My OpenVPN is getting detected.

March 7, 2016 917 views
Applications Deployment Firewall

Hello Members,

I have successfully set up a Openvpn on my droplet which has connected well to my my computer( I'm running Windows 7) using this script

apt_update: true
  - openvpn
  - easy-rsa
  - curl
  - IPADDR=$(curl -s
  - gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz > /etc/openvpn/server.conf
  - sed -ie 's/dh dh1024.pem/dh dh2048.pem/' /etc/openvpn/server.conf
  - sed -ie 's/;push "redirect-gateway def1 bypass-dhcp"/push "redirect-gateway def1 bypass-dhcp"/' /etc/openvpn/server.conf
  - sed -ie 's/;push "dhcp-option DNS"/push "dhcp-option DNS"/' /etc/openvpn/server.conf
  - sed -ie 's/;push "dhcp-option DNS"/push "dhcp-option DNS"/' /etc/openvpn/server.conf
  - sed -ie 's/;user nobody/user nobody/' /etc/openvpn/server.conf
  - sed -ie 's/;group nogroup/group nogroup/' /etc/openvpn/server.conf
  - echo 1 > /proc/sys/net/ipv4/ip_forward
  - sed -ie 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
  - ufw allow ssh
  - ufw allow 1194/udp
  - sed -i "1i# START OPENVPN RULES\n# NAT table rules\n*nat\n:POSTROUTING ACCEPT [0:0]\n# Allow traffic from OpenVPN client to eth0\n\n-A POSTROUTING -s -o eth0 -j MASQUERADE\nCOMMIT\n# END OPENVPN RULES\n" /etc/ufw/before.rules
  - ufw --force enable

  - cp -r /usr/share/easy-rsa/ /etc/openvpn
  - mkdir /etc/openvpn/easy-rsa/keys
  - sed -ie 's/KEY_NAME="EasyRSA"/KEY_NAME="server"/' /etc/openvpn/easy-rsa/vars
  - openssl dhparam -out /etc/openvpn/dh2048.pem 2048
  - cd /etc/openvpn/easy-rsa && . ./vars
  # Optionally set indentity information for certificates:
  # - export KEY_COUNTRY="<%COUNTRY%>" # 2-char country code
  # - export KEY_PROVINCE="<%PROVINCE%>" # 2-char state/province code
  # - export KEY_CITY="<%CITY%>" # City name
  # - export KEY_ORG="<%ORG%>" # Org/company name
  # - export KEY_EMAIL="<%EMAIL%>" # Email address
  # - export KEY_OU="<%ORG_UNIT%>" # Orgizational unit / department
  - cd /etc/openvpn/easy-rsa && ./clean-all
  - cd /etc/openvpn/easy-rsa && ./build-ca --batch
  - cd /etc/openvpn/easy-rsa && ./build-key-server --batch server
  - cp /etc/openvpn/easy-rsa/keys/server.crt /etc/openvpn
  - cp /etc/openvpn/easy-rsa/keys/server.key /etc/openvpn
  - cp /etc/openvpn/easy-rsa/keys/ca.crt /etc/openvpn
  - service openvpn start

  - cd /etc/openvpn/easy-rsa && ./build-key --batch client1
  - cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/easy-rsa/keys/client.ovpn
  - sed -ie "s/my-server-1/$IPADDR/" /etc/openvpn/easy-rsa/keys/client.ovpn
  - sed -ie 's/;user nobody/user nobody/' /etc/openvpn/easy-rsa/keys/client.ovpn
  - sed -ie 's/;group nogroup/group nogroup/' /etc/openvpn/easy-rsa/keys/client.ovpn
  - sed -ie 's/ca ca.crt//' /etc/openvpn/easy-rsa/keys/client.ovpn
  - sed -ie 's/cert client.crt//' /etc/openvpn/easy-rsa/keys/client.ovpn
  - sed -ie 's/key client.key//' /etc/openvpn/easy-rsa/keys/client.ovpn
  - echo "<ca>" >> /etc/openvpn/easy-rsa/keys/client.ovpn
  - cat /etc/openvpn/ca.crt >> /etc/openvpn/easy-rsa/keys/client.ovpn
  - echo "</ca>" >> /etc/openvpn/easy-rsa/keys/client.ovpn
  - echo "<cert>" >> /etc/openvpn/easy-rsa/keys/client.ovpn
  - openssl x509 -outform PEM -in /etc/openvpn/easy-rsa/keys/client1.crt >> /etc/openvpn/easy-rsa/keys/client.ovpn
  - echo "</cert>" >> /etc/openvpn/easy-rsa/keys/client.ovpn
  - echo "<key>" >> /etc/openvpn/easy-rsa/keys/client.ovpn
  - cat /etc/openvpn/easy-rsa/keys/client1.key >> /etc/openvpn/easy-rsa/keys/client.ovpn
  - echo "</key>" >> /etc/openvpn/easy-rsa/keys/client.ovpn

  - cp /etc/openvpn/easy-rsa/keys/client.ovpn /root/
  - cp /etc/openvpn/easy-rsa/keys/client1.crt /root/
  - cp /etc/openvpn/easy-rsa/keys/client1.key /root/
  - cp /etc/openvpn/easy-rsa/keys/ca.crt /root/`

While everything is okay, I can still not use the websites I was targeting with the VPN.
I'm messages like " sorry, we are not 'hiring from your region"

when the used MATCH? and p0f, the response was 'there was a match between your broweser finderprint and OS

and went to give out these results


First seen    = 2016/03/07 12:18:53
Last update   = 2016/03/07 13:09:59
Total flows   = 12
Detected OS   = Windows 7 or 8
HTTP software = Firefox 10.x or newer (ID seems legit)
MTU           = 1408
Network link  = OpenVPN UDP bs64 SHA1 lzo
Language      = English
Distance      = 14

PTR test      = Probably home user
Fingerprint and OS match. No proxy detected (this test does not include headers detection).
OpenVPN detected. Block size is 64 bytes long (probably Blowfish), MAC is SHA1, LZO compression enabled.

you can take a look at this website:

From my research
I have discovered that changing the mmsfix value to 0 cam make it undetectable.
I'm afraid using the Tor project's Obsfproxy might trigger 'suspicion' from the server and have my accounts flagged.

Also, routing traffic through port 443/ TCP

I'm not sure on how to implement that.

  1. Is there anything I can do to tweak the VPN to make it hard for websites to detect?

  2. What changes can I implement on the code so that I'll just have to copy and paste the code as a user data?

  3. How can I avoid the "last seen on date xx/x/xxx' thing?

Sorry for my poor English

Thank a lot for taking your time to respond to my question.

Be the first one to answer this question.