Hide your identity on the internet

This article shows you how to hide your internet footprint with a VPN.

Introduction

You may ask why do we need to hide on the internet? You may not care about your information.

Shoulder Surfing - What if someone looks over your mobile next to you? Do you feel uncomfortable, right?

Personal Information - Most of us ignore the importance of privacy. We can be targeted by threat actors. For example, they can capture your web activities such as e-banking and social media.

If you don’t want to be one of the victims, it is better to learn something new to protect yourself and your family.

\

VPN

{: .box-note} VPN = Virtual Private Network

VPN is the easiest solution for users to protect their privacy in internet activities. There are some common and widely used VPN providers:

• ProtonVPN
• TunnelBear
• NordVPN💲
• Surfshark💲

Most of them are expensive around 10 USD per month. We don’t want to spend that much money on it. So, making your own VPN may be suitable for you.

\

Runbook: Build your travel router (+VPN)

Hardware Requirements: Raspberry Pi 4, Network Adapter

It is easy to make your travel VPN with a Raspberry Pi 4 (🍒). OpenWrt is an open-source OS for routers. We can make a 🍒 router with OpenWrt.

{: .box-note} IDEA: Public Wi-Fi📶 ↔ 🍒 Wi-Fi📶 ↔ Your Devices📱💻

Table of Contents

• Step 1: Install OpenWrt image
• Step 2: Connect the OpenWrt
• Step 3: Backup
• Step 4: DHCP from Public Wi-Fi
• Step 5: Install packages for the network adapter
• Step 6: Setup Travel Wi-Fi
• Step 7: Setup OpenVPN

\

Step 1: Install OpenWrt image

• Download the image which fits your device. In this tutorial, Rasp4 model B is used: OpenWrt images for Raspberry Pi
• Write the image on the SD card by using Raspberry Pi Imager

\

Step 2: Connect the OpenWrt

Connect your computer and 🍒 with an Ethernet cable We need manual set up our IP address at the very first step. After the following steps, we can get access to the router.

• Go to: Control Panel\Network and Internet\Network and Sharing Center
• Find the OpenWrt network (Ethernet connection)
• Change the TCP/IPv4 from automatically to manual IP address
  • IP address: 192.168.1.10
  • Default gateway: 192.168.1.1
• Connect the router via SSH
  • ssh root@192.168.1.1
• Change the password
  • passwd

\

Step 3: Backup

Before we start editing the configuration of the router, a backup is needed for recovery from error settings.

/etc/config

cp firewall firewall.bk
cp wireless wireless.bk
cp network network.bk

\

Step 4: DHCP from Public Wi-Fi

LuCI, the web interface, can simplify the whole process. We use it to scan the public Wi-Fi. After that, the router gets the IP address from the public Wi-Fi through DHCP.

• Login to the router website
• Go to wireless and scan the public Wi-Fi
• Replace the default Wi-Fi config with the selected Wi-Fi

The details can be found on their official website

\

Step 5: Install packages for the network adapter

Some packages are required to recognize our network adapter.

opkg update
opkg install kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb kmod-usb-core kmod-usb-uhci kmod-usb-ohci kmod-usb2 usbutils

\

Step 6: Setup Travel Wi-Fi

We can find our network adapter Wi-Fi after enabling the interface.

• Plug your network adapter
• Enable the network interface: ifconfig wlan1 up
• Enable the travel Wi-Fi (radio1)

It is a default OpenWrt Wi-Fi. So, we should add the PSK encryption and password for our travel Wi-Fi.

option encryption 'psk2'
option key 'your-wifi-password'

\

Step 7: Setup OpenVPN

That’s not enough for our security purpose. The public Wi-Fi provider can still capture our network traffic. So, we need to use OpenVPN as our VPN service.

opkg install openvpn-openssl luci-app-openvpn

We use VPN Gate as our example:

• Download their OpenVPN client config file from the website
• Upload it to the OpenWrt by entering the OpenVPN tab
• Click Enable and Save & Apply

You may face connection problems. There are several reasons that may affect the VPN connection as follows:

1. The VPN server is offline
2. The VPN interface firewall rules haven’t been set up properly
3. Interface setting error between Home/Public Wifi

radio0 interface

option channel '7'
option short_gi_40 '0'

Credits:

• NetworkChuck
• Van Tech Corner

Notes

• Kill switch
  • if not, leak privacy (e.g. IP Address)
• Proxy (HIA, ANM, NOA)

\