I will make this quick, and I hope to see some insight into that question:
We all known how sensitive the DNS Service is. With most of our carriers/ISP proving the service, is not a surprise that lots of people are pressuring vendors to include more privacy-focused DNS services. And that is justified, with that information a company is able to infer lots about you, what banks you have an account, what is your e-mail provider, what porn sites you like to visit and etc, basically is possible to know pretty much everything you do online. Another aspect is that, if your Carrier/ISP got pwned, you are in bad sheets, as the hacker may redirect legit traffic to a custom server, waiting to -eager- to receive your connection and fool you.
Our best bet is to be able to change, and possible setup our own DNS service if paranoid.
Now, we have on Android an option to ask the system to use a encrypted connection to reach a DNS server on the Internet. This feature is called "Private DNS". That would be a solution, if Google were actually *enforcing* the config. Even if I use an VPN, the Carrier is able to ask the system to add a *custom route* that will redirect the traffic going to the Carrier DNS server *out* of the VPN. And if you use a VPN connection and your carrier do not enforce a route to their DNS, you will not be able to use Google's Private DNS as it doesn't work while a VPN is connected.
If you ask me, this is pretty much BS. There is zero need to have a VPN to push a DNS server, but what really shook me is that Google pushed the Private DNS, over TLS and over HTTPS but that setting is not global in the system. What the actual ****?!
The fact that I may need to root the device in order to control the DNS configuration is so bad.. I can't even express how I fell about that.
Any thoughts about the matter? Have you managed to control the DNS config without root and wifi tricks?
felco
Related
This is a common question from corporate users, and the answer can be difficult because of the various ways that your network and server(s) may be configured. In this brief article I will try to touch upon the basic principles and give you enough information to at least understand what your specific configuration is and what needs to be changed.
First off, let's clarify some terminology:
Sync: To synchronize data, typically meaning mail/calendar/tasks. Outlook and Exchange have a special proprietary connection which keeps data synchronized between client and server. There is no true Exchange client for the Pocket PC.
POP3 & IMAP4: These are industry standard mail protocols. IMAP is a sync protocol.
Firewall: A device that blocks specific TCP ports (think of them as specific internet services like mail, web, FTP) from being accessed on your internal servers from the internet. A firewall is configurable for specific needs and access.
VPN: Virtual Private Network; a software layer that is established between two points on the internet and provides for secure data transfer. This is typically between a laptop/home user and a firewall device at a company. This basically "punches a hole" in the firewall for the authenticated VPN client user.
Active Directory: This is an authentication protocol used in 2000 Server, Exchange 2000, and newer. It can also run in "mixed mode" if you have older servers (IE, NT).
MIS: Mobile Information Server; this is software from Microsoft which allows you to do a full remote sync with Exchange. It will sync mail/calendar/tasks, but it takes much more time and data. This is generally impractical unless you have a large data transfer budget or have very little data to sync. MIS can NOT be run on a mixed-mode Active Directory installation nor on the old NT authentication scheme. You need to use it with native mode Active Directory only.
Now the absolute easiest way to sync your PPC e-mail is via IMAP directly to the Exchange server. To do this, your firewall needs to have the IMAP ports open between the server and at least the subnet of your wireless carrier. The ports are 143, 220, and 993. You can find out your carrier's subnet range by calling them, or by running vxUtil on your device while you have a connection and getting your IP configuration. Your Exchange server needs to have IMAP enabled, which literally takes just a few clicks. Any Exchange admin can do this in a few minutes.
On the Pocket PC, open the Inbox, tap the Services menu, New Service... Enter your e-mail address in the box, and press Next. Skip the automatic testing. In the next dialog enter your user info such as your real name (as you want it to be in the "from" field), your login name (typically [email protected], same as your e-mail address), and password. Hit Next, and select IMAP4 service type, then enter a name for this account (any name you want, this is for you to remember which account this is), hit Next. Here you will enter your mail server names. Typically this is mail.domain.com, but ask your IT department. Tap the options buttons and select "Outgoing mail requires authentication" then hit Next. Set your preferences here, hit Next twice, and you're done.
The only drawback to this method is a very slight security risk which can be averted by keeping the latest service packs on your Exchange server. This is the methodology I use and recommend, and that all of my clients use. I do not know of any specific security risks with IMAP, and find that most objections to it are based merely on FUD (fear, uncertainty, doubt). Unfortunately, FUD plays a big role in many IT decisions. The other factor is the nerds; they want to do lock things down just because they can or think they should. IMAP is a proven, secure, industry-standard protocol that is well-implemented on Exchange server 5.5 and above.
You can also use POP to get your mail. The drawback is that POP is not a sync protocol like IMAP. People using POP tend to run into issues with not knowing whether an e-mail is on the server or has been removed to a client. This makes it undesirable for the non-technical business user. The ONLY caveat for IMAP is that you should sync again after you've done anything with your e-mail to make that change to the server. IE, if you delete an e-mail on the client, it will not be deleted on the server until you sync again.
Now if your IT department refuses to allow outside access directly to the Exchange server, you may need to establish a VPN to the firewall. To do this you will need client software, and this is more complicated than what I'd like to discuss here. The best starting point is to ask the manufacturer of your firewall for a recommendation on a Pocket PC VPN client. Once you connect the VPN, then you can use IMAP as outlined above to get your mail. With a VPN, it will work just as if you were in the office.
Speaking of which, you can test these things using the pass-through function of ActiveSync while the device is in the cradle at the office. This will help you determine the source of a problem, for example. If you can connect in the office but not wirelessly, then you have a proper e-mail configuration but you have a network/firewall issue.
Please feel free to shoot any specific questions my way. However, this is meant as information you can use to guide your Exchange and firewall admins and not a complete how-to for the novice. If you do not have admins on site, someone will need to configure this. You can contact any qualified Exchange and/or firewall admin to help you with this, and I'm also available for implementation, design, and consulting work. My background is in wide area communications, security, and internet services.
Can anyone help me in the steps involved to remotely connect to my
microsoft exchange server 2003 remotely with GPRS T-mobile?
This is what I have working so far and each one has been incredibly
painful to set up, but working.
I have windows 2003 server running exchange 2003 server on a DC, and an
I-mate Jam running windows mobile 2003 2nd edition.
Working:
1) My ISP is T-mobile and running GPRS perfectly.
2) OWA (Outlook Web Access) is working perfectly from my lan computer.
ex. http://mail.manster.com:81/exhange
3) OMA is working perfectly from my phone.
4) I set up activesync 3.8 to be standard and connect to my exchange
server and that works perfectly if I put the netbios name
manster-4qgshpl.manster.local in the server name. Everything syncs fine
and it works. The passthrough on my activesync says to connect to
"internet" and I have pda connected to lan comp.
Not working:
1) I put my exchange server smtp name mail.manster.com in my activesync
and it no longer works.
What am I missing, I'm so close. Do I need to create a vpn or
something. How come I don't need vpn for owa and oma?
Note: When I change the exchange server to mail.manster.com and put
"work" in the passthrough it works but only when I have it connected to
computer. I also have to put for some reason mail.manster.com in the
proxy server and port 81. Even though I don't have proxy server. I need
to be able to do this remotely from anywhere with GPRS.
Thanks, I greatly appreciate any help.
Does xperia can use ipv6 as we know the ipv4 is almost finish so
My question is there any way to convert xperia x10 to ipv6
or this is implemented to the software?
OR
EDITED
BY THE WAY HOW TO SET UP in X10
HTML:
The main reason for the concern? There's an explosion of data about to happen to the Web - thanks largely to sensor data, smart grids, RFID and other Internet of Things data. Other reasons include the increase in mobile devices connecting to the Internet and the annual growth in user-generated content on the Web.
Why a New Internet Protocol is Needed
Currently the Web largely uses IPv4, Internet Protocol version 4. Each IPv4 address is limited to a 32-bit number, which means there are a maximum of just over 4 billion unique addresses. IPv6 is the next generation Internet Protocol and uses a 128-bit address, so it supports a vastly larger number of unique addresses. Enough, in fact, to give every person on the planet over 4 billion addresses!
John Curran from ARIN, the non-profit responsible for managing the distribution of Internet addresses in the North American region, told ReadWriteWeb that of the approximately 4 billion IPv4 addresses available, all but 6% have already been allocated. Curran expects the final 6% to be allocated over the coming year.
This is largely an issue that ISP (Internet Service Providers) and telecoms carriers need to deal with. However content service providers, including large-scale Internet companies like Google and Facebook, also need to ensure that the transition from IPv4 to IPv6 takes place. Curran explained that a content company like Google (for example its YouTube operation) will need to work with its ISP to transport the content via IPv6 as well as IPv4.
This transition is happening "slowly," says Curran. But he warns that "deployment is where we're behind."
Google, Facebook & Others Making Good Progress
John Curran told us that large carriers like Verizon and Comcast have announced trial IPv6 activity. Curran also noted that new Internet of Things initiatives that use sensor networks, power grids, RFID and similar technologies, are being directed to use IPv6 and not IPv4.
There is also solid support from the big Internet companies. Curran said that Google has already put the majority of its services onto IPv6. Declaring its support for IPv6 on a special webpage, Google states that "IPv6 is essential to the continued health and openness of the Internet [and] will enable innovation and allow the Internet's continued growth."
In June, Google held a Google IPv6 Implementors Conference. At that event, Facebook announced that it had begun to use IPv6.
In his opening remarks to the conference, Google's Chief Internet Evangelist Vint Cerf urges ISPs to move to IPv6, so that a "black market" for Internet addresses won't occur.
Another Y2K?
Critics view some of the push for IPv6 as Chicken Little 'the sky is falling' talk. Commented @ajbraun, a self-described technology leader at Sony Ericsson, via Twitter: "We should call this "IPv6: Y2K II." An obvious issue for 10 years, we will panic at the end and finally much ado about nothing."
Others see a technology called NAT (Network Address Translation) as a solution - it maps multiple addresses to a single IP address, thus reducing the amount of unique IP addresses required. However this is at best a temporary solution. Google argued back in 2008 that NAT and similar technologies "complicate the Internet's architecture, pose barriers to the development of new applications, and run contrary to network openness principles."
Whether or not there is Y2K-style fear mongering, the bottom line is that IPv6 is a much larger platform for the coming Internet of Things. So one way or another, the move will have to be made.
HTML:
References
http://win7vista.com/index.php?PHPSESSID=54d50a392a858b2105fcc3987bb2b422&topic=19481.0
What is that?
Edit: ok, thanks for editing your post
Sent from my Nexus One using XDA App
Edited
firstly the link below read it please!!
this is not a application!!!
This is "Internet Protocol version"
Read this
http://en.wikipedia.org/wiki/IPv4 <-------
http://en.wikipedia.org/wiki/IPv6
http://inetcore.com/project/ipv4ec/index_en.html
http://www.potaroo.net/tools/ipv4/index.html
http://www.pcmag.com/article2/0,2817,2373903,00.asp
please read before
Now every body suppose to understand
Edited
I find this
http://forum.xda-developers.com/showthread.php?t=733965&highlight=ipv4
But my question is specyficaly about X10
Is your mobile operator moving to IPv6? Do you have a IPv6 network in your home? Do you encounter IPv6 out and about?
With that said:
http://androidboss.com/android-2-1-actually-does-ipv6/
No they don't but I was wounder if it is possible or do I have buy new phone in less that 83 days.
I have heard of people here switching APNs, but I never really understood why anyone would do this. To make a long story short, is there an APN that I can use that will give my phone an external routable IP address? It doesn't even have to be permanent--I can use a dynDNS client. Are there any side effects that I should be aware of when switching APNs?
If I can switch APNs, what are all the settings? I went to the Add APN screen, and there are a bunch of settings there, and I did not know what to put in there. My current APN is epc.tmobile.com
(Optional reading here for why I want to do this. May give important insight???)
I was testing a new (to me) program on my phone, "Growl for Android". It allows the phone to receive notifications from a PC, such as "Server is down", or in my case since I intend to connect it to my home automation system, things like "Alarm disarmed", or even "Alarm is sounding". So, my PC runs continuous tests, checks, whatever, and if it detects something noteworthy, it pushes the notification to my phone. Or said another way, my phone runs a small server to receive notifications from a PC running a Growl client. The problem is, my phone does not have a permanent IP address. When I am connected to my WiFi at home, it does have a permanent IP address, but when I am just on cellular, there is no telling what the IP address is. So, dynDNS to the rescue. Well, guess what? That won't work either because the phone apparently has non-routable IP addresses (we are behind a router). I had heard in a forum for the Growl application that a different APN may help. So I am asking here.
I don't know whether I should ask it here or shouldn't.....i was very happy doing VOIP on my Vibrant.....now suddenly my company has blocked VOIP also none of the messenger's are getting log in...
Only my phone's Gtalk is working...but no VOIp. is there a VOIP application which can bypass this blocking. I tried several application from Market...but none seems working.
My sip provider is NYMGO (www.nymgo.com)
Please if any one can help??
Bump.....85 views no reply...come on guys....help me out...
I don't understand the problem.
Are you saying T-Mobile is blocking VoIP over data?
Are you saying your employer is blocking VoIP on their WiFi network?
My employer is blocking VoIP on their WiFi network.
Make friends with one of the network admins and ask them to unblock the ports NYMGO uses. Seriously, they obviously don't want you using unauthorized apps or services on their network. Many companies, including mine, have strict policies in that lead to disciplinary action, up to and including termination for any unauthorized use of the company's network or the circumvention of any security policies in place.
First step would be to talk to the network admin and find out what changed on the network and if they could re-open those ports used by your voip. If they tell you they can't, you're SOL. It's the company's network, not yours, they pay for it and therefore they decide how it's used, not you. If you had to manage a large corporate network you would understand.
Hi so I recently activated the unlimited free text and calling from textnow on my samsung galaxy s8+ unlocked sm-g955u on their sprint network. When I had first done it I realized I was able to use free high speed data throughout much of my device with the exception of some games and apps it wouldnt work on.
So I set out trying to find away to bypass restrictions and limitations of the free data I had. I couldnt figure it out in the least, I tried everything I knew to hide usage. And in the process something horrible happened, I lost all that free data on everything except for the google search bar app. In which the google search bar you can search anything you want and all the results come up super fast. The catch is, I can no longer click any links and load pages beyond it. It just sits on a white blank page after clicking a link.
I tried to figure out what I did to change it or put their (I'm assuming) normal restrictions of data usage back in place where it was meant to be from the beginning. I havent been able to unlock the data since.. I e tried vpn like psiphon pro that I could use to get free high speed unlimited data from any captive portal login. But it doesnt work, rather textnow refuses to connect. Any sort of vpn textnow seemingly rejects the connection and I cant even place texts or calls.
I know textnow uses the sprint lte data service for its software. I know there is what I would call high speed lte data associated with my activated sim for text now. I can tell just simply by the load speeds of the google search bar reguardless of what you search for. That and what I had experienced when I first activated my sim and device.
So I'm coming here for a little help in brainstorming how myself and many other people who activated their own unlocked device in the talk and text plan, can bypass the restrictions textnow places on where the data can be used at. The data now is restricted to just textnow and google search (also nessecary functional apps) I know there is a way to hide this use of data, I tried the captive portal login which is speedy, but on pie i cant open the login into a browser to spread the service and i cant find a way to use the portal login to search anywhere else but textnow webpage.
Any ideas people? I'm sure many many people would benefit greatly to a loophole if any were found, and there is a loophole because my device was at first capable of near unrestricted data access before i tried to fully unlock it. If you know someone that might have some valuable input please tell them about this discussion and bring them here.
Sinister
I've been trying to find the same thing with no luck
Slickmin1 said:
I've been trying to find the same thing with no luck
Click to expand...
Click to collapse
I realize this post is from last year, but I just ran across it and wanted to give my input in the event it may help somebody. As most TextNow subscribers are aware, T-Mobile's prior acquisition of the Sprint network is now geared towards shutting down the Sprint 3G & 4G networks nationwide. In fact, the lights have already went out on the former, while the 4G side is slated for complete shutdown by mid-2022. Accordingly, TextNow is presently migrating all subscribers over to T-Mobile's GSM 4G-LTE/5G nationwide network. Subscribers who were already using Sprint compatible devices are receiving free upgraded GSM SIM cards from TextNow to make the transition seamless. Unfortunately, this will likely be the end of all the free high speed 4G-LTE data subscribers enjoyed while connected to Sprint's network. This free data exploit was due to a proxy anomaly caused by the default reverse tunneling settings of certain brands and models of smartphones. While the knowledge will do little good now, the "restrictions" of using the data device-wide, across all apps and services, could be bypassed by setting up pdaNET+ on the TextNow device as host access point. Then, by enabling a WiFi direct hotspot via local proxy, the connection could be shared by a Windows 10/11 PC or laptop, by way of the pdaNET+ client-side setup. Then, by using the native Windows 10/11 hotspot feature, the data connection could be resolved and shared by other mobile devices in a normal device-wide manner. So while the TextNow host device would be unable to use the data across all apps and services, any devices connected to the Windows hotspot would have unfettered and unrestricted use of the data. Depending on how tech-savvy you wanted to be, the Windows PC Ethernet port could be used to traffic the data into a home router or extender for expanded sharing. Great while it lasted. I just recently received my TextNow GSM SIM in the mail, and haven't yet had time to experiment with data connectivity or exploits thereof. I will keep my findings posted here as I probe the uncharted waters .
So as you might or might not know, there already is a pseudo free data that is running on the google servers. Example: open a browser and search through google and you will get the results, its slow so I'm assuming its 3g. but they have a firewall that is blocking every other site unless its running via google servers.
You could theoretically setup a google hosted server yourself, maybe rent a cloud server out from google and run programs through there. run a tunnel through that for unlimited data on the phone. Someone just has to figure out how to do that.
For anyone reading this and wondering what we're talking about. Textnow is a free phone app you can use with their SIM/network and never pay a dime for phone service and texting, including media texting. It's totally free.
If this were to be more useful in terms of what sites we could visit, it would be a lot more lucrative.
Another idea I had, if someone has a pentesting rig that can run this network and see which ip addresses are being blocked, we could start building a list of sites that are whitelisted, both IP's and hostname resolved (http/s for example) this would allow us to see where we can start digging to find a place to setup a tunnel here.
I know that google has server hosting via their cloud computing network, you can even host DHCP style servers on it, so you could theoretically use this to tunnel through if the google server IP range is whitelisted. which it might be..
Google has an VPN that's free with Fi, so maybe you can pay for the VPN if you don't use Fi, therefore it's going through Google servers to then the user, so maybe if it costs less than TN's 1GB plan, we could consider it if it works.