows down your work, so do not forget to return the slider to its original position).
I made all the settings correctly, but after connecting it writes: "Unidentified network". What to do?
-You need to check all the settings again, then be sure to restart the OS.
Will the DNS program change on the host computer?
-No will not, DNS changes only for your router.
Click to rate this post!
(c) cryptoworld.su
Similar threads
