Monitors network and devices for health and performance.
Detects & fixes issues with intelligent alerts and inbuilt diagnostics tools.Checks for SQLi, XSS and 4500 other web vulnerabilities.
Integrated Vulnerability Management to prioritize and manage vulnerabilities.
3CX, developer of the software-based unified communications solution, has announced the release of 3CX V15 Service Pack 5 which brings the final Linux version of the PBX. The update achieves complete feature parity with the popular Windows version of the software. The company also reports that SP5 has added further automation of admin management tasks and made hosting of the system in the cloud easier with leading cloud providers.
If you’re looking for a free Unified Communications solution compatible with mobile phones and any SIP IP phone while at the same time provides advanced collaboration features then look no further. Download and run the free 3CX UC system now. Available for both Windows and Linux operating systems.
Back then, the Internet was so very young. Those were the times of Windows Maze Screensaver, of the classy Minesweeper, of grey-white MS Paint, and of silvery floppy disks. Gone are those days. Now, after completing its silver jubilee, the Internet has grown to be almost a multiverse of information, every micro-second its network mushrooms like anything. But even maturity comes with its own struggle. This enhanced version of the Internet carries its own privacy concerns.
But not to worry, there are plenty of technologies and software developed to preserve your Internet privacy. TOR and VPN are the popular ones. So, here we explore and share which of the two comes out to be a better way to achieve a superior level of privacy on the Internet.
Before diving deep into the topic, let’s see what’s covered:
What if, at all times, someone is keeping an undersea eye on what you browse over Google, always peering into the messages as you chat with other people? Wouldn’t that make you uneasy? This is Internet privacy. That is, whatever information you share, or browsing you do over the Internet, keeps itself only to you, until you want it public.
We continually hear about governments and ISPs spying on users and even other countries, which shows how unsafe the internet is. Thankfully, user awareness on internet privacy is continually improving as more and more users seek out bullet-proof methods to encrypt their communications and protect their online privacy.
TOR or The Onion Router is a free, open source software that comes under the development and maintenance of The Tor Project, a non-profit organisation funded by the US Government. TOR enables users to preserve their anonymity over Internet communications.
To download, simply go to www.TORproject.org. There’s two bundles available for downloading, one is Vidalia, which requires a web browser pre-installed on your system. However, the other one, the TOR Browser Bundle, is preferred as it puts TOR directly into your system without you having to fulfil any prerequisites or additional installations.
You can download the necessary files for your operating system by visiting: https://www.torproject.org/download/download.html.en
TOR employs Onion Routing, a technology developed in the late nineties by a scientist named Syverson. It works at the TCP Layer of the network, using a multiple hop pathway. Whenever a user sends data across the network, TOR creates a relay of nodes (or hops) that decrypts the data, one layer at a time. This is where the TOR vs VPN battle actually takes off.
The relay of nodes is randomly selected proxy servers from the TOR users’ network. When the data travels from a user to the first node, it decrypts the IP address of the second node. Similarly, when it reaches the second node, it decrypts the IP address of the third node and so on till it reaches the last node. At each node only information about the next node is decrypted, thus maintaining the anonymity of the user over the entire network. When the data packet reaches the exit node, the node there finally decrypts the IP address of the destination server/node.
The following diagram provides an accurate representation of the Onion Routing method described. Like the layers of an onion, each message (the core of the onion) is covered with layers of encryption. Each layer is removed as it is received by a TOR Node (Router) and then forwarded to the next TOR Node (Router):
Figure 1. TOR Onion Routing method. Each layer is removed by each node to reveal the message
The diagram below is another example which shows how data is exchanged within the TOR network to guarantee privacy and make it almost impossible to track where data packets originate from or the final destination:
How TOR works – Data exchange between TOR nodes and normal non-TOR servers
Note that TOR nodes/users are also able to access normal (non-TOR) websites and hosts in a similar manner.
An example to further clarify the concept: let’s say you want to send a picture to your friend over the internet, without disclosing your location/IP address.
One of Windows Server 2016 highlights is the newer Hyper-V server that not only extends the hypervisor’s features and capabilities but also introduces a number of new enhancements and concepts that take virtualization to a new level.
There’s a lot of new exciting features we are covering so without any further delay, let’s take a look at what we have in hand for you:
Users new to Hyper-V can also read our Introduction to Hyper-V Concepts article
Hyper-V was first released in 2008 as a re-brand of Microsoft’s Virtual PC. It lets users create a virtual machine (VM), a complete, software version of a computer. Users don’t have to install an OS through the normal route, and instead run a program on top of their current one.
This is made possible by a hypervisor – a layer between the physical and virtual environments that can manage the system’s hardware between VMs. It isolates the host machine from its underlying hardware.
This opens some natural benefits. Firstly, a virtual machine is in a separate environment to the host computer. As a result, any problems that occur do not affect the regular operating system. This makes virtual machines ideal testing environments.
This is furthered by the ability to run multiple operating systems at once. Most modern computers have more hardware than needed for day to day tasks, and users can run, for example, a Windows, Windows Server, and Linux operating system simultaneously. Instead of requiring three different servers, only one is required. This cuts down on hardware, power, maintenance, and cooling costs.
It also allows for more flexible deployment. At a hefty fee, admins can purchase a Windows Datacenter license and create infinite virtual machines without having to pay any extra. In testing or production environments, this cuts out vital slowdown while employees check licenses. With virtualization, new servers can be deployed in minutes.
Another flexibility is hardware resources. Users can configure Hyper-V to utilize different amounts of resources, including the processor, storage, and memory. This is particularly useful if an organization uses a Virtual Desktop Infrastructure (VDI). A Windows operating system is hosted on a central server, and users are given virtual desktops over the network. Not only does this save on licensing costs, it means admins can scale the amount of resources users have depending on various factors.
Hyper-V also lets admins make easy backups. It’s simple to copy a VM and restore it later if anything goes wrong. With Hyper-V, there are two options – saved states, and Volume Shadow Copy Service (VSS). VSS lets admins make backups even when files are in use, meaning the process can be completed on demand.
This ease of movement can be useful in other scenarios. Built-in features like live and storage migration make virtual machines much more portable. Users can access the exact same environment on a different machine, without the need for complex procedures. That combines with security features like Secure Boot to protect the host OS from viruses, malware, and attacks.
One of the most popular hosts for a virtual machine is Microsoft’s Windows Server OS. For the past few years, admins have been running Windows Server 2012 R2, a Windows 8.1-based platform. However, the release of Windows 10 has prompted a Windows Server 2016 variant, and it comes with plenty of new functionality.
A big example is the introduction of Microsoft’s Nano Server. A purpose-built OS, Nano Server is a lightweight version of Windows Server Core that’s designed to run born-in-the-cloud applications and containers. It’s complementary to Windows Server 2016, has no GUI, and is optimized for Hyper-V. The service provides an environment with a low overhead and fewer avenues of attack.
Windows Server 2016 also introduces nested virtualization. Essentially, this lets you run a VM inside another VM. Though it’s a strange concept, the usage scenarios are more common than you may think. Many companies now use the virtual infrastructure we mentioned earlier, and this means those systems can still use Hyper-V. It also makes for a good test environment, letting trainees try out different Oss and situations without the need for separate hardware.
Other big improvements come to the Hyper-V manager. An updated WS-MAN management protocol lets admins do a live migration without having to enable extra settings in Azure Active Directory. This also enables CredSSP, Kerbos or NTLM authentication, and makes it easy to enable a host for remote management.
This is furthered by support for alternate credentials when connecting to another Windows 10 or 2016 remote host. This includes a save functionality so that you don’t have to type it every time. Though earlier versions don’t support this functionality, you can still use the Hyper-V manager in Windows Server 2016 to control earlier versions. The new manager supports Windows Server 2012, 2012 R2, Windows 8, and 8.1.
The next major change is PowerShell Direct. The process runs between the host and virtual machine, meaning there’s less need to configure firewalls and networks. It lets users remotely run cmdlets in multiple VMs without complex setup. PowerShell functionality extends to NanoServers, where it can run directly.
The internet is in a strange place right now. It’s no longer the open, free place it used to be. Increasingly, users are being subject to website blocks, attacks, and surveillance. For true safety or anonymity, precautions must be taken. Thankfully, there many ways for you to protect yourself, one of them being Socket Secure (SOCKS) proxies.
While many have heard about SOCKS Proxies not many truly understand their purpose, how they work and the security-privacy levels they can offer. SOCKS proxies are often mistakenly considered an alternative or equivalent to VPNs causing major confusion amongst users and providing false sense of security.
In this article we'll be covering a wealth of topics relating to SOCKS Proxies, SSL, Configuration advise, Torrenting via SOCK, compare them with VPNs and much more so let's take a quick look at what we have in store before diving deeper:
Like HTTP, SOCKS is an internet protocol, but it offers a further degree of anonymity. Connecting to a SOCKS proxy routes your traffic through a third-party server via TCP, assigning you a new IP address in the process. Because the IP address is different, web hosts can’t determine the physical location.
This has the add-on effect of bypassing regional filtering. However, unlike a VPN, SOCKS doesn’t provide encryption. This means users don’t have true privacy and aren’t safe from attacks on Public WiFi and government surveillance. In addition, SOCKS doesn’t run through every application, meaning regular browsing is not always safe.
However, this lack of encryption does provide some benefits. The main one is speed. A SOCKS proxy doesn’t need resources to encrypt traffic and has far less overhead, so it’s usually faster than a VPN. Though proxies don’t provide protection from monitoring, they are a nice middle ground between HTTP and VPNs.
The security of a SOCKS proxy also depends on the version it utilizes. Most modern proxies use either SOCKS4 or SOCKS5 to protect users, and there are some fundamental differences. As you would expect from a lesser version, SOCKS4 has fewer features.
One example is the lack of support for UDP protocol-based applications. This cuts out programs that need faster, more efficient transfers, like games. SOCKS5 also supports IPv6 and Domain Name Resolution. This means the client can specify a URL rather than an IP address. This feature is also supported by SOCKS4a.
As well as SOCKS, users can utilize the HTTP/HTTPS proxy method. HTTP proxies work similarly to SOCKS5, but utilize the HTTP protocol instead. This is the same method that transfers data to your computer when you type http://www.firewall.cx. These proxies fetch and receive primarily in HTTP and are generally used for web browsers. Some applications support HTTP proxy, others SOCKS proxy, and many both. HTTP is more intelligent than SOCKS5, but also less secure.
Due to lack of UDP support and limited TCP support, HTTP proxies don’t fully support torrenting. Often, they will filter out this type of data or block it. This blocking is especially prevalent in public HTTP proxies. In addition, HTTP tries to re-write the headers of the data in transit. The result is extremely slow or non-existent torrenting.
HTTPS proxies utilize something called the Secure Socket Layer. In your browser, you’ll notice this as a green padlock next to the URL bar:
In short, SSL creates a secure connection between the web server and the user’s browser. When you request a URL, the server sends your browser a copy of its SSL certificate. The browser verifies that it’s authentic, and the server then sends back a signed acknowledgment. Upon arrival, both start an SSL encrypted session and can share data safely.
This encryption uses a method called public key cryptography. A server using SSL has both a public key and a private key. When a server first negotiates an SSL session with a client, it sends a copy of its public key. The client’s browser verifies the certificate and then uses the public key to create a symmetric key which is then sent to the server. The private key is never sent and always kept secret.
The symmetric key is unique to the SSL session and used to encrypt/decrypt data exchanged between the client and server.
HTTPS proxy works slightly differently. Using the CONNECT method, requests are converted to a transparent tunnel. However, this feature isn’t available in a lot of proxies and, when it is, users can still be vulnerable.
Some versions of SSL are still open to attack through the Heartbleed bug. This serious vulnerability was discovered in 2014 and allows attackers to steal private keys from servers, eavesdropping on communications and gaining access to passwords, emails and instant messages. Vulnerabilities in SSL and its predecessor TLS have been found several times since then, including man-in-the-middle attacks that downgrade the user to a less secure version.
While an HTTP proxy is designed to work in the web browser, a SOCKS5 proxy is more wide-reaching. SOCKS sits on the higher levels of the OSI model, below SSL, which sits on the seventh application layer, and above TCP and UDP on the transport layer (Layer 4). This offers several advantages. TCP works by forming a physical connection between the client and the server, trying to guarantee that every packet arrives at the destination in the same order it was sent. To do this, it puts all the content into a fixed format.
Another use of UDP is in the Domain Name System (DNS), which allows for translation of URLs into IP addresses. The combination of both TCP and UDP creates a more flexible and reliable experience.
Despite what some think, the internet is not private. Anonymous browsing and Internet Privacy are almost non-existent in today's online world. Websites collect personal information on every visit without your knowledge. Despite the free label, services come at a cost, and in many cases, it’s a lack of privacy.
The primary driver is the advertising industry. Most websites get paid if an ad is clicked or the product is purchased, not just for exposure. As a result, they want promotions that are relevant to the user. They get paid, and the user gets to see the products they’re interested in. It seems advantageous to both parties.
However, to target these ads, agencies need information about a website’s users. Companies like Facebook embed trackers across the web to build a detailed profile of individuals. This includes things like your gender, age, location, and websites you frequent. Information from multiple ad agencies can then be combined to build a detailed picture of your interests and personality.
Firefox's Lightbeam Plugin provides a visual map of sites visited during our session
Here’s the result of two hours of browsing activity with the Lightbeam plugin. The circle articles are sites we visited, while the triangles are third parties. Together, they can create an interconnected web of information. Visiting just 32 sites fed 371 third parties data.
They can do this across the web through identifying information like your IP address. When you connect to a network, your device is given a unique string of numbers by the ISP or mobile service provider. These can be cross-referenced across the internet to find your browsing habits.
If that’s not enough, there are also government agencies to worry about. IP addresses usually give websites a rough idea of your location by pointing to your service provider. That’s not a barrier for government. They can ask the ISP who the IP was assigned to and find your name and address. You would think that such power would be used sparingly, but unfortunately, it’s not.
Former NSA contractor Edward Snowden revealed that major powers are spying on citizens across the world on an unprecedented level. Authorities request all that tracking data we mentioned earlier and combine it with information from the internet service provider (ISP). From 2011-2012, Australian agencies requested ISP logs over 300,000 times. This can include every website the user has visited over a period of years.
And that’s someone who has the country’s best interests at heart. This kind of information is also accessible to a number of people who work for the ISP. Earlier this year, an ex-technician for Verizon pleaded guilty to selling phone call and location information to a private investigator. Web browsing information could equally be sold off to the highest bidder.
And that’s assuming they even have to buy it in the first place. In 2012, internet activist group anonymous hacked into the servers of telecommunications company AAPT. They stole over 40GB of information relating to business customers to show that the logs are not always safe. A redacted copy of the data was later published online.
With so many parties interested in such data, anonymous browsing is becoming difficult. The sad fact is that without protection from the Best VPN providers, you aren’t truly safe.
Firstly, there’s the threat of this information falling into the hands of hackers. Imagine a person with malicious intent having a record of your name, address, interests, habits, and every website you’ve been to. It could easily be used to blackmail someone or make threats to their friends and family.
It can also be used to identify potential weak points in your security. For example, if you regularly visit an insecure site, it could be hacked with an end goal of getting to you. Tools such as a key logger could then be used to collect usernames, passwords, and credit card data.
Furthermore, such access can be used for types of identity theft. Combined with an email account, an attacker has access to basically everything. Password resets for various accounts, name, age, date of birth. Bank details can be used to place illegal purchases on your behalf or commit fraud. Most of our lives are stored online, and the attack could gain access to all of it.
The same methods can be used by authorities in oppressive regimes. Even if the current government protects its citizens from such things, a power shift could change that. Because tracking information and ISP logs are kept for a long time, the data will still be around years into the future.
Then there’s the issue of illegal activities. Previously, nobody would know if you were breaking the law in the privacy of your own home. However, with the increase in logs, activities like torrenting can result in warnings, loss of service, or huge fines.
Without a VPN, torrents can be traced straight back to the user. Copyright holders hire companies to search through swarms of people torrenting their property. With an IP address, they can request a user’s details from the ISP and pursue legal action. The ISP is often compelled to do this or face legal repercussions themselves.
Though torrenting is a morally grey area, this can also affect customers who have done nothing wrong. WiFi networks can be hacked or information can be incorrect. In 2010, 53-year-old Cathi Paradiso ran into this problem when she was accused of downloading 18 films and TV shows illegally. In reality, her IP address was identified incorrectly, and her internet access cut off unjustly. It’s clear that even if you’re a regular internet user, anonymous browsing has its benefits.
Anonymous browsing is usually achieved by routing a normal internet connection through a virtual private network. We won’t go into too much detail here, as it’s been already covered in our Beginner’s Guide to VPNs.