[RIIMIIX]

A few questions.

Can anyone tell me if data packets transferred over Tunngle are encrypted the same way network packets are when using other third party VPN providers like Logmein Hamachi; If not, why not?

Can anyone also tell me what measures are in place to protect us (the tunngle user community) from unwanted hackers etc trying to intrude on our privacy via Tunngle's service and what measures has tunngle put in place to protect us from such events taking place?

Does Tunngle provide any clear transparent information to us (the community) to highlight where or how the Tunngle service may effect security to our home network and give clear instructions on how to reduce any risks?

(I don't mean information tucked away in the small print!)


Why when im running PeerBlock on my systems am I seeing so much blocked UDP actions taking place when using Tunngle?

Even more concerning, why is my allocated IP range showing as communicating with the DoD Network Information Center?

When I google the DoD Network Information Center to see what it is, it's shows to be the following:


The Defense Information Systems Agency is a United States Department of Defense combat support agency with the goal of providing real-time information technology (IT) and communications support to the President, Vice President, Secretary of Defense, the military Services, and the Combatant Commands.

A big WTF??????

Why is it when i have peerblock running and monitoring my ports whilst using Tunngle and using the allocated Tunngle IP address; why is my tunngle IP address sending data packets to the DoD??

The packets largely increase when I am just randomly browsing and also increase when I send emails; that's without having any games running or doing anything else.

Is Tunngle a BIG BROTHER front; A simple door way in to peoples home networks?

Advertising not allowed
Hopefully someone here can constructively comment and answer a few of my questions and the DOD part as that's very suspect, especially the way packets are trying to send from my computer to the DOD only whilst i have Tunngle open.

What ever next, men in black suites and silent black helicopters over head?

[Brioche]

Hi and Welcome to the Tunngle Community .

As usual reading helps a lot to fight irrational fear .
We provide a lot of information and it costs really nothing to browse our Website and the Wiki a little.

Before I go on linking and explaining, let me say that we will remove any word that we perceive as clearly defamatory of Tunngle.
If you are here for a constructive dialogue there is no need to fill your post with defamatory stuff.
That said, polite questions are allowed and welcome.

RIIMIIX, on 20 April 2011 - 14:50, said:

Can anyone tell me if data packets transferred over Tunngle are encrypted the same way network packets are when using other third party VPN providers like Logmein Hamachi; If not, why not?

To quote a famous person, Yes we can! And yes we do! Tunngle cyphers every little piece of data that is transferred using its powerful encryption.
I would like to add that unlike other VPN solution all traffic is direct and we have no relays. This means that there can be no data preservation or logging at all . While you have no guarantee that this does not happen on other VPN solutions you can be sure that this doesn't happen with Tunngle as relays are simply missing.

Quote from: http://www.tunngle.n...rong-encryption

Quote

Tunngle uses the internationally approved Advanced Encryption Standard (AES).
This encryption algorithm won against its competitors in the year 2000 in a competition of the National Institute of Standards and Technology (NIST).

We are using the highest possible encryption level that this algorithm provides using a key length of 256 bit.
The keys are exchanged using the secure RSA method with 2048 bit encryption. The abbreviation RSA is composed of the initials of the surnames of the developers Ronald L. Rivest, Adi Shamir und Leonard Adelman. This method was already developed in 1977 and still is the standard for applications that count on secure key exchange because of its mathematical properties.

Quote from: Tunngle#Secure.2C_Fast_.26_Safe

Quote

Secure, Fast & Safe

After a connection has been successfully established, your communication with the other peers is safe, quick and direct since it's not relayed in any way. This system guarantees you the best possible network performance, keeping the pings as low as they can be and taking full advantage of your maximum bandwidth.
Furthermore this method keeps your privacy safe since there can be no data preservation or activity logging. Your privacy matters: all the data transfers are secured using the AES-256 algorithm. The safety of the key exchange is guaranteed by the reliability of the trustworthy RSA 2048 algorithm. The Tunngle networks and chat, whether they be private or not, are thus safe and offer enough anonymity for your data.

RIIMIIX, on 20 April 2011 - 14:50, said:

Can anyone also tell me what measures are in place to protect us (the tunngle user community) from unwanted hackers etc trying to intrude on our privacy via Tunngle's service and what measures has tunngle put in place to protect us from such events taking place?

Yes we can! And we do! This is explained in several parts of our website:

Quote from Tunngle#PC_Security

Quote

PC Security

No one can access your sensible data over Tunngle, if you don't let him/her do that. The integrated Tunngle Mini Firewall will protect you from most of the attacks that are otherwise possible in normal LAN environments (effectively blocking the most vulnerable Microsoft services) and the trustworthy Tunngle encryption will safeguard your privacy.

Of course, if you want to be 100% secure, you must also be mindful of all the other services that are running on your PC. This is usually why running a firewall is a very good idea. Anyway this should be no surprise because it's not different from what you normally need when surfing the web.

Quote from http://www.tunngle.n...l=mini-firewall

Quote

Mini Firewall
The Tunngle integrated Mini-Firewall protects the Tunngler from the serious attacks that otherwise would be possible in a normal LAN environment:
-Only connections above port 1024 are permitted.
-Only use of ICMP, UDP and TCP protocol on IPv4 basis.

This means that there is no access to critical Windows system services.

In the Basic version this ports are always close. You can add exceptions in the Premium version.

Quote from Tunngle#Blocking_the_Bad_guys

Quote

Blocking the Bad guys

Cheating is not good. Games are supposed to be fair.
That's why Tunngle provides the proper tools to defend yourself.

You can lock your games with a password or issue the little cheaters a nice Global Ban using your personal Black List.
This way you will block all the communications with the selected Tunngler and he won't be able to cheat in your games anymore.

If chat spam is the problem, Tunngle provides a form of soft Chat Only Ban which will prevent any message from reaching you while letting the door opened for game opportunities.

For more information about the Black List check the Black List section.

RIIMIIX, on 20 April 2011 - 14:50, said:

Why when im running PeerBlock on my systems am I seeing so much blocked UDP actions taking place when using Tunngle?

Even more concerning, why is my allocated IP range showing as communicating with the DoD Network Information Center?

When I google the DoD Network Information Center to see what it is, it's shows to be the following:


The Defense Information Systems Agency is a United States Department of Defense combat support agency with the goal of providing real-time information technology (IT) and communications support to the President, Vice President, Secretary of Defense, the military Services, and the Combatant Commands.

If this is really happening, I think that your system requires a serious virus/malware cleanup or PeerBlock has some severe bugs.
Nobody can monitor Tunngle users because it would mean violating several national laws and the Registration agreement.
If you know of any crime you should report to the police .

Also this kind of Paranoia is against common sense: in case you haven't noticed Tunngle is based in Germany, which is part of the European Union and has to respect EU laws .
With all due respect to the Dod Center, if that even exists, this is European Union and Tunngle is subject to EU & Germany Laws. If Jimmy, DoD, Darth Vader, Palpatine, Joker signup for our service they have to respect the agreement and the law.
Also if you knew Tunngle and read you would learn that Tunngle is all about freedom and that we would never allow something like that .

RIIMIIX, on 20 April 2011 - 14:50, said:

Why is it when i have peerblock running and monitoring my ports whilst using Tunngle and using the allocated Tunngle IP address; why is my tunngle IP address sending data packets to the DoD??

This is a total nonsense. The Tunngle IP address can't send anything like that.
Tunngle uses your Internet adapter to connect you to the other guys on the network (and for the Tunngle server mediation) and nothing more.
The Tunngle adapter has no access to the Internet and can't send anything to "Internet IPs".
If you see packets going to public IP addresses, they are going through your Internet adapter.
The Tunngle adapter is used only to communicate with other 7.x.x.x addresses.
Knowing how networking works, you would understand that any unicast to addresses that do not respect the 7.x.x.x pattern, doesn't go through the Tunngle Adapter but through your normal Internet/LAN adapter.

RIIMIIX, on 20 April 2011 - 14:50, said:

The packets largely increase when I am just randomly browsing and also increase when I send emails; that's without having any games running or doing anything else.

This can only be the result of some virus or malware that is already on your PC.
I suggest that you bring your PC to some technician that can help you with that .

RIIMIIX, on 20 April 2011 - 14:50, said:

Is Tunngle a BIG BROTHER front; A simple door way in to peoples home networks?

Hopefully someone here can constructively comment and answer a few of my questions and the DOD part as that's very suspect, especially the way packets are trying to send from my computer to the DOD only whilst i have Tunngle open.

What ever next, men in black suites and silent black helicopters over head?

If you knew about Tunngle, you read the EULA and the ToS, you would have no doubt that it is about freedom .
Nothing is relayed, nothing is logged, connections are encrypted using high security standards and every Community member can enjoy his freedom in respect of the law and of our ToS .
A good cup of chamomile, some reading and some Community life should help you realize that your fears are not justified .

We wish you a lot of fun safely playing in the Tunngle networks . You deserve it .

[MooseyMoose]

After googling for "Tunngle DoD Network Information Center", this is the first search result.
Why was I searching for that particular search term? Because RIIMIIX is actual valid in his concerns.

I too can appreciate your response Brioche, but perhaps there is something in your service (which is a great tool btw) that you should look into a bit deeper.

The odd thing that striked me is during the "creating adapter" stage of the setup is when I was absolutely flooded with packets (to and from) DoD Network Information Center.

Where's the proof? The I.P: 7.28.5.140

Resolves with a contact of @nic.mil:
http://who.is/whois-...ess/7.28.5.140/
whois.arin.net/rest/org/DNIC

The registered address of the office being the Defense Supply Center.

Now... you could argue that the military are allowing multiplayer gaming from their networks, and the packets are "Hello's" introducing itself to each new player. But that wouldn't explain why this occurs when creating the vpn adapter upon first run after installing the software.

Before you jump to the "take your PC to a technician for a virus/trojan" line... I have 20 years experience in I.T. and our secure network certainly doesn't allow any foreign behavior. This isn't a false alarm, and you DO need to investigate what your product is also opening doors to.

EDIT: P.S. WTF... How did you assign me an avatar with my username in it? This wasn't an action of my own. Clever.

This post has been edited by MooseyMoose: 11 January 2012 - 11:41

[d4rkedge]

My Peerblock floods with DoD too when I login, Explain please, I highly doubt 3 of us have the same "virus" which makes our computers send packets to DoD at time of login.

IMAGE: http://img23.imagesh...663/tunngle.png

Love the service, but this needs to be fixed.

Darkedge.

This post has been edited by d4rkedge: 11 January 2012 - 11:23

[MooseyMoose]

I should probably add that it is well documented that the DoD researches P2P networks by using it themselves. Perhaps the DoD is interested in the functionality Tunngle provides and it itself monitors activity. Still doesn't explain why this occurs while installing the VPN adapter.

There's also suspicions that the DoD use to own the 7.28.x.x ip range, but released it and Tunngle happened to purchase an ip in that range. No one could believe that for a second, as the IP in question resolves to a .mil registra as I write this.

Lastly, there's also suspicions that a possible cause for these packets is that they are spoofed by scammers using UDP & ICMP Ports. Also unlikely. Never received so much of a ping from DoD until during the installation of the Tunngle VPN Adapter and there-after.

Food for thought. I've disabled and uninstalled the adapter and will be steering well clear. Smells like a Honey Pot.

Edit: P.S. I hope my posts aren't portrayed to be defamatory to Tunngle, I believe it is a great tool so far, but my posts are intended to incite real answers to real concerns - not "You've got a virus" responses.

This post has been edited by MooseyMoose: 11 January 2012 - 11:41

[ObeseWhale]

All you need to know is that tunngle is secure

[d4rkedge]

Why are peoples names being changed??

[MooseyMoose]

Oop sorry, that was just me changing my handle

ObeseWhale, on 11 January 2012 - 11:56, said:

All you need to know is that tunngle is secure

Did you just say that about a product that's openly in BETA?

[Brioche]

Hi . I've read carefully through your posts .

First of all let me address the Peerblock question.
This kind of behavior by Peerblock is not new and honestly it isn't in itself a reason for concern.

Peerblock is a program and as every program has bugs and unintended behaviors.
The fact that it blocks Tunngle on your PC and, more importantly the reason it gives for it, does not actually say anything on the security of Tunngle source code.
It could be a false positive, a bug, an improper detection or it could be that your PC was already infected with a malware/rootkit that is hijacking the standard Operating System API calls for all the software that you have installed on your machine (Tunngle just being one of them).

In this case it seems to be that PeerBlock or some other application doesn't like the Tunngle network range and that this triggers this false alarm.
This doesn't mean anything (it only means that peerblock is misleading you with wrong information and that you believe it rather than us).

We didn't buy 7.x.x.x ranges, they are unofficial allocations. You can set up a network in your home with these addresses under the same premise, PeerBlock could go nuts about your little sister (if you have one) PC but this network wouldn't still be more malicious than an icecream...

Tunngle does the same the same thing using these 7.x.x.x for its network (actually the fact that they conflict with DoD tells you that we're not partnering with them but rather "blocking" theirs when we route this range via our adapter).

Sometimes these "Protection" programs just cause more issues than they fix. I am afraid that you've just found one of these cases .
I've seen several different behaviors when Peerblock is installed and I am lead to believe that we're not responsible for this (if someone can prove otherwise we will be happy to fix).

Some users report no problems and some, as you, get this strange DoD issue.
Everything seems to hint that there is more to the matter than it meets the eye and that this question should be raised to the Peerblock development team rather than us.

...

However simple logic can help you sorting out your irrational fears about Tunngle.
Tunngle is a German software made in Europe by Europeans so it doesn't really make sense that it sends data to the American DoD center, don't you think?

Also Tunngle is checked by Kaspersky labs which is Russian and it makes no sense that they would grant us the clean mark for every new version of Tunngle if this wasn't really true .
If that is not enough you can also verify with every Antivirus program in the word .

It would be nice to control the world but last time I checked I was a young guy working as a slave for virtually no revenue .
So much for Brioche's word domination :/ .

That said always download from our site and verify the MD5.

...

Now let's come to Tunngle security which is the security of VPN technology.
When you join a network, Tunngle behaves like a smart cable that connects the two virtual network cards installed on your PC and the remote PC.
Your computer uses your virtual network card and Tunngle only pipes data through this virtual cable using UDP port 11155.
These virtual cards use ips that are 7.x.x.x which have scope only in our internal system (actually you know that, when Tunngle is installed, connections to 7.x.x.x will go through Tunngle and not elsewhere, since if it went to DoD you wouldn't be seeing games unless they host some and play with you ).

Tunngle, unlike some competitors, does not hook into your running softwares (like games) to redirect network traffic but provides Virtual Private Network connectivity.
It works by installing and connecting a standard virtual adapter which is universally recognized and tested.
This adapter is then independently and autonomously used by your programs.

This means that third-party games and other softwares (including firewalls and antivirus) use this network adapter the way it is meant to be (that is to say under the same conditions that third-party software developers used at development time).
In other words your games, your firewall and antivirus are put in the condition to operate with the same scenario in which they were designed.

By comparison another gaming program which works by redirecting (or hooking into) your network traffic, would require permissive rules on your firewall and antivirus giving up virtually every control on what is happening.
In other words a malware could use this kind of redirections for the wrong purposes without your firewall and antivirus noticing, because the traffic would be hosted by the gaming program which is "trusted" by your firewall (and because some home firewalls are permissive with what goes on locally in the loopback zone of your machine).

When using Tunngle the traffic goes through the adapter and this is very reassuring because your antivirus and firewall will notice (sometimes too much as some users experienced).

As for the security of the Tunngle client itself and the trust that you need to have when you run it, it is equivalent to the one you need for any other software (Windows and Peerblock too, you seem to trust the second one a lot).

I think that in this case you can easily guess that people, like us, that are working hard through the day to bring you a quality service, have the greatest interest in delivering to you good software.
It would make no sense to work countless hours a day (even beyond our paid work time), put our face on it and then ruin everything .

After all trusting the program, means trusting the people that are developing it.
That's exactly why we work this hard: we do this to give you the opportunity to trust us.

What comes after depends on your choice, and, trust me, we are the first happy to know that you have this kind of freedom !
It's good to know that all the people that choose us, trust us and love what we do for them !

This is what gives us reason to go on !

[MooseyMoose]

Hi Brioche,

Firstly, thank you for taking the time for an in depth reply, a sign of good will.

Secondly, please note that never did I mention I was a PeerBlock user. From other user reports I can understand why you may have made that assumption.

I also wish to clarify that the DoD packets only began during the Adapter installation portion of the installer, this is prior to even signing in with a Tunngle Account/Password.

Quote

Tunngle does the same the same thing using these 7.x.x.x for its network (actually the fact that they conflict with DoD tells you that we're not partnering with them but rather "blocking" theirs when we route this range via our adapter).

Just confirming what you're saying here... you are actively blocking known DoD IP's? That puts my mind at ease, as it would make sense that some packets get through before the completion of the Tunngle Installation, but doesn't quite clear up other user reports that they receive these packets constantly whilst using Tunngle.

I would be quite happy to conclude that the DoD is attempting to monitor and research the Tunngle service, and as you mentioned due to Firewall's looking at Tunngle in a trusted state, they allow any and all traffic through that adapter. My restraint with drawing this conclusion is that you can't even sign in to Tunngle unless you specifically allow connections from 7.28.5.140, which is a bit strange considering that IP isn't registered to Tunngle, but to the DoD.

Overall I'm appreciating the feedback and debate, but there's still a couple of things that remain unexplained. I hope you can provide some light on those specific issues. I will also verify the MD5 checksum, thanks for the suggestion.

Regards,

Moosey

EDIT: And thank you again for your time in addressing these concerns. It's obvious the Tunngle team are working hard developing the service and maintaining support for it's users - you're efforts aren't in vain.

This post has been edited by MooseyMoose: 11 January 2012 - 21:50

[Brioche]

Nothing like a firewall block, but if these packets are routed through the Tunngle adapter to another Tunngle address it's very difficult that they also go elsewhere .
The point is that Tunngle has his own network (that's the essence of Virtual Private Network).

By "analogy", I am sure that if you compare your Internal LAN IP with the one of a computer that is on my network you could find that they are the same (since most home routers use the same ranges). However this doesn't mean that if I type this IP address I will connect to you. As the logic suggests, I connect to the PCs that are on my network.
Also if you plugged your PC in my network with the same ip address, this would create an IP conflict making communication between all three computers very difficult.
You can easily see that this won't work for Tunngle either by making a few tests .

[MooseyMoose]

The Penny just dropped...

Of course, a VPN is a VPN, so an IP that does belong to the DoD on the World Wide Web is of course something completely different from the same IP within a VPN because that could belong to anyone in essence, as it is virtually assigned, and private.

Thanks for the explanation and patience Brioche, that makes perfect sense now. I hope others googling with the same concerns see this thread.

Now to enjoy Tunngle!

[d4rkedge]

Brioche, on 12 January 2012 - 09:05, said:

Nothing like a firewall block, but if these packets are routed through the Tunngle adapter to another Tunngle address it's very difficult that they also go elsewhere .
The point is that Tunngle has his own network (that's the essence of Virtual Private Network).

By "analogy", I am sure that if you compare your Internal LAN IP with the one of a computer that is on my network you could find that they are the same (since most home routers use the same ranges). However this doesn't mean that if I type this IP address I will connect to you. As the logic suggests, I connect to the PCs that are on my network.
Also if you plugged your PC in my network with the same ip address, this would create an IP conflict making communication between all three computers very difficult.
You can easily see that this won't work for Tunngle either by making a few tests .

Sorry to bother you Brioche, but now we know that this 7.x.x.x address isn't DoD, can I ask what it IS?

Thanks,
Darkedge.

[Brioche]

Simple, it's assigned to another player like you .
When you join a network you'll see that you have your own 7.x.x.x IP too .

[d4rkedge]

Brioche, on 13 January 2012 - 11:34, said:

Simple, it's assigned to another player like you .
When you join a network you'll see that you have your own 7.x.x.x IP too .

I mean the one which Peerblock wrongly warns about at login It's like 7.255.255.255

Sorry to bother, just bored
Darkedge.

[Brioche]

That's not an address belonging to a machine but simply the broadcast address . It's used for game server advertising and stuff like that .
It's what allows you to find the games when you push refresh in the LAN server browser .
It's a pretty common thing for networks . You can just go to Wikipedia and take a look http://en.wikipedia....oadcast_address .
That should help with your boredom .

[toodeadforeat]

Great xD...you know what? peer block is veery outdated program...i suppose you should use wireshark or more likely professional analogs for this kind of research...further more i live in Russia and i just don't care if some USA government watching how i play some games for free & downloading some *******s with their movies who cares?