Knowledgebase : Securing VPN & DNS
If you're worried that your real IP might revealed when OpenVPN disconnects for what ever reason, you can use this tool that will monitor the status of your OpenVPN connection and if it disconnects, it will stop ALL Internet activity so your real IP will never show. This is a 3rd Party tool. We do not give any support for it. Use it at your own risk and follow the tool's Manual [http://www.openvpnchecker.com/openvpnwatchdogguide.pdf] to underst...
First of all DNS leaks are less dramatic as they sound and are even less dramatic in the reality, although when following the concept of Anonymity it still is a good and just a logical desire to fix them! How? Simply use public DNS nameservers. 1. The checking part: http://www.dnsleaktest.com/ [http://www.dnsleaktest.com/] Now when connected to the VPN and if the test reveals your ISP IP, or basically any IP that sounds familar to you/or your...
This article outlines a "blacklist-whitelist" method using the standard Windows Firewall to block all Internet traffic, unless connected to the VPN (via OpenVPN).Again understand that Traffic will be allowed through OpenVPN only and nothing else, that means no connectivity, no windows updates, not anything, except it goes through OpenVPN! All described steps fall under your own "risk" but surely incase of any troubles, you can simply revert the...
As in our other KB article [1] for Windows firewall, we describe again the black-whitelisting method but this time for Comodo firewall. Again, we go take the most "paranoid" and safest approach and disallow ALL Traffic, except the one specifically going through OpenVPN! 1. Download ">IMPORTANT: Firewalls work in a hirarchical structure, so from TOP to BOTTOM manner, therefore (in our whitelist to blacklist scenario) rules to allow, must alwa...
In this Knowledgebase article we will describe the steps how to secure the VPN (and therefore a potential IP leak) on Linux using the IPTABLES firewall and using BASH as the shell. IPtables firewall is installed by default on the most Linux Distros, you can verify if its installed: - Debian DPKG -S IPTABLES | GREP STATUS - CentOS RPM -QA | GREP IPTABLES Enough talk, time to get into the action.. 1. Download this executable scr...
A method how how to expose your real IP has been roaming around within a feature called "WEBRTC" which is used in GOOGLE CHROME and FIREFOX browser. This is A MAJOR SECURITY FLAW AND MUST BE TAKEN SERIOUSLY, follow the below link to understand what it is about and how to secure yourself! https://github.com/diafygi/webrtc-ips [1] _"Firefox and Chrome have implemented WebRTC that allow requests to STUN servers be made that will return th...
In order to bypass DPI (DEEP PACKET INSPECTION) something that very often occurs in Countries like China with its Great Firewall, or Iran or any other Country for that matter with highly restrictive regimes, it could be more and more required to do additional steps of traffic obfuscation to bypass DPI in the future. Quote: "_As internet censorship tightens across the world, governments are becoming more and more concerned about preventing the...
This article describes a method how to prevent exposing your real IP incase of an unplanned VPN disconnection, or similar events, by using the Little Snitch [1] firewall for Mac OS. _Little Snitch_ is a firewall that allows you to control connections from your computer to the internet. One of it's greatest features, introduced in version 3 is the "Automatic Profile Switching": the ability to automatically apply different rules depending on ...