vicidial.org

[vicinovice]

Hello folks,

I am on the verge of having a Vicidial installation carried out (not chosen my supplier yet) but before I do, I need to have the following question answered:

If we install DGG firewall, and access our vicidial software via a VPN tunnel - is there any chance that our physical office location can be tracked? (Other than the obvious reasons such as an employee mistakenly or maliciously giving out our address etc.)

The host which provides our server will not be aware of our identity, and neither will our carriers (who happen to be offshore).

We are based in the UK.

Or maybe a better way to put this is to describe the following situation:

- Our Vicidial server is hosted offshore and has DGG firewall installed
- Our call centre PC's/phones pass through a VPN router
- Our hosting provider does not know our real identity
- Our carrier (India based) does not know our real identity
- Our CLI provider (India based) does not know our real identity

Let's assume you are a government regulatory body and want to find out who we are because you are unhappy about the calls we are making - how do you do it?

And for your information, the reason I require privacy, is that one of the campaigns we plan to run is political - I will say no more

If can briefly demonstrate that you understand my query, and have the ability to devise a strategy for me, I will be more than happy to discuss a fee for the full information.

All the best,

HH

[covarrubiasgg]

This sounds more like mafia than political

Let's say i got a call from you, what i can do is to find out who is your carrier but they will not know you real identity, so they can only say "We got the calls from this IP"

So next step, find out who is that IP and they will reach your hosting company, but they don't have your real information, so all they can only say "We got connections from this IP"

Here is the catch, if you set a VPN 1:1 your connection is encrypted but you real public IP address will be visible for the hosting provider, so you should consider instead a VPN tunnel from your router to the server, you should consider using a VPN service that offers no logs, that way the hosting provider will not track you back to your real location.

If hiring a No log VPN service is not possible, at least try to get a second hosting service for a proxy VPN service, but anyway they can track you back to you original IP if the follow the rabbit hole , no matter how many proxies you use.

Also beware of directmedia rtp, this connects directly the callee with the caller, but i am not sure what IP will be shown in case of a packet capture.

Also, if you hire a no log vpn, you should read carefully the contract because they have special clauses for illegal use of the service, so you only have their promise not to log your activity, but is only a promise, you have no way to be sure.

[vicinovice]

This sounds more like mafia than political

Let's say i got a call from you, what i can do is to find out who is your carrier but they will not know you real identity, so they can only say "We got the calls from this IP"

So next step, find out who is that IP and they will reach your hosting company, but they don't have your real information, so all they can only say "We got connections from this IP"

Here is the catch, if you set a VPN 1:1 your connection is encrypted but you real public IP address will be visible for the hosting provider, so you should consider instead a VPN tunnel from your router to the server, you should consider using a VPN service that offers no logs, that way the hosting provider will not track you back to your real location.

If hiring a No log VPN service is not possible, at least try to get a second hosting service for a proxy VPN service, but anyway they can track you back to you original IP if the follow the rabbit hole , no matter how many proxies you use.

Also beware of directmedia rtp, this connects directly the callee with the caller, but i am not sure what IP will be shown in case of a packet capture.

Also, if you hire a no log vpn, you should read carefully the contract because they have special clauses for illegal use of the service, so you only have their promise not to log your activity, but is only a promise, you have no way to be sure.

Thanks for your reply!

I am now considering hosting the Vicidial server locally, that way there is no hosting provider to deal with and so one less potential area of leakage.

And if I installed a VPN router to sit between the Vicidial server and "the web" I wonder if that would help a lot?

I read about WebRTC, it sounds like internet explorer is not (currently) affected, unless I read an out of date article, so I will make sure that is the only browser that the agent machines are able to access