Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 18 Dec 2017, 07:16
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Openvpn 2.4.1
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [4 Posts]  
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1029
Location: Canada

PostPosted: Fri 24 Mar 2017, 10:12    Post subject:  Openvpn 2.4.1
Subject description: 2.4 series starting with better security features and how to install
 

For Dog-based OS :

https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos#UsingOpenVPNaptrepositories

Openvpn in Ubuntu repositories is pretty old. To benefit from better security features, you better have the 2.4 series installed. Here is how :

Import the public GPG key :
wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg|apt-key add -

Then change your source list to add openvpn repository :
echo "deb http://build.openvpn.net/debian/openvpn/<version> <osrelease> main" > /etc/apt/sources.list.d/openvpn-aptrepo.list

apt update and install openvpn.

To be sure you have 2.4 series installed :
openvpn --version

Now you need a certificate bundle from whatever VPN provider. I use VPNBook.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1029
Location: Canada

PostPosted: Fri 26 May 2017, 14:40    Post subject: DNS leak test
Subject description: testing your DNS provider
 

https://www.dnsleaktest.com/

Using DNS leak test is a good way to establish which DNS provider you use.

We assume you use VPNBook, and after setting up your VPN, you test it with DNS leak.

You should have : 142.4.206.228 ca1.vpnbook.com OVH Hosting Canada, if you used vpnbook-ca1-tcp443.ovpn.

The result means you bypass your ISP surveillance at the DNS level. Your ISP is responsible for noticing users about illegal downloading of copyrighted material, but your VPN is blocking its ability to do network surveillance.

You can further test your VPN with this website : whatismyipaddress. You will appear to connect to the Web from a far away place, such as India, which means your real location is blocked.

Is it bad or good to use a VPN? For privacy, it is good.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1029
Location: Canada

PostPosted: Tue 29 Aug 2017, 14:38    Post subject: How to Connect to a VPN Automatically on Linux  

https://www.maketecheasier.com/connect-vpn-automatically-linux/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+MakeTechEasier+%28Make+Tech+Easier%29

This guide will be helpful to you, if you ever wanted to connect to a VPN automatically on Linux.

Alternatively, you can have both your configuration file and vpn-login.txt in root, then you open your terminal as root user, enter your command line, such as :
#openvpn --config vpnbook-ca1-tcp443.ovpn --auth-nocache --auth-user-pass vpn-login
Click Enter.

Note :
--auth-user-pass refers to your vpn-login.txt in which you have on first line vpnbook and on second line your password.

Then for next browsing sessions, just type Ctrl+R in terminal and start typing openvpn, it will auto-complete, finally type Enter.

You only need to change your password from time to time in vpn-login.txt, and it takes only seconds to start your VPN.

While your VPN does not launch at boot time as a service, it is a fast process to launch it with your terminal, whatever network manager you have, Frisbee, Ceni, Wicd, NetworkManager.

Note :
Sometimes, your chosen configuration file does not work, servers may be down for maintenance, etc, just switch to another one. Vpnbook comes with many bundles, if Ca bundle does not work, switch to US, or Euro, you are sure to find a working configuration file.

ifconfig is a way to verify your VPN connexion after booting into your desktop environment, you should read something like tun1 in terminal. If you want to know which dns servers your VPN provider is using go to dns leak test website and do a standard or advanced test. Vpnbook is using Google servers (it is said they are under watch by security organisations in USA).

I you read some of my posts, by now you know i use VPNBook as my preferred and only Virtual Private Network. There is a good reason for this : it is free and speed is more than just ok. It is also very easy to set up, so it is hassle-free.

Here are some reviews :
https://vpnreviewer.com/vpnbook-honeypot-scam-service
We believe that they operate a profitable business and we wouldn’t be surprised if they make at least $1k – $2k monthly, even after covering the hosting costs. If our estimates are not incorrect by orders of magnitude, it means that these guys are in the business of making money and likely not in the business of spying on their users.

https://vpnreviewer.com/free-vpn-vpnbook-com-review

https://www.bestvpnrating.com/service/vpnbook
VPNBook’s services are just as good as other VPN service providers who charge up to ten dollars a month for the same benefits. It is time to ditch your expensive VPN and give this free service a try so you can spend more on data and less on protection.

VPNBook is definitely the best VPN service when it comes to freebees and quality service. Not only are most of their services completely free but they also offer free support and the best possible protection when you use these free services. This free VPN service is a definite must for anyone who cannot afford expensive VPN fees.

So relax using VPNbook, knowing you are as protected by this free VPN as with any other you pay for.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1029
Location: Canada

PostPosted: Thu 31 Aug 2017, 12:38    Post subject: WebRTC and VPN
Subject description: how to stop WebRTC from revealing your real IP even while using a VPN
 

https://www.bestvpn.com/the-webrtc-vpn-bug-and-how-to-fix-it/

At the beginning of 2015 both the Chrome and Firefox browsers introduced a new “feature” called WebRTC. Rather alarmingly, however, it permits websites to detect your real IP address, even when using a VPN!

Unfortunately for VPN users, WebRTC allows a website (or other WebRTC services) to directly detect your host machine’s true IP address, regardless of whether you are using a proxy server or VPN.

Depending on your needs, WebRTC is useful or not :
Web Real-Time Communication (WebRTC) is a potentially useful standard that allows browsers to incorporate features such as voice calling, video chat, and P2P file sharing directly into the browser.

If you don't need any features provided by WebRTC, better disabling it altogether. Here is how :

Users of Firefox can disable WebRTC :
about:config in search bar
accept the risk
Then double-click media.peerconnection.enabled & media.navigator.enabled to set their value to false.

The uBlock Origin browser extension also prevent WebRTC from leaking your local IP address on the desktop. But it is not disabled by default. You need to go to Settings and click Prevent WebRTC from leaking local IP addresses.

WebGL
WebGL can have a detrimental effect on your privacy.

https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern
One major risk is that WebGL involves running code directly on the video card, and exposing APIs that provide direct access to video card APIs. The browser does attempt to sandbox this code (to a certain extent), and browsers do enforce a number of security restrictions designed to prevent malicious behavior. However, many of these APIs and their implementations were not originally designed to be provided to untrusted entities (they were only usable by native applications, which are fully trusted), so there are concerns about whether exposing them to arbitrary web sites might enable web sites to attack your system.

How can i disable WebGL?
If you don't need any features provided by WebGL, you better disabling it altogether.

Firefox users :
In Search bar : about:config
Accept the risk.
Look for webgl.disabled & webgl.disable-wgl and set them to true. Look for webgl.enable-webgl2 and set it to false.

For further reading :
https://www.khronos.org/webgl/security/

Note :
If you don't use sync services offered by Firefox, then you probably should. Thanks to sync services, security and privacy settings are synchronized on all Firefox across distros. It is a time-saver.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [4 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0421s ][ Queries: 14 (0.0068s) ][ GZIP on ]