I guess I'm looking for a proxy or something to block my IP. No mischief involved here, just looking for a tad more security while online.
I would like it to do my whole connection. Not just my browser or certain apps.
I'd need it for android.
If I get you right, what you need is a tool to filter certain IP adresses or hostnames. Otherwise I have no clue what you mean by
mroneeyedboh said:
I guess I'm looking for a proxy or something to block my IP.
Click to expand...
Click to collapse
Without root you could try NoRoot Firewall, that sets up a local VPN service and allows you to filter all outgoing connections. Additionally you can enable global rules that block given destinations for the whole Droid.
Moreover, SRT AppGuard can do the same (and also disabling permissions), due it logs all connections and you can easily allow or disallow targets.
Related
There's a single app on my S3 which I'd like to configure so it accesses the Internet only via a certain SOCKS5 proxy server (while all other apps continue to access the Internet directly.)
I've tried ProxyDroid which allows setting a proxy on a per-app basis, but it has some serious downsides and overheads, so I'm looking for a different solution.
How can I set up, without a dedicated app such as ProxyDroid, all traffic from a specific app to go through the proxy?
From browsing through the ProxyDroid source code, I imagine one option would be to modify the iptables directly from the terminal as root. What would be the command for that? As it seems to require some uid of the app, how would I find out that uid?
Also, it would be great if the solution to this can be constructed in a way that can be used via a DroidWall custom script.
Many thanks.
I've scanned every firewall app for Android it seems and can't find what I'm looking for.
I'd like to install a firewall allowing me to manage web access permissions per app per IP address. Ideally upon each app's first web access, the firewall should prompt me, saying 'such and such app is trying to access such and such IP' and one should have options to allow/deny the app's access for the specific IP, and and/or all IPs in general.
All the advanced firewalls for Android only allow allow/deny management for data and wifi access separately, but for all IPs and not by individual IP.
Anyone know of a firewall that would allow me to do what I'm looking for?
--
白い熊@相撲道
Hey there XDA
So I was reading this article the other day that pertains to security and encryption on the Android Operating System
http://www.bibliotecapleyades.net/sociopolitica/sociopol_cia38.htm
Basically what is says is that even if you use encryption in apps there's nothing preventing people from accessing your devices mic or camera
But I was thinking what if you encrypt ALL outgoing traffic? Now I'm not the most well versed guy when it comes to technology but I've heard about for example SSH tunnels
So I found this guide on how to setup one on Android: https://www.howtogeek.com/121698/how-to-route-all-your-android-traffic-through-a-secure-tunnel/
Would this effectively encrypt all outgoing data?
Eklondh said:
Hey there XDA
So I was reading this article the other day that pertains to security and encryption on the Android Operating System
http://www.bibliotecapleyades.net/sociopolitica/sociopol_cia38.htm
Basically what is says is that even if you use encryption in apps there's nothing preventing people from accessing your devices mic or camera
But I was thinking what if you encrypt ALL outgoing traffic? Now I'm not the most well versed guy when it comes to technology but I've heard about for example SSH tunnels
So I found this guide on how to setup one on Android: https://www.howtogeek.com/121698/how-to-route-all-your-android-traffic-through-a-secure-tunnel/
Would this effectively encrypt all outgoing data?
Click to expand...
Click to collapse
Not really, setting up an SSH tunnel will only encrypt your traffic between your device and your server, at some point most traffic will have to enter the internet in just as secure manner as it does now so that you can view a website for example, it will add another layer of security, but really only useful for privacy from those on your local network or (if your server is outside your ISP network) from your ISP also (but you'd have to change your DNS servers also or they can get info from there about sites you visit)
Also non of that will stop the issue you mention above about gaining access to your camera, mic, files etc that to beat encryption they just have to gain access to your phone, that could be as simple as sending you a malware link to your email, Whatsapp or whatever, which you visit. Which seems to be what my mum did 2 days ago, there was a well crafted email that appeared to be from Genes Reunited making specific reference to her personal private data & contacts in her account so she clicked the link, now she has no internet access & other issues on tablet, but of course I can't log in to fix from here & she can't follow my instructions over the phone properly! The email password she gave me doesn't work (I wanted to examine the file she clicked on), though there was no confirmation via txt of password changed. So right now I'm not sure as could be related to the TalkTalk hacks.... Or just my mum! Rant over!
So in short no, ssl is not a simple solution
this might help. https://www.torproject.org/
"err on the side of kindness"
IronRoo said:
Not really, setting up an SSH tunnel will only encrypt your traffic between your device and your server, at some point most traffic will have to enter the internet in just as secure manner as it does now so that you can view a website for example, it will add another layer of security, but really only useful for privacy from those on your local network or (if your server is outside your ISP network) from your ISP also (but you'd have to change your DNS servers also or they can get info from there about sites you visit)
Also non of that will stop the issue you mention above about gaining access to your camera, mic, files etc that to beat encryption they just have to gain access to your phone, that could be as simple as sending you a malware link to your email, Whatsapp or whatever, which you visit. Which seems to be what my mum did 2 days ago, there was a well crafted email that appeared to be from Genes Reunited making specific reference to her personal private data & contacts in her account so she clicked the link, now she has no internet access & other issues on tablet, but of course I can't log in to fix from here & she can't follow my instructions over the phone properly! The email password she gave me doesn't work (I wanted to examine the file she clicked on), though there was no confirmation via txt of password changed. So right now I'm not sure as could be related to the TalkTalk hacks.... Or just my mum! Rant over!
So in short no, ssl is not a simple solution
Click to expand...
Click to collapse
Heh, **** man.. Hope she sorts it out
Now I think I've decided to use an SSH tunnel paried with RSA authentication for the time being, it seems good enough for me
mrrocketdog said:
this might help. https://www.torproject.org/
"err on the side of kindness"
Click to expand...
Click to collapse
Tor seems awesome
The proper way to achieve this is using a vpn which permits flexibility on the networking side. I use openvpn server on my home computer and i connect my phones to it. It is set to redirect all traffic through the encrypted tunnel which is forwarded to the internet through my home computer.
Now as noted before the information still goes out to the net at some point and comes back. Encrypting traffic does not help if you click on something malicious out there.
It does help to prevent the directly connected network to snoop on your actual traffic though. Handy when you connect to free wifi etc. Also you can filter traffic by application on the phone or by destination on the other side on the server.
I did a DNS Leaktest (https://www.dnsleaktest.com) and found my home WI-FI settings on my tablet were using Google's DNS servers for some reason. Not the ones set up in the router.
Thanks to this thread: https://forum.xda-developers.com/hd8-hd10/general/root-required-manually-optimize-wifi-t3824977
Using a slightly different method than the OP in that thread, I am using the DNS server's I choose.
Cheers!
Do an extended test, you may find it can still get to 8.8.8.8, as it adds it as a 3rd DNS entry when doing the wifi advanced setup.
Is it possible to remove the Google DNS Entry completely without root?
starmagoo said:
Is it possible to remove the Google DNS Entry completely without root?
Click to expand...
Click to collapse
I haven't found a way. I used a workaround instead. I block all known major DNS addresses in my router, pretty much making sure only my assigned pi-hole is used for queries. You could also block all outgoing traffic for port 53 except for your designated DNS resolver. Only issues here are that an app that uses hardcoded ip addresses or unknown DNS addresses can slip through. Also, with DNS over HTTPS, this is going to get a lot harder to manage. Firefox already enables this in the browser, letting all sorts of ads and possible malicous content through any filters that have been setup.
Hello!
I am using a Sony Tablet with android 6.0 on it. It's fully rooted!
Now I would like to know whether it is possible to transfer the entire data of all apps but also of the system (e.g. time synchronization, system update, etc.) via a VPN and/or proxy, if the data transfer runs over the mobile network (NOT Wlan)?
What options are there?
Do I need apps and which apps are suitable for VPN and proxies (e.g. socks)
... currently I'm using a firewall (AFWall+) - it's a wonderful app that blocks everything I type into it including system apps and services, etc. Nothing gets through. I also need something that is deeply integrated into the system for VPN and proxy.
Hope you could help me with this.
best regards,
Xperia
Try to use TOR Proxy App and VPN you can create yourself or use any good app like Avast.
Use proxydroid, if your base vpn app has the oprion to use transproxy
RizkiMaulana said:
Use proxydroid, if your base vpn app has the oprion to use transproxy
Click to expand...
Click to collapse
I've used ProxyDroid on old phones but it doesn't seem to work on new tablets that I have. Any other recommendations for a global proxy app?
Maybe you can check out kernel side VPN like Wireguard. If your kernel support it, you can install it to kernel as LKM. All things must go through this interface.
utilizedwill said:
Maybe you can check out kernel side VPN like Wireguard. If your kernel support it, you can install it to kernel as LKM. All things must go through this interface.
Click to expand...
Click to collapse
I found an apk called Kitsunebi that seems to work.
To route all traffic over VPN or Proxy on Android, you can follow these general steps:
Install a VPN or Proxy app: You will need to download and install a VPN or proxy app on your device. There are many options available on the Google Play Store, such as ExpressVPN, NordVPN, CyberGhost, and Orbot for proxies.
Configure the VPN or Proxy: Once you have installed the app, you will need to configure it to route all traffic through the VPN or proxy server. This may involve entering server addresses, usernames, and passwords, depending on the app.
Enable the VPN or Proxy: Once you have configured the VPN or proxy, you will need to enable it to start routing all traffic. Some apps may allow you to enable this feature directly from the app, while others may require you to go to the device's settings menu to enable it.
Verify the VPN or Proxy is working: To make sure that all traffic is being routed through the VPN or proxy, you can visit a website like whatismyip.com to check your IP address. If the VPN or proxy is working correctly, your IP address should be that of the VPN or proxy server, rather than your actual IP address.
Note that some apps or services may not work properly when using a VPN or proxy, and you may need to adjust the app's settings or disable the VPN or proxy for certain apps. Additionally, deeply integrating a VPN or proxy into the system may require more advanced configuration, such as modifying system files or installing custom ROMs, which can be risky and should be done with caution.