Skip to main content
Information Security

Questions tagged [openvpn]

Ask Question

An open source virtual private networking application written by James Yoan and published under the General Public License (GPL).

243 questions
Newest Active Bountied Unanswered
1 vote
1 answer
179 views

De-anonymization of VPN use through broken killswitch?

This answer to a question about how to make a killswitch for use with a VPN states "don't simply whitelist port 1194 or you will allow trivial deanonymization" and this answer to a similar ...
messy's user avatar
messy
  • 111
2 votes
1 answer
469 views

Openvpn replay attacks

I've noticed a lot of discussion around this topic. Just to clarify, I'm not experiencing heavy load. I wouldn’t jump to conclusions about it being a badly configured server since it’s not a frequent ...
CarriMegrabyan's user avatar
CarriMegrabyan
  • 121
3 votes
2 answers
301 views

How can there be incoming connections when using a VPN?

I've the following nftable configuration (/etc/nftables.conf) to enforce a "VPN kill switch". Except for ICMP and IGMP, connections are only allowed through tun0. This works well as a "...
user avatar
user316213
1 vote
1 answer
2k views

How does TLS-CRYPT-V2 work in OpenVPN?

I am configuring an OpenVPN server and I would like to use TLS-CRYPT-V2. For that, in the documentation, it is said that I have to create a TLS-CRYPT-V2 key for the server and one for each client, ...
Álvaro García's user avatar
Álvaro García
  • 113
-1 votes
2 answers
220 views

If someone has your VPN password and email address, can they decrypt your VPN traffic?

VPN encrypts your traffic all around. So let's say someone knows your VPN email/password. Would this give them the ability to decrypt all your communications?
Rideboards's user avatar
Rideboards
  • 607
1 vote
0 answers
118 views

Is this openvpn auth script secure or am I'm just being too naive?

I'd like to setup an openvpn server so that clients either use a certificate to authenticate or send username & password. In certain situations I don't want to issue a certificate for clients and ...
Pablo's user avatar
Pablo
  • 111
0 votes
1 answer
565 views

How to block 192.168.0.1 for connected clients?

I installed Raspberry Pi OS on a RPi 3B, then I installed NetworkManager, set the Ethernet connection to "Shared to other computers" and connected an ethernet cable between the RPi and a ...
Dzenis Zigo's user avatar
Dzenis Zigo
  • 103
0 votes
1 answer
543 views

Do I need an IP whitelist on top of a VPN?

My company requires me to access resources through a VPN connection -- specifically, an OpenVPN client configured to require a password plus an authenticator token. But the company also restricts ...
Sasgorilla's user avatar
Sasgorilla
  • 101
1 vote
3 answers
2k views

Why do most VPN protocols work on the Transport Layer and not on the Network Layer instead?

In both the TCP/IP model and the OSI model, IPSEC offers encryption on the Network Layer (IP), while other VPN protocols such as OpenVPN offer it on the Transport Layer (TCP). Due to encapsulation ...
Bob Ortiz's user avatar
Bob Ortiz
  • 7,715
-1 votes
1 answer
240 views

proxy anonymity level, what is the tehnical difference ? (specific example from hide my name)

By using hidemy name I can check for a proxy if it is up or down, and also check the anonymity level using the app. A sample result looks like this: IP address Port Country, City Speed ...
C.Unbay's user avatar
C.Unbay
  • 217
0 votes
0 answers
97 views

Not able to view a webpage or connect to a service on a VM connected using OpenVPN, only able to perform Nmap scans

I've tried asking this question in hack the box forum, but nothing has worked so far. When I connect to a vulnerable machine using a tunneled IP using OpenVPN, all I'm able to do to a box is scan it (...
Karan Bakshi's user avatar
Karan Bakshi
  • 3
1 vote
1 answer
2k views

OpenVPN & China's Great Firewall

The company I work for has an OpenVPN server so we can access its intranet from home. The problem is that I'm going to move to China and I'll need to connect from there, but I've heard connections ...
anonymous's user avatar
anonymous
  • 11
3 votes
1 answer
2k views

Why does the OpenVPN server need to keep client's private key?

When I installed the openvpn server following these instructions, the work flow was like below Create ca.crt Create server.key and cert Create client.key and cert As far as I know, when A and B are ...
Hardguy's user avatar
Hardguy
  • 33
0 votes
0 answers
143 views

Does fragrouter work with OpenVPN?

My goal is to evade IDS/IPS detection and scan the target with nmap. If the scan is detected, the target seems to stop responding for 10s. I think that IP Fragmentation Attack is exactly what I need. ...
ksenia pi's user avatar
ksenia pi
  • 11
2 votes
0 answers
3k views

Check for allowed OpenVPN SSL/TLS cipher suites from the client-side

I would like to check cipher suites that the OpenVPN server accepts. I used nmap: nmap -sU --script ssl-enum-ciphers -p 1194 <IP> but the results are only: Host is up (0.0033s latency). PORT ...
user187205's user avatar
user187205
  • 1,363

15 30 50 per page
1
2 3 4 5
17