How To: Mask Your IP Address and Remain Anonymous with OpenVPN for Linux

Mask Your IP Address and Remain Anonymous with OpenVPN for Linux

How to Mask Your IP Address and Remain Anonymous with OpenVPN for Linux

OpenVPN is the open-source VPN (Virtual Private Network) client, used over the PPTP (Point to Point Tunneling Protocol). It allows you to connect to a remote network over a secure, encrypted connection and mask your IP addresses over all ports. Since there is only one "hop," the network speeds are barely effected and are far more secure.

VPNs can protect you from an arsenal of threats. MITM attacks, packet sniffing, internet privacy, etc. They can be more beneficiary than a SSH in some circumstances.

I created a VPN tutorial for Windows previously, but in this Null Byte I want to help the Linux and Unix users who would like to use OpenVPN, but can't due to the overly complicated setup and configuration.

I will be teaching you this under BackTrack 5.

Requirements

  • A Unix-based OS
  • Root privileges

Let's get started. We will be learning OpenVPN's configuration and setup via the following video guide. The commands in the video are listed directly below it.

Commands

  1. su
  2. mkdir vpncfg
  3. cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* vpncfg/
  4. cd vpncfg/
  5. vim vars
  6. Replace necessary fields in the file.
  7. source vars
  8. ./clean-all
  9. ./build-ca
  10. ./build-key-server nullbytez
  11. Sign the certificate.
  12. ./build-key <name>
  13. ./build-dh
  14. mkdir ~/yourkeys
  15. cd keys/
  16. cp -v ca.crt <name>.{crt,key} ~/yourkeys/
  17. cp -v dh1024.pem nullbytez.{key,crt} ca.crt
  18. echo "1" > /proc/sys/net/ipv4/ip_forward
  19. iptables -t nat -A POSTROUTING -s 10.0.69.0/24 -o eth0 -j MASQUERADE -v
  20. vim /etc/openvpn/openvpn.conf
  21. <watch video>
  22. openvpn client.conf

After completing all of the steps outlined in the video and in the above commands, you should be connected to the VPN with all connections encrypted. If you need help with some of the commands in the video, or just want to hang out, come say hello in the Null Byte IRC!

Photo by Ars Technica

22 Comments

I love the V for Vendetta mask! Nice article too

Ive noticed you've been publishing a lot of hacking-relevant articles, you wouldn't happen to have hacked anything we'd know about would you?

I've never hacked anything besides code :p I define a "hack" as something new, and I really don't bring much new to the table. I'm good at what I do, I just wont call myself a "hacker" until someone with sthe hacker status calls me one ^_^.

BT5 codename revolution "Oooh, you hacker!"

Hahaha, anyone who seriously uses BackTrack needs to not use computers altogether.

VPN's worry me! All of them log your IP and all of them will hand over your details to LE. Just look at that recent case of HideMyAss.com handing over a Lulzsec hackers IP to the feds. If you're doing anything that will really ruin some admins day, like DoS/SQLi, from behind a VPN you will get caught pretty easily.

You'd be better off running TOR through a few proxies from China/Russia. Although any free proxies you can access are most likely honeypots, you're still behind TOR and if you make it so your TOR nodes are in weird ass places you're chances are that much better.

In the age of facebook where most people are happy to have their life on display for all to see i find it more likely that people are using VPNs because they're doing shady #$%@ rather than they just want to keep their private information private. In which case you're placing your trust in one company, a business which is there to make money and it already has yours. You're better off placing your trust in hoping that 1 of the 10 proxies you used is owned by an eskimo, who hates your government because they are responsible for melting away the ice caps, that'll tell them to get #$%@ed when they ask for the source IP.

Yeah, most people don't read the privacy agreements for a VPN, they say right in there that they will gleefully hand over any and all records. Eastern VPN's are the way to go.

That is not true, not at all! vpntunnel.se provides the users with a secure and anonymous vpn-tunnel and they DO NOT SAVE ANY DATA on the user or usage. I use vpntunnel.se and it's really fast, cheap, secure, and you have five different servers (in five countries) to connect through :)

Hey,
I got a problem and I hope you can help me out guys.
i made the directory for the keys in root but when I trying to use the command "cp -v c^C" I got the following error:
cp: missing destination file operand after `c^C'
Because I'm a complete noob...I just don't understand what the problem is or which files should I copy exactly.
I would really appreciate your help.
Thank you!
Dave
Thank you!
Dave

Unix getting hacked cause of its unstability but dont worry folks we are on the right tracks to change it...

.....you seriously don't know much about Unix and Linux, do you?

For one the correct word is instability, two, linux has been around for 60 years, three, you are being a twat.

I have met people like you. Just because you made something that makes shiney lights in OpenSUSE studio doesn't mean you created linux.

Learn thnigs before you fart on the internet.

can i download torrents using vpn??????????

A VPN is like any other internet connection, it just gives you a tunnel to go through. Kind of like a water pipe. Water goes from your yard to down the road in someone else's yard.

So sure.

Not every vpn provider keeps your logs, just use the company that is not under the jurisdiction of usa (or chose the server that is not located in usa). I like anonine.com

What about the hide.me VPN? The privacy policy seems to be fair enough, they don't store any information and the company is incorporated in Malaysia. There is a great list of servers to use.

Any VPN is better than none.

It depends on what you are using it for is when logs come into play and at that level and above no VPN on the planet can run from the Vulcan Death Grip that some 3 letter abbr agencies have on ALL VPN traffic.

hi sir,

i am new to hacking ,i have tried some gmail hack hack by using kali linux(vmware) on windows 8.1, im having doubt in it .if i am going to hide my ip on guest operating by using vpn how much this will protect my identity? ,,,sorry for my bad english

You can use VPN to mask you real IP with another one using proxy. I use hide-my-ip.com and they give excellent service. I can access to restricted websites, or bypass Netflix restrictions and so on...

I've Kali Linux 2.0 and this command ( cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* vpncfg/ ) is throwing this error message ( cp: cannot stat '/usr/share/doc/openvpn/examples/easy-rsa/2.0/*': No such file or directory ). Kindly provide me an alternative.

Share Your Thoughts

  • Hot
  • Latest