VPN's & Hiding IP address

[humbert]

I started this topic because when there was talk of Internet censorship here in America (hasn't happened yet), I believe I was ready to go with a VPN. During my recent trip to Mexico I found out I've got a lot to learn.

Mexico has no law mandating internet censorship. I tried to do something simple and I failed. I knew that from there, I could not view nor edit my queues from Netflix and Hulu, of which I'm a paying customer, and all because their servers are picking up a Mexican IP address. So this is what I did:

1) I installed the Hide MyAss Firefox addon. The addon blocked cookies, so the site wouldn't let me in. Add to this the fact that, as the site came on, I was bombarded with ads from HMA, all saying "pay, pay, pay" (I hate this). There was nothing on HMA's menu to correct this, plus the fact that there is no way to tell the software what country you want the remote server to think you're in.

2) I then tried one of those programs called "Super Hide IP" or "Real IP Hide". They are garbage. I ran a test with whatismyip.com and, not only did it detect I was on a proxy server, it gave me the IP of the proxy server and my real IP also! Netflix's server must have done the same because it also didn't allow me to edit the queue.

What do I do if internet censorship were imposed in America tomorrow? Let's make it simpler - how do I access Netflix next time I travel to Mexico?

[Daniil]

Oh damn... And that's "free and proud America", land of glorious revolution heroes, cowboys and goldsearchers... Where all gone?  Eh... It looks like very soon in USA will be like in USSR at early 1980-s - step left or right from rotting mainstream causes shoot in your back. 

Well, let's try to defeat that. You can't watch NetFlix from non-USA IP (I had a try, and site return me invective like "You're not stars-and-lines jedi, I'll not allow you, go f... far out of here!"). But, if you have a pubilc IP (e.g., your home IP isn't LAN IP, you are not after the NAT) you can set up your own proxy (show me a law, which says you can't!).
If you have static pubilc IP, that's just simple - build a proxy server, for example, on Jana Server 2 (Deutch "mirakle of aries teknolodgy, ja, ja, hur-hur!", a very good server, not simple but very functional!), or on Linux SQUID. You need a very simple PC for it, maybe an old one, like a PIII-900MHz. Set up a proxy for allowing to connect with a password, for prevent unwanted users. Then, when you go out from USA, leave you proxy server turned on...
When you need to connect to NetFlix, connect to it using your own proxy. You are assurely allowed to connect to your IP-address (against, show me me a law, which says you can't!), and you can watch NetFlix like from your IP.
If you have dynamic pubilc IP, that's also not a problem. Use No-ip dynamic DNS Update Client, and connect to your proxy not by IP, but by your address (like humbert.no-ip.net)

I'll draw some schemes for this a bit later, maybe that'll be usefull for other forum members also...

[humbert]

@Daniil
On this VPN thing I'm really going to "pick your brains" because I don't know much about the subject. I don't have another PC I can use as my own proxy server, but I'd like to ask something in the event I did. I have a dynamic IP address, which means I'd have to use no-ip. I'm assuming I'd need Jana Server also. I am behind a router which serves as either an internal DHCP server or a static one if I want. Does Jana configure the router accordingly, even opening ports if necessary?

Even if I could get this thing running, how do I prevent proxy detection? As I mentioned, with that "Super Hide IP" and similar programs, whatismyip.com told me that that I was calling in from a proxy server, then it gave me both the IP of the proxy and my real Mexican IP. I'm assuming Netflix's software did the same. It seems to me they know all about proxy servers and have developed defenses against them.

Is there another way to deal with this problem other than putting an old computer online, not even knowing if this trick will work?

Also, let me clarify that so far there is NO internet censorship in America. Fortunately, financial giants such as Google and Microsoft have money and influence, and will stop at nothing to block any censorship law. So far it's all talk but no action yet. Even an article I read on torrentfreak about something to be imposed by some ISP's has simply not happened. Despite all this, you know how life is. I have to be ready immediately, just in case!

[Daniil]

In fact there is no such thing like "proxy detection". Many corporate network over the world works through proxies, so I don't think that NetFlix denies proxy itself. IMHO, the root of problem is in fake proxy IP, Super ide IP uses proxy somewhere, for example, in Kazakhstan. And, ofcourse, NetFlix don't like this IP!
Look at this scheme:

Sheme I explains a conception. If we would have a proxy on USA territory, we'll have an access to NetFlix. (Damn, you even can do some business on it - sharing NetFlix to other countries for money... Oh, yes, yes, that's heresy, just thinking out loud...)

Now, look at Scheme II. That's a scheme of your network with proxy. In this case you should use your router like local-only switch with a function of DHCP. All outgoing connection would be executing by proxy-server. On a proxy-server must be raised NAT, proxy, firewall and antivirus. Also, for control, you must raise some remote control server on it (that RC server must be accessed only from inside network). With this network you'll go through proxy from home network and also you can connect with this proxy from outside networks.
BTW with this proxy you can not only connect to NetFlix from outside the America, but also made an 24-hours torrent loader. 

Is there another way to deal with this problem other than putting an old computer online, not even knowing if this trick will work?

I don't know other way. Why are you afraid - because it's old or because it's online? Also, to prevent problems, and for understand, can it work, we must make some experiments before building this proxy.
1) Would the proxy be allowed by NetFlix?
If you have two computers (one with 2 network adapters), connect one with two network adapters (let's call it "first") directly to an Internet (without router, firewalls and other stuff), and other - to the first. Raise a proxy on first (that may be not only Jana Server, but also any other simple proxy, there is a lot of them in the internet.). Try to connect to NetFlix from other computer. If it works - we're won!
2) Would the proxy be allowed by NetFlix when we connects to it not frou LAN but from outside?
OK, connect one computer directly to Internet, raise a simple proxy and set up no-ip. Then go to other network (to an Internet cafe, PC club, to a friends, with pad to a free Wi-Fi area, you name it...), set up proxy connection in your browser and try to connect to NetFlix. If it works - we're won again!
3) Would the proxy works when we connecting from other country?
When you again go to Mexica, connect the computer to internet like at exp. 2, and try to connect with it (against like in exp.2) but from Mexica.
If 1 and 2 and 3 returns "true", you can begin to build a permanent proxy server.

Despite all this, you know how life is. I have to be ready immediately, just in case!

It's wisely "to be always ready".

[humbert]

@Daniil

Thanks so very much for taking the time to explain all this to me and to help me in general. I read your post carefully and downloaded your drawing. Let me explain and ask questions.

The scheme 1 you drew makes perfect sense if indeed as per your illustration, the request from my computer in Mexico is going to both Netflix and some fake proxy somewhere in the CCCP. It was whatismyip.com and not Netflix who detected both IP addresses, i.e., the real one and the "proxied" one. The only thing Netflix did was to put in it's main menu an offer to sign up and the phone number they gave had the typical numerical syntax Mexico uses. There was no point in logging in. In other words, Netflix gave me no warnings about anything, it acted as if the fake proxy didn't exist at all. Does this mean the proxy used by Real Hide IP (or whoever) didn't exist at all? How did they get that strange IP address?

Also, after I wrote you my last message, it occurred to me that one time my cousin gave me a site called anonymizer.nntime.com that allows you to select a country you want to be in, and then from their site you go wherever you want. Just to test, I picked the Czecks Republic and called whatismyip.com - it did NOT detect the proxy server and believed I was in the Czecks Republic. When I called Netflix, it said "we have no service in your country".

I don't think we can pull off scheme 2. I don't have all those computers. Not only that, but my Internet setup is from a cable TV company. The line that comes in is a coaxial cable that goes to their cable modem, which doubles as a 4-port LAN and WiFi router. I've gone into it's setup and simply saw no way to change many default settings. Even with a better router I ordered for use with WiFi I don't know if we can do anything. Naturally I went with the cable company because, when it comes to the amount of bandwidth available, DSL can't even come close by comparison. Also, even if I were able to do all this, how would I even call my proxy server from Mexico given that the IP address is dynamic? How do I know the new address if it changes?

Regarding your question about copying Netflix, this is their setup. When they started, they began by renting movies for an individual fee (e.g., $3.00 a movie). Then they became the first to offer unlimited rentals for a monthly fee. You paid according to how many movies you wanted at the same time. Finally as bandwidth began to increase, they offered unlimited streaming for just $8.00. It was then that I dropped the movie rental plan in favor of streaming. When I did have DVD's mailed to me on the old plan, using Slysoft's software copying them was easy. Slysoft gave you the option of removing the region code and even transcoding the movie so it would be compatible in whatever country you wanted. I stopped copying them simply because I had so many there was nowhere to put them! I might add that my Samsung DVD, which is also my streamer, has a USB port. I seriously doubt it's possible to copy a streamed movie to a USB drive - Netflix isn't that stupid.

Unless I'm not fully informed, I'm thinking that so far unless I find proxy software that really works, it seems the only way around this problem is to go with that web site.

One more question since you are a super technician. If you had a USB A/C power adapter that puts out [for example] 2.1-A, could you charge a device (such as a cel phone) that requires less amperage than that, or would doing this fry the cel phone?

[Daniil]

The scheme 1 you drew makes perfect sense if indeed as per your illustration, the request from my computer in Mexico is going to both Netflix and some fake proxy somewhere in the CCCP. It was whatismyip.com and not Netflix who detected both IP addresses, i.e., the real one and the "proxied" one. The only thing Netflix did was to put in it's main menu an offer to sign up and the phone number they gave had the typical numerical syntax Mexico uses. There was no point in logging in. In other words, Netflix gave me no warnings about anything, it acted as if the fake proxy didn't exist at all. Does this mean the proxy used by Real Hide IP (or whoever) didn't exist at all? How did they get that strange IP address?

On scheme 1 I mean "or". HTTP request may goes directly from Mexico provider OR if you are using proxy, through a proxy server somewhere in the world (ex-USSR, different "Banana Demokratik Republics", Somalia, and other...). In that cases NetFlix will decine your request. Also, RealHideIP may do other thing - it may drive you trough proxy which located also in Mexico, that's explains why you get Mexico sign-in form from NetFlix.

Also, after I wrote you my last message, it occurred to me that one time my cousin gave me a site called anonymizer.nntime.com that allows you to select a country you want to be in, and then from their site you go wherever you want. Just to test, I picked the Czecks Republic and called whatismyip.com - it did NOT detect the proxy server and believed I was in the Czecks Republic. When I called Netflix, it said "we have no service in your country".

I've got exactly the same message when try to check it up.

I don't think we can pull off scheme 2. I don't have all those computers. Not only that, but my Internet setup is from a cable TV company. The line that comes in is a coaxial cable that goes to their cable modem, which doubles as a 4-port LAN and WiFi router. I've gone into it's setup and simply saw no way to change many default settings. Even with a better router I ordered for use with WiFi I don't know if we can do anything. Naturally I went with the cable company because, when it comes to the amount of bandwidth available, DSL can't even come close by comparison.

Also, even if I were able to do all this, how would I even call my proxy server from Mexico given that the IP address is dynamic? How do I know the new address if it changes?

For resolve your last question I suppose to use No-IP DNS system. If you are use No-IP and your PC have direct connection to INet, then No-IP application, installed on this PC, cyclic updating your DNS record. For example, you register your DNS record like "humbert.no-ip.net". You install No-IP DUC (Dynamically Update C... somewhat, i forgot...  ) and it reports to No-IP DNS server that your PC have name humbert.no-ip.net and IP XXX.XXX.XXX.XXX. After you reboot your PC (and IP address changes), DUC checks your IP, and again reports to No-IP DNS server that your PC have name humbert.no-ip.net but now with IP YYY.YYY.YYY.YYY. But the name will stay the same, and you can connect to your computer by name "humbert.no-ip.net"! 
We had use this service for building game servers, for WoW or ArmA:Cold War Crisis
Also, most of that computers was drawn for example. Most important to us is proxy server, router and one PC, other is optional. Well, if you say that you are on coax-cable connection, then... I must think a while... Ofcourse we can set up proxy after a router and trace ports on router for allowing connection to proxy from outside network, but how in that case DUC can check outer IP of router?... 

Regarding your question about copying Netflix, this is their setup. When they started, they began by renting movies for an individual fee (e.g., $3.00 a movie). Then they became the first to offer unlimited rentals for a monthly fee. You paid according to how many movies you wanted at the same time. Finally as bandwidth began to increase, they offered unlimited streaming for just $8.00. It was then that I dropped the movie rental plan in favor of streaming. When I did have DVD's mailed to me on the old plan, using Slysoft's software copying them was easy. Slysoft gave you the option of removing the region code and even transcoding the movie so it would be compatible in whatever country you wanted. I stopped copying them simply because I had so many there was nowhere to put them! I might add that my Samsung DVD, which is also my streamer, has a USB port. I seriously doubt it's possible to copy a streamed movie to a USB drive - Netflix isn't that stupid.

All is possible, the main thing is how much will it cost. Maybe in that case this cost just too much to be effective. Also, you mean that your DVD player is a streamer, i.e., it's connected to network??

One more question since you are a super technician. If you had a USB A/C power adapter that puts out [for example] 2.1-A, could you charge a device (such as a cel phone) that requires less amperage than that, or would doing this fry the cel phone?

Well, first of all, adapter must output correct voltage for charging device. I.e., if your device was designed for 5V recharge module, charging it with 12v charger would be stupid idea.  Also, if device have onboard current limiter, or use the current (amperage) for recharge same as an adaptor puts out, then you can use your power adapter without warning. In the other case you should use power adapter with a smaller amperage then the default one. For example, if the default adapter puts out 3A@5V, then you can use adapter which puts out 2A@5V, but not one with 4A@3V or one with any amperage at 12V.

Also, a two small language questions:
1) Mexico - you means the citi (capital of Mexica), or a whole country at once? In Russian we calls a country as "Мексика" (Meksika), and a capital of it as "Мексико" (Meksiko) or "МеÑ...ико" (Mehiko), that's why such a question.
2) What's the difference between words "constructed" and "developed"? "Construct", as I understand, means something close to "handmade", or "build" (when many people with wrenches and crowbars brings big iron pieces and then screw them together...). And "develop", as I understand, means something close to "invent" (when small group of men in tux sit in a small room with tea and a bunch of a blueprints, and after a time a lamp lights over a head of one of them). Am I correct?

[Shadow.97]

Hi, i think i can help here
I have been using http://privitize.com/ to get around, im not sure how and if it works outside Sweden, but here i get a steady 10 MBit down and about 1-2 MBit uploadspeed. Not the best upload speed but a totally fine download speed. I have been using it to bypass IP' bans inside of games several times.
Also try Smart hide IP if you havn't tried already, you can choose what country you are "from" but in my opinion it has been slow and unreliable but it has changed my ip some times.

[Daniil]

Let's make it simpler - how do I access Netflix next time I travel to Mexico?

Also, an idea. Why at all you need the NetFlix? Just download films you want from torrents, isn't that simplier?

[humbert]

@Daniil
Regarding everything you explained:

1) With respect to how Netflix's Mexican page came up despite the fact that I was on a proxy server, what I don't understand isn't so much Netflix but rather it was whatismyip.com that told me not only my real IP, but also the one provided by Real IP Hide (or whatever it was). That's why I still think that Netflix's page was able to filter it out and find the real one. It's clearly not a situation of being rejected because that server is on the moon or somewhere strange.

2) Regarding humbert.no-ip.net, let me see if I'm clear on this. There is a company out there somewhere that, when you install its software, will create a numerical IP address for humbert.no-ip.net which DNS servers would recognize. Once that's working, my computer would need some sort of proxy software to redirect anything to where I really want to go. Is this correct so far? If so, then the only thing remaining is a way to get around my router. Right now I just did a test from 2 separate devices in my house on 2 separate internal networks, and in both cases whatismyip.com[/color] is reporting 66.69.36.162. This is clearly the address of the router, anything behind it has an IP that starts with 192.168. I guess setting up some sort of port forwarding might be possible assuming the server that issues the IP for humbert.no-ip.net is momentarily notified if that address I told you changed. Remember, the address is dynamic.

3) My Samsung DVD player doubles as a streamer. In other words, it not only plays DVD's, it's also fully internet compatible and hooks up to Samsung's Smart Hub site. From there you have a selection of stuff. Most is free but several are paid. Netflix charges $8 a month. As a customer, I see their vast selection of movies and put the ones I like in my queue or watch .them immediately. If I watch them they are streamed to my player over my internet connection, no different than a satellite TV company does with it's small dishes. There is no limit to movies or TV episodes I want to watch nor any additional charge. This is one reason I decided to pay them instead of just downloading torrents -- it simply doesn't justify doing so. Also, with a service like this, if I decide I want to watch something but don't know exactly what, I can browse their endless selection and simply touch the remote. There must be something I'll like or am in the mood for, I can't dislike all 20,000 titles available at the touch of a key.

4) As for USB chargers, here in America I have yet to see one that doesn't put out 5-VDC. Where they vary is in the amperage. So based on what you've told me, the device you use must have in it's circuitry and firmware something that tells it to draw no more than [for example] 1.0A. It does not work like AC. As you know, in AC if you have [for example] an electric motor that draws 8A, it doesn't matter that the transformer has the capacity for 1000A, it just draws what it needs. From your explanation DC doesn't work like that. Right?

5) The name "Mexico" came from the real name of the Aztec tribe that ruled there when then Spanish arrived. The whole thing (capital and country) has the same name. Today the official name of the city is "Mexico, DF" (the DF is the Spanish acronym for "Federal District"). The country's official name is "United States of Mexico", which was, as you can see, essentially copied from America's name back in 1821. Also, when you are in another part of that country and you hear one guy tell another "I'm traveling to Mexico tomorrow", they mean the capital. In America they say "Mexico City". Yes, it's confusing, I know.

6) As I see it, "constructed" refers to something like a house or road that physically has to be made from the ground up. "Develop" refers mostly to abstract stuff. For example, you develop software, you don't construct it. Similarly, "developing" a house doesn't exist.

@Shadow
Does the privitize service work for the browser or the entire computer? These guys are free or what? Is there the option to tell it you want the other guys to think you're in a specific country?

[Shadow.97]

@Humbert, it works for the full PC. It detects as ip 46.?.?.?(cant remember) and mine starts with 213.?.?.? And on the Proxy test things it says "You are not behind a proxy!"
Though this is not always up. I believe it is the Pirate Party in sweden who owns it and for some reason it is not always up but when it is up it is really great and reliable.
And no, you cannot pick your location. If you look on your apps bottom left it shows small icons, it pops up there as a red ring and you have to rightclick and then "connect" and then "disconnect" to disconnect. I have found no settings what so ever. But what i have noticed is that i have to manually update it by downloading and installing it again. If you are familiar with Hotspot shield this is basically the same, except better and no GUI/ads Also!! If you install it take Custom and remove the other things that come along.. Its their way to make money i guess.