How to create a VPN for secure web browsing using Hamachi.


Do you feel insecure when browsing the internet over an open unsecured wireless access point?  

83 members have voted

  1. 1. Do you feel insecure when browsing the internet over an open unsecured wireless access point?

    • Yes
      52
    • No
      31


Recommended Posts

How to create a VPN for secure web browsing using Hamachi.

Do you feel insecure when browsing the internet over an open unsecured wireless access point? Well some people do, myself included. In this guide I will explain how to create a VPN for web browsing using Hamachi in combination with privoxy.

For this to work its best to use a computer that is always turned on and never goes to sleep. I prefer setting it up on an old low end computer that you just put in a corner and forget about. (except for installing updates on of course)

Step 1: Installing Hamachi

Go to the following address http://files.hamachi.cc/HamachiSetup-1.0.3.0-en.exe to download and install hamachi. They have a paid version and a free version. For what we need it for, the free version will work just fine. During the install tell hamachi to start with windows.

Step 2: Creating a new Hamachi network.
This will be the account that your laptop will connect to.

1) Click the triangle icon in the bottom right of hamachi.
2) Click "Create a new network"
3) Type in a network name. For the password I'd recommend going to https://www.grc.com/passwords.htm. On the page are 3 different sets of 64 character passwords. Every time you refresh the page a new set will be generated. Copy and paste one into the password field of hamachi. I'd also recommend you paste the same password into notepad and save it so you can copy and paste it later to connect to this account.

Hamachi is now ready to go. Next we will setup the proxy server portion. For this guide we will be using privoxy http://www.privoxy.org/. I'm sure there are other ones that will work too, but this one is free and it gets the job done.

Step 3: Setting up and configuring privoxy.

1) Download and install privoxy from http://www.privoxy.org/. You'll also want to put a copy of the privoxy icon in your startup folder.
2) Launch the application
3) Click Options / Edit Main Configuration. This will open up a notepad document. Search the document for "listen-address 127.0.0.1:8118. You want the one that does not have an asterisk in front of it. Replace the 127.0.0.1 with the 5.x.x.x number that is displayed on the top of hamachi.
4) Exit and save the document. You may have to restart the application for the change to take in effect.

Step 4: Setting up the VPN on your laptop.

1) Install hamachi on your laptop and create another new account.
2) Click the triangle in the bottom right of hamachi. This time choose "join an existing network".
3) Type in the name and password of the server you created in step 1 #3. Copying and pasting the password usually works the best.

Step 4: Setting up your web browsers to feel the proxy love.

This step is pretty simple. Go into the proxy options of your web browser. When it asks for an IP address give it the hamachi IP address of the server. When it wants a port number give it 8118.

That's it. You're done! Now when you are in a public access point and connected to hamachi all your web browsing traffic should be encrypted. Now lets test it to see if everything is working. Open the web browser that you just configured to go through a proxy server. Go to a website that displays your internet IP. If everything is working you should get the IP of your internet connection at home. Of course if you are testing this at home, it really won't do much good. You could always mooch off someones wireless access point just long enough to see which IP the site is giving you.

Note: Just remember if you have multiple web browsers on your computer, only the ones with their proxy settings configured will be encrypted.

Edited by warwagon
  BudMan said:
^ yeah lots of people are not aware of how to circumvent browsing policies at work or school.. This is a great guide on how to do exactly that.

This _mostly_ won't work for circumvention if the network and policies are set up properly, and I don't think the guide is meant as such. It's a way to safe surf encrypted in a public environment.

  BudMan said:
^ yeah lots of people are not aware of how to circumvent browsing policies at work or school.. This is a great guide on how to do exactly that.

My intent in writing this guide was to give people (like shockz) a more secure way of browsing the internet on an unsecured wireless network. (Example: Starbucks or the local hospital) Nothing more. I hadn't even thought of the workplace and school ramifications. What workplace or school allows 3rd party installation of programs like Himachi? They have a lot larger problem if they are that unsecured.

Edited by warwagon

im pretty sure you need admin rights to install hamachi because it installs a driver. most schools wont let you do that type of thing, probably :p

nice guide tho, although i find hamachi a bit slow sometimes, i just use putty and stunnel (takes a bit more setting up though :p )

  Colin-uk said:
im pretty sure you need admin rights to install hamachi because it installs a driver. most schools wont let you do that type of thing, probably :p

nice guide tho, although i find hamachi a bit slow sometimes, i just use putty and stunnel (takes a bit more setting up though :p )

ya this one is pretty much, click click type type and done. Only reason I didn't port forward some ports in from the router instead of using hamachi is, I don't like to have to open ports on my server if I don't have to. because even if you couldn't install hamachi you could always port forward 8118 on your server. Then just use your IP address assuming it doesn't change. Though the school really should have all the ports locked down other than whats needed like port 80.

  • 2 weeks later...
  warwagon said:
My intent in writing this guide was to give people (like shockz) a more secure way of browsing the internet on an unsecured wireless network. (Example: Starbucks or the local hospital) Nothing more. I hadn't even thought of the workplace and school ramifications. What workplace or school allows 3rd party installation of programs like Himachi? They have a lot larger problem if they are that unsecured.

with Putty you can set up a tunnel and in firefox set it to use the tunnel (proxy settings). Both these programs can be used without having to install them

  • 1 month later...
  • 2 months later...
  • 4 weeks later...
  • 1 year later...
  On 01/09/2010 at 16:01, Sawyer12 said:

Do I need to forward port 8118 to get this to work outside?

Not if you connect via hamachi. Once connected with hamachi it's like both computers are on the same internal lan.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Microsoft quietly burying a massive Windows 7 hardware driver feature as Windows 11 kills it by Sayan Sen Last month Microsoft announced a big update for Windows hardware drivers. The company declared that it was killing Windows Device metadata and the Windows Metadata and Internet Services (WMIS). For those wondering what it is, device metadata, as the name suggests, is the collection of additional, user-facing information that an original equipment manufacturer (OEM) provides about a hardware device. The feature was introduced with Windows 7 and can include stuff like icons, logos, descriptive texts, among other things, that help the Windows UI display details about such devices in places like Task Manager or Device Manager. This was a huge deal back in the day when Windows 7 debuted. The company called the feature "Device Stage" and Microsoft described it as a "new visual interface" that essentially worked like a "multi-function version of Autoplay where it displays all the applications, services, and information related to your device." It is often considered synonymous with the Windows "Devices and Printers" Control Panel applet. Neowin did an in-depth overview of the feature when it first launched which you can find in its dedicated article here. The Windows OS was able to obtain the device experience metadata from the WMIS, but now that the feature is being deprecated, Microsoft has begun removing information about Device Stage from its official support documents. Neowin noticed while browsing that a support article regarding automatic Windows hardware drivers was updated for Windows 11 and 10 sometime last year after the release of Windows 11 24H2. Previously, this article was geared for Windows 7 and was much longer. It also contained information about Device Stage, which, as mentioned above, was a headlining feature on Windows 7. In the said article, the section "If Windows can't find information about your device in Device Stage" has been deleted. You can find the archived version of the support page here. Aside from shortening the amount of information on the page, Microsoft has also added some more details on it. The company has now tried to define what the Microsoft Basic Display Adapter is, how updating drivers through Device Manager works, as well as a thorough and detailed troubleshooting section for common hardware driver errors on Windows, including one for USB-C. You can find all the new details on the updated support page here on Microsoft's website.
    • Sounds creepy to say the least. Don't need nor want AI having access to my history. They're claiming it to be an "offline" model now, but how can we guarantee they don't go behind our backs and change that?
    • Exactly! Without those fundamentals you've mentioned, Democracy is literally just Demonstration of Crazy, nothing to be proud of in such system.
    • Still I see almost no ads in mobile Edge unlike Chrome. So their browser is much better at blocking ads than Chrome and it is a fact. It even blocks ads on YouTube and you can add simple custom block filters. Also, Edge still support manifest v2 on desktop, so I'll look for another browser when I start seeing ads again.
    • Considering they consistently release a new version every year, I think it makes perfect sense. There is a minor pain point at the time of the change, so as long as they only change it once, we get over it and end up in a better place. The issue with MS' naming scheme is that they change their mind so frequently. 3.1, 95, 98, ME, 2000, XP, Vista, 7, 8, 8.1 10, there is no consistency. That was the issue, not the choice of naming the OS after the year. Minor correction: Windows 7 was 6.1. Even Windows 10 was version 6.4 at launch, but they retroactively changed it to 10.0 early on, along with an announcement that they would no longer track the kerel version and OS version separately...then proceeded to call Windows 11 version 10.0.2, so yeah, MS sucks at naming.
  • Recent Achievements

    • First Post
      viraltui earned a badge
      First Post
    • Reacting Well
      viraltui earned a badge
      Reacting Well
    • Week One Done
      LunaFerret earned a badge
      Week One Done
    • Week One Done
      Ricky Chan earned a badge
      Week One Done
    • Week One Done
      maimutza earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      481
    2. 2
      +FloatingFatMan
      263
    3. 3
      snowy owl
      238
    4. 4
      ATLien_0
      230
    5. 5
      Edouard
      176
  • Tell a friend

    Love Neowin? Tell a friend!