Test to see if scramble is working
99 views
Skip to first unread message
grandcanyon
Jul 24, 2022, 12:05:05 AM7/24/22
to tunnelblick-discuss
I compiled openvpn 2.5.5 with xor patch back in April on both my server and client. I haven't really used it much at least my VPS server. I am able to connect but I can't tell if the actual scramble part is working or if I just have a crummy connection. I'm running debian on the server and arch on my rpi on the client so I can't test with wireguard since I don't have a GUI. When I use my VPN provider and I try to stream something, it hangs after 10 seconds. The same with my server compiled with XOR patch. When I disconnect the VPN then it works without issue so I can't tell if it doesn't work (detects that I'm using a VPN), I have a crummy connection, or I need to re-compile with a later version of openvpn and/or the patch.
Tunnelblick developer
Jul 24, 2022, 6:14:50 AM7/24/22
to tunnelblick-discuss
Sorry, but I am confused.
- Are you asking how to test if scramble is "working" (i.e., actually scrambling the data being transferred) or whether it is messing up your VPN connection?
- What does wireguard have to do with anything? (Or do you mean Wireshark?)
- Does your VPN provider have servers that do scramble? The server and the client must either both use scramble or both not use scramble.
grandcanyon
Jul 24, 2022, 1:05:17 PM7/24/22
to tunnelblick-discuss
I am asking whether or not it's actually scrambling the data being transferred.
Sorry, I meant Wireshark as I saw you can see the traffic and it will tell you.
My VPN provider doesn't use scramble. I built my own Openvpn with the XOR patch server one a VPS. Since the VPS has bandwidth limitations, I don't use it all the time. If I don't need scramble I use my VPN host. If I need scramble I connect to my server but I can't tell if it is actually working.
Tunnelblick developer
Jul 24, 2022, 2:25:29 PM7/24/22
to tunnelblick-discuss
If you built both the server and client with scramble, and you have scramble options in both the server and client configuration files, it should be working.
But note that scramble is not encryption! Scramble only obfuscates, it doesn't encrypt, and it doesn't provide perfect forward secrecy.
And the scramble protocol does not scramble the first byte of each packet. That may mean it is easy to detect, even though the purpose of it is to avoid detection.
--
Nov 7, 2022, 6:23:37 AM11/7/22
to tunnelblick-discuss
It can be tested with packet sniffer (eg wireshark with openvpn dissector).
For a simple check you can disable scrambling in one side -- connection will not be established.
For a simple check you can disable scrambling in one side -- connection will not be established.
воскресенье, 24 июля 2022 г. в 21:25:29 UTC+3, Tunnelblick developer:
Reply all
Reply to author
Forward
0 new messages