Portmaster for Linux and Windows, help protect your data

Doorgaan met de discussie van Russische hackers:

Out of Linux magazine Issue 260, July 2022 (not really behind on my reading!!
Portmaster: Redirecting…
Portmaster on GitHub: GitHub - safing/portmaster: 🏔 Love Freedom - ❌ Block Mass Surveillance
Information on the Postmaster filter lists is available on GitHub

Portmaster is a firewall, a system filter list to identify trackers and other undesirable sites, a secure DNS service, and an optional privacy service (similar to TOR) called Safing Privacy Network (SPN).

I am about to install it on Linux and then on my Window(s) system.

While trying to register to vote in the US, I got this nasty mail from the Commonwealth of Massachusett, in short: I am a security risk and my IP is blocked. I don’t seem to have the problem here NL. So I guess it is the elections in the States.

SEEMS TO BE some strange correction on using links!?!?

New MSG from USA:
We have reviewed the logs relating to your request and identified high threat activity from your IP address. Due to this activity, no action to allow further access will be taken at this time.

Thank you,
SEC Cyber Security Team
{CMI: MCID244456}

If you are using your Dutch Freedom IP it may be because of some outdated geoip list. Because of the shortage IPv4 blocks are being swapped around between ISPs all around the globe. Before Freedom acquired it the IP may have been used in another country the US don’t like or by a spammer or something.

Using TOR through this filtering tool is not going to help you. TOR exit node are abused a lot by malicious actors. On my servers about 80% of the hacking attempts originate from those IPs. That will definitely get you blocked on a high security platform like the US elections.

You can try using a VPN service. Not the free ones, because the free IPs are probably on some blocklist too. I have good experience with Proton, their IPs are often clean.

Hi there

The real problem is of course, lack of IPv6;
Neither github.com nor safing.io have an IPV6 address.

Regards,
Rob

Yea, you are correct. Since I now have it on both systems, I will ask Portmaster about that.

How do you get that from the TS? Genuine question. I only read that his IP is banned and so he is considering a certain tool but is not yet using it. So why would a problem in there, or even a lack of IPv6 on Github, be relevant to his situation?

Hi there

IPv6 addresses are rarely recycled.
IPv4 addresses are recycled all the time. Which means you get stuck with the reputation of the previous user. So if the previous user was banned, the new user is banned as well.
Changing your IPv4 address (by means of a VPN) may get you just an other recycled and thus possibly banned address.

Regards,
Rob

1 like

Please create a ticket if you did not do so already. Please add as much information as possible. Perhaps we can get things unblocked.

Today I checked on Portmaster with both Linux and Win-10 and saw IPv6 in use.

And indeed it helped me with the security folks from Mass USA. I could send mail to my old town hall where I used to live.

The next step is to set up Wireshark on my Linux system, which I already started to do. I can then monitor the packets coming in and out of my WIN system. This is an excellent way to check now and then that nothing is sneaking through.

I need to relearn the setup and capture since it has been 13 or 14 years since I used it last. It has gotten more powerfull. and a bit more complicated.

See

If you use this, please do it as a White Hat. Do it ONLY on your own system network OR ask before aiming at another system that is not on your network.

Everything I believe is unblocked. I was able to send mail to Mass USA without getting a message back informing me that I am blocked.
thanks

I had this IP address since the beginning of Freedom.nl

Can Freedom.nl check if the IPv4 IP address given to us is or has been recycled? It seemed that Mass USA was looking at the IPv4 IP address. I thought that addresses were assigned according to geographic area, not recycled!?

Hi there

These geographic areas are rather large:

And IPv4 addresses get reassigned. If you got your current IPv4 address in this century, chances are it’s a reassigned IPv4 address.
If you want check the current user, use Whois:

Unfortunately, a lot of organisations use outdated geoip databases
instead.

IPv6 is from December 1995. So that’s nearly thirty years old. Not
supporting it is irresponsible.
github.com is owned by Microsoft. And we all know about the Hotmail and Outlook problems.
Developers should probably host their software somewhere else.

Regards,
Rob

Hi there

I realise that the above isn’t very helpful.
If you still have problems accessing github.com, maybe a post in one of their mailing list might help.
Gmane offers a free mail to news gateway, so you can use NNTP;
news.gmane.io
gwene.blog.github seems pretty generic.

BTW, there is also a gmane.politics.activism.give-up-github

Regards,
Rob

I did an IPv4 Whois and found I was in Poland!?

Summary

|Country|Poland
|Domain|dg-net.pl|
|ASN|AS57608|
|Registry|ripe|
|Hosted IPs|1,024|
|ID|PL-DGNET-20171222|

The second time I did it, both with IPinfo, I got Freedom Amsterdam!?

Then, I did Whois for IPv6 and found Amsterdam

Also one of my Domain names is open to be bought? @riodice.nl
Not Good!

I can log in to github.com

I no longer have problems sending emails to the State of Mass.

Hi there

I use a command line utility called whois for both ip address and domain queries.
With websites there is no telling which database is actually being queried. Or how reliable or up date it is.
Whois is the only authoritative source;

sput:~$ whois riodice.nl 
Domain name: riodice.nl
Status:      active

Reseller:
   Soverin BV
   Vijzelstraat 68
   1017HL Amsterdam
   Netherlands

Registrar:
   Metaregistrar B.V.
   Noothoven van Goorstraat 11 e
   2806RA Gouda
   Netherlands

Abuse Contact:
   +31.858885692
   abuse@metaregistrar.com

DNSSEC:      yes

Domain nameservers:
   ns1.soverin.net
   ns0.soverin.net
   ns3.soverin.net
   ns2.soverin.net

Creation Date: 2019-12-30

Updated Date: 2021-04-20

Record maintained by: SIDN BV

Regards,
Rob

Yes they are recycled.

Freedom launched its website just 8 days before RIPE NCC handed the last unused /22 out (1024 IPv4 addresses) out. Hence we have to buy or rent addresses of the free market. Therefore almost all our IPv4 addresses were used by others before.

I hope IPv6 is used first and only then is IPv4 used. I am not sure if I am one of the 22. I guess not if I find my address also in Poland

Hi there

As a general rule most software will try IPv6 first and only if this fails use IPv4.
Of course, IPv6 has to be available for this to work.

Regards,
Rob

Thanks for the info - good to know.
Richard