Questions and answers regarding Perfect Privacy
Here you find the most frequent matters of concern of our members.
Questions our support gets asked multiple times are published on this page.
If you have a question which is not listed already, please contact our support.
General questions regarding Perfect Privacy VPN
Our server status page provides up to date information regarding bandwidth utilization and possible issues. Members may also use the Server page in the Member’s area to view additional details about our servers.
Admittedly the latency of your Internet connection – the time it takes to transport data packets back and forth – may change, since the packets may be routed differently. To verify this effect on Windows you can use the command tracert [hostname], on Mac and Linux use traceroute [hostname].
Another typical attack vector is the so called browser tracking: By analyzing information provided by your internet browser it may be possible to uniquely identify users to some extent. Remedy can be gained by using the “Incognito”-mode of your browser, as Firefox and Chrome offer. The Squid proxy services on the Perfect Privacy servers filter header information that may be used for identification, and thus can help to improve anonymity.
Thus we prevent access to BitTorrent trackers on these servers, to avoid unnecessary trouble for the hosting companies and ourselves as well.
Most Perfect Privacy servers are not affected and all ports and services can be used without any limitations.
If you do not have an adequate router you can order one at our partner flashrouter.com who provides several router models pre-configured for the use with Perfect Privacy. For more information on this please visit our router site and our router forum.
Accounts & payment
- Visa, Mastercard, American Express, Bank Transfer, AliPay, LiqPay, payment with mobile phone and many more via Paymentwall
- WebMoney, PerfectMoney, OK Pay, Paxum, LiteCoin and more via LavaPay
Your account will be activated faster when using an electronic payment option (Bitcoin, PayPal et cetera) as if using cash (two to four weeks depending on mail travel time).
As a good compromise between speed and anonymity we recommend the pseudonymous payment with Bitcoin.
- All services are running on dedicated root-servers
- Servers with up to 1000mbps bandwidth
- Protocols: OpenVPN, IPSec, PPTP, SSH2, Squid- and Socks5-proxies on all servers
- 40+ servers distributed worldwide
- No bandwidth limitations
- Cascading possible
- Support (also via TeamViewer) included
- Unlimited connections per member
- Comfortable user interfaces/clients for many operating systems
When taking these points into consideration, it will get hard to find a comparably extensive VPN offer for a lower price. Perfect Privacy also offers the functionality that other VPN providers have – if you miss anything, please don’t hesitate to tell us about your wishes.
The second customizable port forwarding allows for up to five additional customized port forwardings on the server group chosen. For security reasons each port is only valid for a limited time period of seven days. You may pick your destination port, or stick to the default, which is the same as the randomly chosen source port. The latter is what you usually want for use with file sharing software etc, but if you want to have some port being redirected to e.g. your sshd on port 22, you can do so.
Example: Your internal IP is 10.0.203.88. Converting to binary this is 00001010 00000000 11001011 01011000. Converting the last 12 bit 101101011000 to decimal results in 2904. So the forwarded ports will be 12904, 22904 and 32904.
- Processor: Single Core, 1GHz+
- RAM: 512MB (1GB recommended)
- Harddisk: 5MB of free space
We don’t log any connections. But both OpenVPN and IPSec will sometimes use the same internal address on reconnection.
OpenVPN connections use a simple address pool and assign the highest free address. Thus if a client disconnects only briefly and reconnects before any other client releases another address, it will very likely receive the same address it held before.
StrongSwan IPSec caches old leases in RAM, associating a username with the internal IP address. There is no permanent logging and the client’s external IP address cannot be retrieved from this map, even if an attacker could read the IPSec daemon’s memory. Quoting from the StrongSwan documentation:
“A non-persistent memory-based backend is the default. […] To preserve IP address affinity, the remote IKE identity (as defined for the connection in question) is used. This maintains the same IP for a client (most of the time) even across brief teardowns of connections, approximating the behavior of a DHCP server without the stricture of lease expiry timers, but prevents clients from intentionally attempting to get a different IP address as there is no corresponding release mechanism.”
In general receiving the same internal IP address offers the advantage that connections to external services can be kept alive even if the VPN client changes networks, e.g. between wireless and mobile data connections.
Since Perfect Privacy fully support IPv6, you are also protected from IPv6 leaks, no matter what operating system you are using.
A fundamental problem exists for example when traffic is being eavesdropped between your local router and your ISP, and gets correlated with the traffic of the VPN (exit) node.
How promising such a traffic correlation is, depends on many factors – the amount of traffic that passes through the VPN node and not least how much expenditure is put into such an analysis. Also this of course requires the eavesdropper having identified the target already, as otherwise he would not know whose traffic to eavesdrop at the ISP.
The Tor project does offer a superior protection against such attacks, since a traffic correlation within the Tor network is a lot more difficult. But even the most sophisticated routing of traffic does not offer protection, when data is extracted directly from your computer or via other methods such as social engineering.
So the encryption has to be ensured in addition by using the proxy service combined with an encrypted connection, e.g. an SSH2 tunnel.
Thus it may happen the country shown does not match the country of the server’s location. In such cases it usually helps to use another server outside Europe (e.g. Montreal or Hong Kong).
moscow.perfect-privacy.com, if you want to use a proxy you have to use the internal IP address of the proxy server as proxy host! Would
moscow.perfect-privacy.combe entered again, the connection to the proxy server would bypass the VPN connection unencrypted! The reason is the routing, which, in order to have a working VPN tunnel, routes the data to the VPN server directly via the default route to the Internet, while all other (non local) traffic is routed through the VPN tunnel. The connection to the proxy server thus would also be routed directly and not through the VPN tunnel! The internal IP address of the proxy server on the other hand will be accessed via the encrypted VPN tunnel.
Note that with Perfect Privacy TrackStop it is possible to block much more than just advertising domains: Optionally you can filter known Phishing sites, social media and more. You can activate TrackStop in the configuration.