How To Create Your Own VPN (and why)
ฝัง
- เผยแพร่เมื่อ 20 ก.ย. 2024
- In this video I show you how (and explain why) to setup your own VPN server with openvpn.
This is the script I used to setup Openvpn easily.
github.com/ang...
My vultr referral link
www.vultr.com/...
My merch is available on based.win
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB
Subscribe to my TH-cam channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released.
I now have my own merch available on based.win. %10 discount at checkout when you pay in Monero (XMR)
Bruh.
It's 10% not %10 😢
probably just different typing style, it's not even that significant anyways@@younot6461
Can't you just run a virtual machine on your PC/laptop and use that as a VPS?
@@silverbullet2008bbThen there is no purpose, it will be the same ip and isp.
@@silverbullet2008bb but then what's the point?
i mean, aside from hosting it for an online friend who lives in a country that is censoring the internet aaaAAAHHH
"Military grade" for those that were in the military means "as absolutely as cheaply made as fucking possible."
It quite literally just means "cheap enough we can make it good enough for disposable people not to complain", lmao
lowest bidder ;)
Military grade people
The army won't even shill out 10 cents to make things more convenient to their soldiers
@@alfiegordon9013 You act like they care if you complain
Just a few tips, be sure that the IPv6 and DNS aren't leaking. Also, for those interested you dont necesarily need to rent a VPS, you could do this in your home. That way, when you are outside of your home (college dorm, hotel) you can connect to your LAN devices remotely too!
Sidenote ofc this wont make you anonymous, since the traffic would appear to be coming from your home. But, it helps you circumvent firewalls and websites blocked by your institution.
how do you get around your public IP changing? as home ISP networks aren't static
@@jlfazmo ddns that auto updates somehow!?! Script or telegram bot who knows...
Doesn't help with region blocks unless you're in a different country.
@@angusmacgyver it didn’t work for me cause most of the connections are under a NAT.. so I had to request the static IP
0:48
>"I'm not here to shill you a VPN"
7:06
>Shills VPS service while mentioning his referral code minutes later
I'm really surprised I had to scroll down so far to see this. Just like a VPN company isn't trustworthy, a VPS company isn't necessarily trustworthy either
@@tylerbelfield If you have one VPS instance among untold millions on AWS/GCP/Azure, do you really think they or any TLAs are interested in spying on you? Or would even spot you in that crowd if they were?
@@W1ldTangent yes, I absolutely do, it's in the VPS provider's best interest to fingerprint the traffic and sell info on it, just like Google & Facebook. Google has millions of accounts, do you think that stops them?
@@tylerbelfield that's true, but apart from setting up your own physical server, there isnt really any other options as far as I'm aware :/
@@tylerbelfield not to be blunt, but I highly doubt you're doing anything that would ever rise to the level of anyone's personal attention, nobody is as interesting as they think they are. Being surveilled by algorithms is not something you're going to escape, even with your own server.. you still need to get bandwidth from someone. If you take this tinfoil hattery to it's logical conclusion you should probably not use the internet at all. Just saying.
The video specifically says why you might want to do this: to change your IP, to avoid DDoS attacks on your personal IP or to get around region blocks. Anonymization wasn’t part of the rationale, so several commenters have missed the point.
True.
For anonymization, we have TOR. It's good enough. if TOR becomes unsafe, it's already the end of the world :,)
@@qtulhoo tor isnt really safe
@@Skaffa Can you explain why you think it's not?
@@Skaffa ok , from what i understand , very little ,
Tor is soo safe you can get in the deep web , wich is a dangerous place ,
But tor is the best bet to get there
VPSs are actually a worse choice than VPNs for anonymization in pretty much every aspect. The whole point of a using a VPN provider is anonymization through other users. You can switch servers and there other users on the network to anonymize traffic, but with a VPS you are the only person associated with that IP, and so using a VPS is more akin to a proxy than anonymization. A government agency can also very easily subpoena a cloud service provider and get the name, address, and billing information associated with one of their IPs, while some VPN providers actually let you use their services without creating an account and accept crypto. Most hosting providers also recycle their IPs and so they end up blacklisted in a lot of places. The only reason for setting up your own VPN should be a literal "private network" such as creating a reverse proxy for your home network if you self-host.
none of vpn providers provide any anonymization without trust.
@@kexec. I know mullvad does, depending on how you fund your account. According to their privacy policy, the only information they retain about users who choose fund their account via bitcoin is account number, bitcoin address, and timestamp of verification. Any information collected not stated in their privacy policy is a clear violation of the GDPR and could constitute as unlawfully obtained evidence.
Right, I had the exact same thought - you are the one owning the VPS, so backtracking it to you is a lot easier automatically.
For someone living in a tyrannical government like Russia (like I do), hosting your own VPN is infinitely better than any other alternative (except leaving this shithole).
Most VPN services are banned here, they even blocked the torbrowser website. Those VPN services that are still active in russia should NOT bet trusted by anyone, since clearly they allow full access to logs (which they keep, 100% guarantee) to anyone from gestapo police.
Using your own VPN would help A TON, since VPS companies like vultr would just ignore or laugh at any of the requests from the russian government, considering the "good" relationships Putin has with other governments.
But than again, VPNs are banned here by law (although some are allowed to operate to serve as honeypots) and everyone who uses VPN is also breaking the law and could be forced to pay a fine or go to jail even.
So, if someone from russia is gonna make their own VPN, they better change the default ports to reduce the chances of the government finding that out.
@@0Artilary0 You gonna be paying with Monero using your home IP? What happens when they have a log of that hm? Monero not gonna do u any good
From VPN shills to VPS shills what's the difference
At the very least, it’s not like your (IP) info is just there- theoretically someone would need to know your Linux password too, bc that info is encrypted .
Unless they literally backdoored your Linux client lol. Then you’re f’ed
That being said obviously if VPS is fully hacked your CC info is gone .
You pay to be your own middle man😮💨
@@azophilmao or you could just change your ip from static, I'm pretty sure most internet providers, well modern ones do it by default
@@tortellinifettuccine I mean all phone data networks do
The issue is . Uh your phone provider also has your IP address
Spelling
goes through all the effort of censoring the ip for nothing lol
Maybe he did that on purpose? Who knows with Mental XD
I thought that too, haha.
I was just about to say that too 😂😂
Knowing mental there might be a deeper meaning to self leaking
@@TheOGRecipe free vpn for whom guesses the pass
There are very few channels I've watched as religiously as yours.
The editing, the pace, the jokes. You are a true master of sarcasm, wording and overall an intellectual sheibeposter which the internet much needed. Kudos to you
What are the others chanels ?
@@kvazium
The Act Man is the next thing that comes into my mind
what's up everybody, this is THE ACT MAN
word
Do you mean scheibeposter as in German for sh**poster?
The main objective of a VPN is to provide a virtual network, not an additional node to bounce through, the node is not a function but a side-effect, you can make use of it like this or like most vpn providers allow, but the objective remain to connect multiple machine to the same subnet so they can access a private resource inside that subnet or communicate directly as if they were in the same local network, if your objective is to hide your true ip (not from the government but from the end server) then a proxy would be more fitting.
In popular lexicon, the definition of VPN has expanded to include encrypted proxies as well.
vpn == proxy but proxy != vpn
Exactly! The real goal is not "hide my IP", but to add extra layer of security that prevents a "rogue access point" or "man in the middle" to know what kind of things are coming and going from your pc to the cloud (http, ftp, torrent? an atacker can't tell).
Today people use VPN as synonym with "http proxy tunneling", however a VPN is more than just a proxy, is meant to allow remote access to computing resourses as if you were in the same LAN, but without exposing all those resources to the internet.
A VPN is a type of proxy, but not all proxies are VPNs.
Is there even a free way to make a vpn?
Hey Kenny, so I need a bit of advice with this. I have a friend in China, and I decided to host my own VPN to help him, but instead of using a VPS, I used my local network. I did this basically the same way, but my friend's internet connection is maybe 50 times slower than mine when connected, and sometimes it just drops the connection. Bypassing Chinese censorship is hard, we can't use any big popular VPS IP or VPNs, hence the self-hosting. It's low profile enough to not alert the censors.
taiwan #1?
Tell him to try Tor with bridges specifically made for Chinese censorship
Well ur local network is gonna be slower than a vps since they have dedicated network hardware. That being said, long distance (and specially from China since the firewall is a bottleneck) is going to be slower anyway. Best advice is try to see if speed improves with this video.
virtual network + a vpn server on azure?
Also from my research china doesn't ban VPS IP but rather check if that IP is used for VPN purpose then they'll ban it if they found
Here is a tip: do not disable password authentication until you're 100% sure that key based login works. If it doesn't work properly, you can always log back in to the system using your password. But if you disable password authentication and something went wrong setting up key based authentication, you will lock your self out from the system. So make sure it actually works first before turning off password. If you think you have set it up correctly but it still does not accept your key file, then try making sure all the permissions are set correctly.
U taught me more about practical IT things more than my IT courses. I think it's because the things you do r fun and practical. Your arch install guide really pushed me out of my comfort zone and I'm super hooked on Linux now.
Just don't use this to dodge three letter agencies. They know it was you who rented that server.
It wasn't me it was Mr.E
Unless you put actual devices that leech off of someone else's network all over the place. Then you kinda can use them to confuse the glowies.
@@rockytom5889 RaspberryPi, McDonald's WiFi, just need a way to charge the battery without attracting attention.
If you spoof a different MAC every time and spoof the OS to look like various forms of android, you could conceivably fool the glow boys for a while and have them looking at the customers rather than a remote server outside the building, I guess you would have to vary transmission power to prevent anyone from figuring out that all suspicious traffic is coming from a consistent distance.
If you throw directional antennas into the mix you can get some serious distance, especially if you can get line-of-sight to the access-point.
Maybe you could disguise the unit as a nest belonging to some large species of bird, up high in a tree, a solar panel could be used to charge the battery.
Impractical, laborious, expensive, less effective than easier alternatives, requires learning how to build complicated circuitry and antennas...
While it may not be a practical solution it would be a fun project.
@@CrackpotCreations Posting this here just gave the agencies a tip on how to find people, good work.
@@CoreDreamStudios you make it sound like they didnt already know
A VPN loses it privacy purpose if It has few to one users.
True
then share it with the whole fam
@@rockytom5889 better yet, the entire internet :)
@I ain't no millionaires son! yes.
@@KitOkunari no, no, no. Much better option is to share it with other galaxies.
dsvpn is easier to setup than openvpn (and more secure because there are way fewer moving parts).
About the video: using your own VPS will hide your IP, but not make you anonymous, quite the opposite. VPS IPs are all static so you're not hidden behind a NAT, and that makes you more identifiable.
Same as this?
More notes:
- A lot of websites ban datacenter IPs since those are often used for DDoS and other malicious attacks.
- You hide the IP of your VPS when setting it up but not when googling "whats my ip". lol
@@kiwec And I think vultr doesn't allow torrenting, so it doesn't even have that going for it. I guess it depends on what you want out of this.
Also, vultr has tons of open proxies on it, so they're probably blanket banned.
No
Much obliged, mate. Honestly you should just make an "intro to linux server ownership" video where you kinda 101 people on how to set up something like UFW/fail2ban to prevent bot spamming, basic configs, etc. On that note, I'm surprised you didn't install either of those programs.
After altering your ssh daemon config and restarting it, and while you still have a working ssh terminal to the remote host it is also a really good idea to test you can connect ssh to the remote host using the new config before closing the working ssh connection you are using.
Yep, came here to say this.
It's useful to bypass minecraft IP bans, that's litterally all I use it for
legend
Didnt expect the horizon here lol
This is a nice guide for beginners.
Nowadays ISPs and government can easily identify OpenVPN and most other VPN protocols very easily and throttle/block it completely (some countries).
Not to mention websites also started blocking VPNs/ASNs instead of IP addresses, or they just use a 3rd party to identify if your IP address is from a hosting company or not and then block access which most of them already have started doing.
Can you provide an example of this happening? ISPs/governments shouldn't be able to tell OpenVPN traffic apart from, say, HTTPS traffic, since the only perspective they see it from is as a TLS session. The only way they could tell is if all your OpenVPN traffic was on an identified port (easily fixed, just change the port) or they were regularly cracking your TLS keys (not unheard of for, say, the NSA to do so occasionally, but way too computationally expensive to be done on a mass surveillance scale, at least as far as the public knows...)
They would not be able to identify openVPN if you changed it from the default port but they would be able to tell the IP address is a VPS and most websites that are serious about making sure all of their users are legit are not going to allow vps IPs.
@@DJstarrfish From connection statistics and from protocol (not true SSL, at least for openvpn). Like your router would have a steady connection to this one address all the time. But I also have no idea what im talking about. There are obfuscation protocols that layer your vpn traffic in true tls though.
@@DJstarrfish The problem is that no matter how much your data is encrypted, your IP address never is. This is obviously because if your computer were to encrypt the IP address, your router would have no idea where to send the packets; hence, not encrypted. ISPs, governments, and even the servers the encrypted traffic is eventually arriving at can see that the IP address the traffic is coming from is a known VPN service and block that address. This is why VPNs aren't just the easy-win button so many people seem to think they are
Really enjoyed the video. One thing that was strange though was that you blurred the IP of your server in the terminal but then googled "whats my ip" and showed it to everyone in the end.
The actual tutorial starts at 16:50
This is just a comment so i can find it later
Likewise
Thanks, but I'm enjoying the video so far anyway
thanks
@@czjornymurzyn ඔබ හොඳද?
using a vps does change your ip but that's pretty much it. Their IP's are all static so you'll probably stand out more
Plus most companies will just deny or block an entire IP range from specific companies.. This is barely useful, might as well just get a name brand vpn..
I know this is about setting up your own VPN, but its also unironically one of the best videos I've been able to find about setting up ssh keys on a new VM. I come back to it whenever I need to go through the process again
"I'm not going to shill some VPN and give you my referral link"
7 minutes in to the video:
"Buy this cloud service and use my referral link!"
I found that extremely ironic as well, he's basically just making anti VPN ad in the long run. Credible VPNs are good for the overwhelming majority of people out there who just want some privacy.
I fucking hate vpn ads where they start listing off security as a benefit. The only really special “secure” part of my vpn is my isp can’t send me cease and desist letters…
If people were honest about what vpns did I wouldn’t mind, and some people are, but most just read off whatever ad roll they gave them and do zero due diligence in checking if those claims are true.
I like VPN ads. Especially these of NordVPN can be very creative. Normally, the TH-camrs do the advertisement in their original style.
@@porky1118 while reading off the talking points the vpn company gave them that are complete bullshit. Like I said, I’m ok with them when they are being honest. But most lie about how beneficial it is.
@@bradenculver7457 I just said, I like it. It's entertaining. But wouldn't buy one myself. I normally just use Tor, when I need anonymity.
@@porky1118 and I just said most of them are literally lying to their customers. I don’t care how fun they are if they are literally lying.
I agree with Braden. I value honesty over "it's fun to watch"
Privacy VPNs are basically just proxies. They don't call them proxies because "free proxy" returns more useful results than "free vpn". And they don't want suckers finding out they could het the same service for free
what' a good free proxy service you'd recommend?
I’d like to know as well…
Yep. This is what exactly I use these services for. Just to access region blocked stuff. People buying into the idea of protection from these services are probably delusional. At the end of the day, I'm by no means an advanced user so any idea on how to hide my data is a mystery to me but as long as I don't input my bank data in some dubious site(but then again, I use a virtual bank account that I just put money in it if I want to buy something online) I really don't care who's spying on me.
ya i'd like to know as well
Mans literally said free proxy comes up with a lot of shit and 3 people ask for a proxy lmaoo
Before we continue this funeral, I'd like to thank our sponsor Nord VPN.
"Dont use VPN that people advertise with referral links, its snake oil"
5 minutes later
"If you're interested in using this VPS im trusting, feel free to use my referral code in the description below"
Ok dude.
This is mainly usable as a proxy for self hosting. It won't make you anonymous but it can in some cases help get past ISP level blocks or bypass geo restrictions or as a proxy if self hosting, but that's about it. Great video anyway.
name a single VPN that provides anonymity
He started by saying a VPN won't provide anonymity, then listing use cases for why you might want to use one.
I like how straight to the point you are.
But i lived in China, and i can tell you the VPN was hella useful in that case.
Also, yeah, every company in China uses VPN, because they have to communicate with their western business partners.
But as a privat person you still NEED a VPN to connect to certain sites.
Vultr is the only VPS service that didn't yell at me the moment I set up a DNS and VPN service and actually helped with firewall config and pointed me in the right direction when it came to cloud storage. 10/10 vultr hosting very nice
Ovh is also great for vpn hosting and it's also got the best anti ddos protection AFAIK
@@mdk3nah go with 100up they use ovh
"you might have even got a vpn ad on this video" he says, as if there is even a single member of his audience not using an adblocker
2min into this video, and I just want to say that it's even possible to use VPN to create your very own private Internet, and you can also build "LAN" networks and bring them into your actual home LAN. I literally created a Virtual Private Network for my VPS on the cloud, then made a site-to-site connection with my home plan. And I serve Pihole and its juicy benefits to any of the clients connected to either of my VPN's.
VPN's are great until Netflix blocks you from going to the website when connected to the network. Unless your VPN has an ISP designated IP, you are probably getting blocked in some websites, all this just to say, host your own VPN, but do it at home, not in the cloud if you don't want to get blocked by Netflix
Absolute gold content recently 👍
not just recently
@@ducky1681 Yeah
It's always gold
Let's take a moment to acknowledge CornHub
real site and it is about a 10 or 15 year old meme now
I love corn
lazarbean moment
It has the juice
I have been saying this since the ads started. SO SO SO FEW people listened for so long. I did get through to a couple TH-cam Creators. I am glad we have finally gotten to the point where a lot more content creators and users understand this and have stopped advertizing the vpn's that give mostly false claims especially the fearmongering ones.
1 little correction here: the lock symbol doesn’t mean EVERYTHING on the page went through https.
You can make http requests from an https page ? Doesn't that count as xss ?
@@-na-nomad6247 no it is called “mixed content”
@@MidnightOver browsers have gotten better at trying to block this but I think with some javascript a website could still pass http through? Also given how websites now are often working in larger networks, talking to cloud providers, external databases, etc, if someone misconfigures something, they could be exposing data over https between those connections and there isn’t anything you can do about that but pray.
@@Ultrajamz I see, thanks, I'll be looking into that, it is true that even https sites can make http requests now that I think of it, especially if using third party plugins.
This is a very dear topic to me since setting up a personal VPN server was my very first project that got me into server management and IT in general.
I've used your tutorial as a template to create a PKE SSH session with other VMs that just start with a root user! Absolutely a gem, thank you @Mental Outlaw
Wow your videos never miss. I have been looking for a good VPN provider on Linux for quite some time, but just following your video for 5 bucks a month I have full control over my own. Thanks!
Well you can indeed turn off the logs with this setup but that doesn't mean anything right? Your VPS can still see all the traffic that's entering into that hosted VPN and they could also log that incoming traffic. So basically using a VPN through a VPS is even worse than using a VPN through a VPN provider because in both cases you're putting 'trust' that the actual HOST is not logging your traffic in some database.
Exactly, and it also seems he’s shilling his referral link with that VPS website. Don’t get me wrong, i love this channel but the hypocrisy on this vid is disappointing.
I don't really understand why people are insisting on VPN's for privacy. They are okay for both fine for "downloading Linux ISO" or censorship purposes but for privacy you are offloading your responsibility to a vps provider. Tor is still way to go for privacy purposes IMO
@@abasba00 A VPN is oke for hiding the stuff you do from your local ISP in your country, in case if you're doing illegal stuff it can be used as a 'protection' layer when you use it religiously with a kill switch on so your real IP never gets leaked. When you attempt on doing illegal stuff its oke to use a VPN imo but in combination with orbot/onion routing (just to use the VPN as a 'layer'). Example: You and your friends are making use of a private instant messaging chat (xmpp), you can root xmpp clients through orbot/TOR connection with your VPN as the incoming IP into the first node, I think using VPN here as a layer serves its use pretty good. Your ISP won't even know that you're on TOR because your ISP only sees that your traffic is going to the IP of the VPN provider, nothing more. Also there are several encryption layers with this method. Maybe I'm wrong? Who knows, I'm glad to get educated about this.
Also Vultr preloads your install with their own DNS so they effectively become your ISP/Google
@@bigtravis7968 he said in the begging of the video is not about the privacy here, is mostly for "downloading isos"
I have no idea what you were talking about but I just kept watching because your voice is cute and relaxing
Having one key pair per remote host might be useful if you’re trying to prevent host A from knowing you’re the same person who visits host B, but otherwise I don’t see the problem with having one key pair per (user, local computer) combination. If your computer is stolen or decommissioned, you can remove just that key from the hosts you connect to. And there would be no reason not to use the default key filenames.
Also, the sshd config file comments show the default configuration values, so there’s no reason to uncomment anything you’re not changing.
"Military grade" should be replaced by "corporate grade" or "linux user grade". Thats really the only ones that speak to a truly secure service. The latter being more so xD
once again, as cool as this is, this doesn't give you the anonimity you get from using potentially non-spooky vpns where you'd have potentially hundreds of people with the same IP as you
Used to do this in 2009-2014 on Xbox 360 with my own VPS/Dedi and you had to add a new connection in Windows 7 and select VPN and put in the IP and user credentials then I would share the connection to my Xbox 360 wired to my computer. Setting up the IPtables and rules for DDoS protection too.
I think this would be more useful for hosting a game server. VPS/VPN, you're the only user connecting so if somebody were to dig into the owner, and the users all signs will point to a static IP.
It is a good solution as a single proxy server, but I think a better solution would be to do the research of the VPN provider you want to use and making sure there are no security threats or data sales.
Even if you were able to buy server racks in multiple countries and start your own VPN service, there will still be no privacy.
Using VPS for game server also makes it more fair. If you host the game locally you have 0 ms ping which can give you the advantage.
@@etopowertwon This. Power consumption can also get expensive. If you were hosting 24/7 a VPS would probably be a cheaper alternative. Say you're constantly running the bare minimum and power consumption is 200 watts. If you ran your server for an entire year it would cost you approx. $250 dollars, compared to a subscription to a VPS which are far more cheaper. Good VPS will cost $60 for annual membership.
@@synthesoul It really depends on what you need. A raspberry pi at your home can easily serve as a VPN server and have a acceptable bandwidth. For example, I could get about 80 mbps uplink and downlink if the network is not congested, on a RPI4, in my house, with 15W at most (the PSU was limited to 5V3A). It can happily handle game servers like minecraft just fine.
@@SodaWithoutSparkleshi, can you provide me guidance on making a secured mc server?
keep in mind vultr doesn’t use clean energy, or at least doesn’t say it anywhere. i’d therefore recommend using something such as gcp or aws instead.
Ah yes, good ol' OpenVPN. That's a name I haven't heard in a long time.
Very nice trick to censor the IP, and showing it at the end to get a lot of comment talking about it. Good job sir.
Thank u fed, very cool
but you should cover how to make a physical vpn
same as this but just plug a computer into someones LAN and SSH into that?
@@MentalOutlaw Leave a Pi(or something similar) hidden somewhere or etc. If they never find it then it could be used as a VPN as well. You would be surprised how many buildings have spaces in the walls that can fit a device and still have wifi access or ethernet. If a soda can can hide in a wall for 30+ years, a Pi possibly could. The difficult part is getting the Pi there without being seen though and ensuring a stable connection to the local network. Even more so if you are trying to get a VPN for another country that way. That would require you going there physically, or somehow communicating with someone on the other side you trust to place the device for you.
@UC43XzjvblzHYWXl16DCbSwg
That is blackish.
You have to know some aspects about the building, the company, employees, etc. Is the network monitored by actual sysadmins? Or is it a bunch of old ppl? I think a good place to do this would probably be a library about fifty miles from where you are. Just travel and leave preconfigured VPNs in spots. You're also potentially giving away your data to whoever finds it.
@@synthesoul I get what you are saying, but surely anyone who does this sort of thing would think it through properly before planting devices in random places. I mean, the whole point of good opsec for anything is to have many plans for how to do something, and many more plans for whenever things go wrong. Just leaving things around without proper planning is just asking for trouble. An example of a place you could hide something is maybe inside smart devices people own. Or sell modded devices at pawnshops that phone home to a server when powered on. I am sure people have done that before with old modded game consoles and the like, as at one point someone did that with 360 consoles and stole credit card info that way.
When I was studying abroad, I left a raspberry pi at my parents that I could connect to so I could watch TV from back home.
That's the only way you can do it without anything in between (well except isps): setup servers yourself when you're abroad.
I don’t know anyone that thinks VPNs are antiviruses or anything crazy like that. I want my IP masked and it accomplishes that, simple as
Yes but no
Havent even watched the video yet, commenting for algorithm. Hope everyone has happy holidays!
Great video, though I do want to point out that the term 'shellcode' is not meant refer to the contents of a shell script. Shellcode refers to the contents of a malware payload, typically written in some form of ASM.
what do you mean "Some form of ASM"? there are different forms of assembly code?
@@guitarplayer1495 yes. Some examples are ARM assembly, x86 assembly, and MIPS assembly. Each is unique to its own architecture.
Perfect tutorial, the only thing I would change is that I would setup and prioritize IPv6 whenever possible with the configs as its more secure and anonymous, but being a logless VPS I maybe shouldn't care much about static IPv4... Scary though.
Some other security measures too, like port obfuscation, secure antideprecation, deep freeze, etc., but that's because I'm nerdy and do require a ton of anonymosity and security 😅.
Just typed to say out loud: it's enough, but if you're really in danger or irrational fear, there's more to secure you 😊
I thought you were an honest person who really care about people but after advertising a VPS you really turned me off
THANK YOU your the first person ive seen on this platform that really knows why someone needs a vpn
I'm only a minute in and I already like you. I always roll my eyes at those "this video is sponsored by fartbuttVPN" bits where they're like "If you're like me you like to work in a cafe even though I'm a rich TH-camr living in a 3-bedroom house with an office and since I'm a TH-cam most of my work involves recording in that house. But sometimes you'll notice some shady guy typing away next to you. He's stealing your data! Join VPN today so you can watch region-locked series on Netflix even though that's sort of illegal!" Like how fucking often are you in Starbucks and notice someone hacking into your computer from another table? Never. The people hacking your data are doing it from data breaches, not from in the same room as you.
I've only used a VPN just to download Sims 4 without Comcast giving me grief about it. *shrug*
Thank you for giving an open and honest take on this. I was getting tired of all the scare tactics and fear mongering.
@11:29 my man said the “big brain way” I’m subbing just for that
Only problem is: if you own the server you use, it reduces your privacy from there on out significantly.
It’s useful for when you’re on a public hotspot.
It is worth noting that you don't become anonymous by creating your own VPN. The VPS will be aware of your IP and possibly payment information, so if you do anything illegal with your VPN, there is a trail that law enforcement can follow.
Say someone else in another country logins in to that vpn, vultr in this case would also have this person ip right?
So if I connect my VPS to a VPN service to then reconnect back to the VPS, will this create a feedback loop providing me infinite anonymity?
Yes
Change the IP yourself. Ah the old days. I like this guy.
Be aware that companies such as Netflix have already blocked all IP address space from all major VPS providers to prevent people gaining access to their service from another country. Given that it’s fairly trivial to do this, I would suspect the same might exist for some other providers as well. This is why some “premium” VPN providers actually use residential services. Not to detract from your video at all as it was a lot of fun all the same.
I remember literally the day they did that. I'd been happily watching US netflix from EU with a VPN and one day I log on and see a message that they know I'm using a VPN. So disappointing.
For anyone using Windows, using winscp instead of a terminal is so much easier for transferring files
I always had this key question about personally ran VPNs, some IT chad please help:
So say I rent a server, and run a VPN service on said server. If I connect to my "private VPN" my IP will be that of the dedicated server.
Now if I do what I usually do, and torrent "copyrighted penguins," which usually cause letters in the mail, won't said letters be forwarded to the host of my dedicated server/VPS; resulting in a quick shutdown? Basically the same as if I just torrented on the dedicated server from the start?
With the generic big brand VPNs, for torrenting the IP pools are so huge copyright isn't even an issue.
I'd really appreciate some help!
Btw my current setup for those that want to know is a mini debian server, with XFCE for the gui. I use my VPN of choice with the killswitch mode engaged. (If VPN DC = no internet on the VM) -- then I download all the pegnuins I want inside said VM, and move them to my host machine to watch. This way being connected to the VM is isolated, and doesn't impact ping in say video games.
You're right. Moreover, they can even forward the letters to YOU in order to delegate and brush off any legal consequences of your actions. For a mass VPN, this won't be an issue as it will require immense time and resources to comb through the logs and figure out which user connected to the accusing party.
@@VivekYadav-ds8oz Exactly what my line of thought was the entire time. thank you.
This guy is next fucking level. While others have links to VPNs this dude has a link to a VPS so that you can make your own VPN
MO: *Let's censor ip of the VPS i'm using*
Also MO: *Shows ip of VPS at the end of the video*
i was literally thinking about how to do this today.. amazing content as always. keep up the great work! you're easily one of the best out there!
Anything can be hacked or tracked. Nothing is safe. Remember that.
people: concerned
people: phone in their pocket all the time
I did exactly that with Vultr. And I was blocked much more than when using say protonvpn.
I had wireguard on it.
That may be because lots of IPs used by vps services are under the same groups of ips, which makes those ips easier to spot and block. and of course because other people are also using cheap vps servers to run vpns on them.
Most companies will rent mass ip addresses from different parts of the world. So if that IP was involed in an attack and was released back into the pool for the next person to rent it and discover that it's blacklisted.
Quite possibly the most helpful comments section I’ve seen in a while
Great video. I really like it. The only problem is that many VPS providers forbid hosting "any type of proxies" (such as TOR Nodes or VPNs). Here in Germany I've heard of stories where entire drives got formatted and fresh installed with an image by the VPS provider without any kind of prior warning... Is VULTR cool with that? Or do you have any other experience regarding this aspect?
If all they do is format your vps every month just keep an ansible setup script or docker image to redeploy the entire thing in like 5 minutes.
@@THEMithrandir09 hey good idea ^^ thanks man
@@hankhill- if you do it often enough they are probably gonna ban you ngl
If it's for yourself it's unlikely to be a problem, if it's for thousands of tor users, it's different.
If you really want to be anonymous, it seems the best way would be to run proxy chains. I don't know if it's possible but it would be nice if you could run a VPN and layer proxy chains on top of that.
You hid the IP throughout the whole video but then you show it at the end. You've probably taken precautions anyway but just in case I wanted to let you know
If you are editing the sudoers file you should use visudo as it checks for errors so you don't accidentally lose all root access to your machine.
There's "ssh-copy-id" which would have saved you 10 steps ;) Still great video!
Man, you should make a video about how to setup wireguard. OpenVPN has numerous disadvantages for home use, especially being dead slow and complicated to setup, which leaves a lot more space for human error during setup.
So do we trust the VPN or VPS provider when we're downloading JAV's for research?
In this particular case VPN provider is you.
And VPS company's only way of knowing what you doing on your server is to physically intercept ram, but it's very unpractical especially for thousands machines running hundreads of VM's each.
I used to set up VPNs a lot as a kid for pirate games servers. I don't imagine that it's too hard
2:41 They aren't really making the request. Your computer is making the request, it's just popping out somewhere else in the world.
The VPN service doesn't change it. Request headers go in, the same request headers go out. Package goes in, gets wrapped in nice packaging paper, package comes out and gets unwrapped at the VPN provider. Proxies make requests on behalf of others.
can you connect to a vpn through a proxy and does it make it more ”secure/anonymous”
@@bridgeboo3031 The simple answer is "no".
If you want to be anonymous on the WWW, then don't use it. That's the easiest and probably the only way to truely be anonymous; not using it.
I did it almost as soon as I got my vps for other reasons. It was very easy and is still very easy to add clients with a simple script using openvpn I downloaded
I'd rather trust certain vpn providers than my own isp which doesn't even claim not to sell my data and is definitely handing it over to the us government
The coolest thing to do would be to set this up on a raspberry pi and hide it somewhere in a public wifi place. That way you would be totally anonymous, unless someone finds the device and captures all traffic
You can safely skip to 16:15 if you already have a Linux server set up
i've just set up my own private vpn via this script, wow it's cool
Nice video, thanks. Why are you hiding your VPS's IP address in the shell section when you clearly show it at the end in "what's my IP?" :D. Also in the header of the sshd_config it states that you don't need to uncomment any settings if you leave them at the default value.
the kinda people who use vpns to avoid ad targeting are the kinda people who look up when someone says gullible is written on the roof
Also changing ports is security through obfuscation, which is useless at best and dangerous at worst.
i have watched your vids a few times and not subbed but i find out youre a rust player and instantly got my sub.
hi kenny, love your content, what do you think of v2ray?, in my country (Iran) users use it a lot for avoiding vpn detection pattern so it can look like simple https connection to ISP and etc..
thank you very much for this video. I bought a year of PIA in december for various reasons and then in january i found out about kape. I've already cancelled my contract with PIA but im trying to learn more about privacy and security so i can make more informed decisions and take care of myself better.
If you want to avoid being tracked based on your IP by big corps, won’t the big corps just track you via the IP of your VPN? And won’t the ISP of the VPS provider track you?
Yes and yes
There are so many comments under this video arguing the benefits of VPNs over VPSs.
I'd just like to comment on what the video was about if thats kl ;)
Love it. All I was looking for is something secure that allows me to get passed geo-restrictions, which this covers. So, thanks.
Ill now let you get back to the others who are having arguements over god knows what XD
On all video blury IP vps and on the end 21:44 show this IP 🤣
Its like you could read my mind fam. I just setup one myself a couple days ago. Thanks a lot for making these!