chaining vpn help

hy

I hope i will make myself clear enough; i have a lot to improve my english (any criticism is welcome ).
I thought a security forum is the best place to discuss this, rather than vpn providers.
First of all i want to tell you that i understand very well tactical and strategic of security risks but i'm quite new to the technical approach of security and anonymity. For what i read in the past few month ( more i read more complicated it becomes ) i understand that theoretical is safer to chain more layers of security/anonymity (vpn, socks, tor, etc..). That seems pretty logic, taking in consideration that trust have lot to do with security. Since now i was using only one layer of sec/anon, not that i have trusted it, but i simply didn't care because i didn't knew all the risk. Now, is not like i need all that security but i dont feel good either, in some case i feel like someone just could read my thoughts; so for that cases i will want to use chaining just to feel better.
I am looking for tutorials,tips etc.. about chaining sec/anon layers on ubuntu
I did found some good explanation concerning tor chaining setup with command for ubuntu terminal( seems they have good community ), but i want to test also some chaining about i read and research fount lots of info( but just didn't find step by step tut for linux/ubuntu);

ex:
1 openvpn A >> openvpn B ( A,B = different providers )
2 openvpn >> socks5
3 socks5 >> openvpn
4 socks5 >> openvpn >> socks5
5 tor >> openvpn >> socks

I understand that all this was already discussed, but i'm looking for some technical detail for linux/ubuntu ( setup instruction step by step, any reference in the right direction, i would really appreciate any help )

thanks in advance


ps: mods feel free to move this if this isn't the right place

 

When ever someone mentions sock5 proxies I feel they are usually either carding or hacking.

Socks5 proxies are logging up the wazoo and are honeypots.

 

While I understand your concern that some who post here may be up to no good, I don't believe that it's useful to make assumptions. I won't help those who are clearly asking about doing evil, and you're welcome to call me on that promise if I do.

That may be so. But there's no way to really know who's logging. So it's prudent to assume that everyone is logging, and to plan accordingly.

 

It's wise to use services that you trust, because they have good reputations. But you never know for sure, so it's also wise to combine services for redundancy aka failsafe. If either fails, you're still safe. You want components that don't share failure pathways, such as VPNs and Tor, or VPNs from different providers operating in different nations.

Although it's possible to chain within a Linux machine, using routing and firewall rules, it's far easier using virtual machines (VMs). VirtualBox is best in Linux. Last January, I posted some step-by-step tutorials on using VMs for routing VPNs and Tor https://www.wilderssecurity.com/showthread.php?t=316044. One change: ra's Incognito [Tor] Gateway VM is now at -https://bitbucket.org/ra_.

There's also the Whonix Tor gateway and workstation, from Wilders user adrelanos. I haven't experimented with them in chaining, however. I read recently on tor-talk that he's considering adding remailer support. That would be very cool, especially if he included the alt.anonymous.messages feature Perhaps adrelanos can say more.

That's in my tutorials. Alternatively, you can do that with just one VM. The host machine connects to VPN A. To block leaks around the VPN, install shorewall, and set it up as described in -http://xerobank.com/support/articles/how-to-harden-openvpn-in-12-easy-steps/. Then you have your desktop VM of choice (such as Xubuntu). In the desktop VM, you set up connection manager with VPN B. And you block leaks around the VPN using shorewall as above.

I don't use SOCKS proxies, so I'll leave these for others. Given that some VPNs are quite inexpensive, I don't see why one would use SOCKS proxies.

Anyway, I suspect that SOCKS proxies by default use an established VPN tunnel. I do know that OpenVPN has an option to connect via SOCKS proxy. And you can enforce all that with routing and firewall rules.

I think that you'll need at least one VM for this, with one SOCKS proxy and the VPN client in the host machine, and the other SOCKS proxy in the VM.

I recommend using Tor through a VPN, because VPNs are used for many purposes other than "being anonymous". See my tutorials.

See my tutorials. I'll be happy to answer questions. It's time to update them, in any case.

 

i also have seen on others forums few of those assumptions about socks5, so being no reason to use them,i understand it's better to avoid socks proxies, generate too much attention.
Now will get on all that nice info

thanks for the help