Protect your Privacy with a VPN Tunnel

INTRODUCTION

The Best VPN Services of 2018
If not, does this not make VPNs vulnerable to active man in the middle attacks during key exchanges? So it makes sense that we also test VPNs for Android. Therefore, one could lower the maximum UDP packet size to a good first try for solving MTU-related connection problems with the following options: Note that many VPN services offer native apps for both Android and iOS, but that such devices count toward your total number of connections. Netflix, for its part, lays out how that it will attempt to verify a user's location in order to provide content in section 6c of its Terms of Use document.

Le VPN in other countries:

VPN for the Isle of Man

Watch our 1 minute intro video. Trusted By Companies Including: Why should I use PIA? Browse anonymously with a hidden ip , and enable wifi security with our VPN service. The most secure, anonymous VPN tunnel is now at your fingertips. Connect immediately to our private VPN service with our instant vpn setup. Featuring one-click installers, your VPN service will be enabled immediately.

Buy a VPN account to get started! The Apache Software Foundation. The North American Bitcoin Conference. Our readers made it abundantly clear that Private Internet Access should be your first stop for protecting your private browsing data.

For all VPN features. Expiration MM 01 02 03 04 05 06 07 08 09 10 11 YYYY For bulk purchase inquiries, please reach out to multiple-accounts privateinternetaccess. Redeem your Private Internet Access gift card. Note that the behavior of SIGUSR1 can be modified by the --persist-tun, --persist-key, --persist-local-ip, and --persist-remote-ip options. Also note that --ping-exit and --ping-restart are mutually exclusive and cannot be used together.

Normally if you drop root privileges in OpenVPN, the daemon cannot be restarted since it will now be unable to re-read protected key files. Using this option ensures that key material and tunnel data are never written to disk due to virtual memory paging operations which occur under most modern operating systems. It ensures that even if an attacker was able to crack the box running OpenVPN, he would not be able to scan the system swap file to recover previously used ephemeral keys, which are used for a period of time governed by the --reneg options see below , then are discarded.

The downside of using --mlock is that it will reduce the amount of physical memory available to other applications. Note that cmd can be a shell command with multiple arguments, in which case all OpenVPN-generated arguments will be appended to cmd to build a command line which will be passed to the shell.

In this context, the last command line parameter passed to the script will be init. If the --up-restart option is also used, the up script will be called for restarts as well.

If a restart occurs, and --up-restart has been specified, the up script will be called with restart as the last parameter. The following standalone example shows how the --up script can be called in both an initialization and restart context.

Also, the example will run indefinitely, so you should abort with control-c. Note that OpenVPN also provides the --ifconfig option to automatically ifconfig the TUN device, eliminating the need to define an --up script, unless you also want to configure routes in the --up script.

If --ifconfig is also specified, OpenVPN will pass the ifconfig local and remote endpoints on the command line to the --up script so that they can be used to configure routes such as:.

In --proto udp mode, this option normally requires the use of --ping to allow connection initiation to be sensed in the absence of tunnel data, since UDP is a "connectionless" protocol.

On Windows, this option will delay the TAP-Win32 media state transitioning to "connected" until connection establishment, i.

Use of this option is discouraged, but is provided as a temporary fix in situations where a recent version of OpenVPN must connect to an old version. By setting user to nobody or somebody similarly unprivileged, the hostile party would be limited in what damage they could cause. Of course once you take away privileges, you cannot return them to an OpenVPN session. Since the chroot operation is delayed until after initialization, most OpenVPN options that reference files will operate in a pre-chroot context.

In many cases, the dir parameter can point to an empty directory, however complications can result when scripts or restarts are executed after the chroot operation. The optional progname parameter will cause OpenVPN to report its program name to the system logger as progname.

This can be useful in linking OpenVPN messages in the syslog file with specific tunnels. When unspecified, progname defaults to "openvpn". When OpenVPN is run with the --daemon option, it will try to delay daemonization until the majority of initialization functions which are capable of generating fatal errors are complete.

This means that initialization scripts can test the return status of the openvpn command for a fairly reliable indication of whether the command has correctly initialized and entered the packet forwarding event loop. The nowait mode can only be used with --proto tcp-server. The default is wait. The nowait mode can be used to instantiate the OpenVPN daemon as a classic TCP server, where client connection requests are serviced on a single port number.

This option precludes the use of --daemon, --local, or --remote. Note that this option causes message and error output to be handled in the same way as the --daemon option. The optional progname parameter is also handled exactly as in --daemon. See the OpenVPN 1. Note that on Windows, when OpenVPN is started as a service, logging occurs by default without the need to specify this option. This option can only be used on non-Windows systems, when --proto udp is specified, and when --shaper is NOT specified.

Designed to be used to send messages to a controlling application which is receiving the OpenVPN log output. Adaptive compression tries to optimize the case where you have compression enabled, but you are sending predominantly uncompressible or pre-compressed packets over the tunnel, such as an FTP or rsync transfer of a large, compressed file. With adaptive compression, OpenVPN will periodically sample the compression process to measure its efficiency.

If the data being sent over the tunnel is already compressed, the compression efficiency will be very low, triggering openvpn to disable compression for a period of time until the next re-sample test.

The management interface provides a special mode where the TCP management link can operate over the tunnel itself. While the management port is designed for programmatic control of OpenVPN by other applications, it is possible to telnet to the port, using a telnet client in "raw" mode. Once connected, type "help" for a list of commands. For detailed documentation on the management interface, see the management-notes. It is strongly recommended that IP be set to The documentation is in doc and the actual plugin modules are in lib.

Multiple plugin modules can be cascaded, and modules can be used in tandem with scripts. The modules will be called by OpenVPN in the order that they are declared in the config file.

If both a plugin and script are configured for the same callback, the script will be called last. Don't use --server if you are ethernet bridging. A helper directive similar to --server which is designed to simplify the configuration of OpenVPN's server mode in ethernet bridging configurations.

For example, server-bridge This is a partial list of options which can currently be pushed: This option must be associated with a specific client instance, which means that it must be specified either in a client instance config file using --client-config-dir or dynamically generated using a --client-connect script.

The goal of this option is to provide a long-term association between clients denoted by their common name and the virtual IP address assigned to them from the ifconfig-pool. Maintaining a long-term association is good for clients because it allows them to effectively use the --persist-tun option.

This is useful if you would like to treat file as a configuration file. Note that the entries in this file are treated by OpenVPN as suggestions only, based on past associations between a common name and IP address. They do not guarantee that the given common name will always receive the given IP address. If you want guaranteed assignment, use --ifconfig-push.

The parameters local and remote-netmask are set according to the --ifconfig directive which you want to execute on the client machine to configure the remote end of the tunnel. Note that the parameters local and remote-netmask are from the perspective of the client, not the server.

They may be DNS names rather than IP addresses, in which case they will be resolved on the server at the time of client connection.

This directive can be used to route a fixed subnet from the server to a particular client, regardless of where the client is connecting from. Remember that you must also add the route to the system routing table as well such as by using the --route directive. The reason why two routes are needed is that the --route directive routes the packet from the kernel to OpenVPN. Once in OpenVPN, the --iroute directive routes to the specific client.

This option must be specified either in a client instance config file using --client-config-dir or dynamically generated using a --client-connect script.

The --iroute directive also has an important interaction with --push "route If you would like other clients to be able to reach A's subnet, you can use --push "route OpenVPN accomplishes this by not not pushing a route to a client if it matches one of the client's iroutes.

When this option is used, each client will "see" the other clients which are currently connected. Otherwise, each client will only see the server. Don't use this option if you want to firewall tunnel traffic using custom, per-client rules. See the --client-config-dir option below for options which can be legally used in a dynamically generated config file.

Note that the return value of script is significant. If script returns a non-zero error status, it will cause the client to be disconnected. The exception to this rule is if the --client-disconnect script or plugins are cascaded, and at least one client-connect function succeeded, then ALL of the client-disconnect functions for scripts and plugins will be called on client instance object deletion, even in cases where some of the related client-connect functions returned an error status.

This file can specify a fixed IP address for a given client using --ifconfig-push, as well as fixed subnets owned by the client using --iroute. One of the useful properties of this option is that it allows client configuration files to be conveniently created, edited, or removed while the server is live, without needing to restart the server.

The following options are legal in a client-specific context: When the number of queued TCP output packets reaches this limit for a given client connection, OpenVPN will start to drop outgoing packets directed at this client. Note that this directive affects OpenVPN's internal routing table, not the kernel routing table. This is an imperfect solution however, because in a real DoS scenario, legitimate connections might also be refused. For the best protection against DoS attacks in server mode, use --proto udp and --tls-auth.

This can be an IPv4 address such as " Only present for "add" or "update" operations, not "delete". On "add" or "update" methods, if the script returns a failure code non-zero , OpenVPN will reject the address and will not modify its internal routing table. Since OpenVPN provides the association between virtual IP or MAC address and the client's authenticated common name, it allows a user-defined script to configure firewall access policies with regard to the client's high-level common name, rather than the low level client virtual addresses.

Be aware that this method is insecure on some platforms which make the environment of a process publicly visible to other unprivileged processes. If method is set to "via-file", OpenVPN will write the username and password to the first two lines of a temporary file.

The filename will be passed as an argument to script, and the file will be automatically deleted by OpenVPN after the script returns. The location of the temporary file is controlled by the --tmp-dir option, and will default to the current directory if unspecified. The script should examine the username and password, returning a success exit code 0 if the client's authentication request is to be accepted, or a failure code 1 to reject the client.

This directive is designed to enable a plugin-style interface for extending OpenVPN's authentication capabilities. To protect against a client passing a maliciously formed username or password string, the username string must consist only of these characters: The password string can consist of any printable characters except for CR or LF. Care must be taken by any user-defined scripts to avoid creating a security vulnerability in the way that these strings are handled.

Never use these strings in such a way that they might be escaped or evaluated by a shell interpreter. If you use this directive, the entire responsibility of authentication will rest on your --auth-user-pass-verify script, so keep in mind that bugs in your script could potentially compromise the security of your VPN.

If you don't use this directive, but you also specify an --auth-user-pass-verify script, then OpenVPN will perform double authentication. The client certificate verification AND the --auth-user-pass-verify script will need to succeed in order for a client to be authenticated and accepted onto the VPN. In particular, --pull allows the server to push routes to the client, so you should not use --pull or --client in situations where you don't trust the server to have control over the client's routing table.

Use this option for unattended clients. Note that while this option cannot be pushed, it can be controlled from the management interface. This has a number of desirable security properties including eliminating certain kinds of DoS and message replay attacks. The direction parameter should always be complementary on either side of the connection, i.

The direction parameter requires that file contains a bit key. There are no certificates or certificate authorities or complicated negotiation handshakes and protocols. The only requirement is that you have a pre-existing secure channel with your peer such as ssh to initially copy the key.

This requirement, along with the fact that your key never changes unless you manually generate a new one, makes it somewhat less secure than TLS mode see below. If an attacker manages to steal your key, everything that was ever encrypted with it is compromised.

Contrast that to the perfect forward secrecy features of TLS mode using Diffie Hellman key exchange , where even if an attacker was able to steal your private key, he would gain no information to help him decrypt past sessions. Another advantageous aspect of Static Key encryption mode is that it is a handshake-free protocol without any distinguishing signature or feature such as a header or protocol handshake sequence that would mark the ciphertext packets as being generated by OpenVPN.

Anyone eavesdropping on the wire would see nothing but random-looking data. In static-key encryption mode, the HMAC key is included in the key file generated by --genkey. HMAC usually adds 16 or 20 bytes per packet. For more information on HMAC see http: For more information on blowfish, see http: To see other ciphers that are available with OpenVPN, use the --show-ciphers option.

If engine-name is specified, use a specific crypto engine. Use the --show-engines standalone option to list the crypto engines which are supported by OpenSSL. Replay protection is accomplished by tagging each outgoing datagram with an identifier that is guaranteed to be unique for the key being used.

The peer that receives the datagram will check for the uniqueness of the identifier. If the identifier was already received in a previous datagram, OpenVPN will drop the packet.

Replay protection is important to defeat attacks such as a SYN flood attack, where the attacker listens in the wire, intercepts a TCP SYN packet identifying it by the context in which it occurs in relation to other packets , then floods the receiving peer with copies of this packet. OpenVPN's replay protection is implemented in slightly different ways, depending on the key management mode you have selected.

This option is only relevant in UDP mode, i. If you are using a network link with a large pipeline meaning that the product of bandwidth and latency is high , you may want to use a larger value for n. Satellite links in particular often require this. If you run OpenVPN at --verb 4, you will see the message "Replay-window backtrack occurred [x]" every time the maximum sequence number backtrack seen thus far increases. This can be used to calibrate n.

There is some controversy on the appropriate method of handling packet reordering at the security layer. Namely, to what extent should the security layer protect the encapsulated protocol from attacks which masquerade as the kinds of normal packet loss and reordering that occur over IP networks? Since TCP guarantees reliability, any packet loss or reordering event can be assumed to be an attack. In this sense, it could be argued that TCP tunnel transport is preferred when tunneling non-IP or UDP application protocols which might be vulnerable to a message deletion or reordering attack which falls within the normal operational parameters of IP networks.

So I would make the statement that one should never tunnel a non-IP protocol or UDP application protocol over UDP, if the protocol might be vulnerable to a message deletion or reordering attack that falls within the normal operating parameters of what is to be expected from the physical IP layer.

This option will strengthen protection against replay attacks, especially when you are using OpenVPN in a dynamic context such as with --inetd when OpenVPN sessions are frequently started and stopped. This option will keep a disk copy of the current replay protection state i. This option only makes sense when replay protection is enabled the default and you are using either --secret shared-secret key mode or TLS mode with --tls-auth. Since it is a self-test mode, problems with encryption and authentication can be debugged independently of network and tunnel issues.

When two OpenVPN peers connect, each presents its local certificate to the other. Each peer will then check that its partner peer presented a certificate which was signed by the master root certificate as specified in --ca.

If that check on both peers succeeds, then the TLS negotiation will succeed, both OpenVPN peers will exchange temporary session keys, and the tunnel will begin passing data.

The easy-rsa package is also rendered in web form here: Then edit your openssl. Of course you should never use the test certificates and test keys distributed with OpenVPN in a production environment, since by virtue of the fact that they are distributed with OpenVPN, they are totally insecure.

Diffie Hellman parameters may be considered public. If your certificate authority private key lives on another machine, copy the certificate signing request mycert. Now sign the certificate with a command such as:. Now copy the certificate mycert. This makes it possible to use any smart card, supported by Windows, but also any kind of certificate, residing in the Cert Store, where you have access to the private key. In method 1 the default for OpenVPN 1.

In method 2, the default for OpenVPN 2. Both client and server also generate some random seed material. All key source material is exchanged over the TLS channel. Method 2 is designed to closely parallel the key generation process used by TLS 1. The --key-method parameter has no effect on this process. Here, --key-method determines the derivation of the tunnel session keys.

If the daemon is reset by a signal or --ping-restart, it will allow one new connection. In this case the HMAC key will be derived by taking a secure hash of this file, similar to the md5sum 1 or sha1sum 1 commands.

OpenVPN will first try format 1 , and if the file fails to parse as a static key file, format 2 will be used. See the --secret option for more information on the optional direction parameter.

The rationale for this feature is as follows. TLS requires a multi-packet exchange before it is able to authenticate a peer. Most successful network attacks today seek to either exploit bugs in programs such as buffer overflow attacks or force a program to consume so many resources that it becomes unusable.

Of course the first line of defense is always to produce clean, well-audited code. OpenVPN has been written with buffer overflow attack prevention as a top priority.

But as history has shown, many of the most widely used network applications have, from time to time, fallen to buffer overflow attacks. So as a second line of defense, OpenVPN offers this special layer of authentication on top of the TLS control channel so that every packet on the control channel is authenticated by an HMAC signature and a unique ID for replay protection.

This signature will also help protect against DoS Denial of Service attacks. An important rule of thumb in reducing vulnerability to DoS attacks is to minimize the amount of resources a potential, but as yet unauthenticated, client is able to consume.

The result is that packets without the correct signature can be dropped immediately upon reception, before they have a chance to consume additional system resources such as by initiating a TLS handshake.

It is not used to encrypt or authenticate any tunnel data. For the extremely security conscious, it is possible to protect your private key with a password. Of course this means that every time the OpenVPN daemon is started you must be there to type the password. The --askpass option allows you to start OpenVPN from the command line. It will query you for a password before it daemonizes.

To protect a private key with a password you should omit the -nodes option when you use the openssl command line tool to manage certificates and private keys. If file is specified, read the password from the first line of file. Keep in mind that storing your password in a file to a certain extent invalidates the extra security provided by using an encrypted key Note: It is always cached.

This feature is useful if the peer you want to trust has a certificate which was signed by a certificate authority who also signed many other certificates, where you don't necessarily want to trust all of them, but rather be selective about which peer certificate you will accept. This feature allows you to write a script which will test the X name on a certificate and decide whether or not it should be accepted.

For a simple perl script which will test the common name field on the certificate, see the file verify-cn in the OpenVPN distribution. Name can also be a common name prefix, for example if you want a client to only accept connections to "Server-1", "Server-2", etc. Using a common name prefix is a useful alternative to managing a CRL Certificate Revocation List on the client, since it allows the client to refuse all certificates except for those associated with designated servers.

This is a useful security option for clients, to ensure that the host they connect with is a designated server. If the server certificate's nsCertType field is set to "server", then the clients can verify this with --ns-cert-type server.

This is an important security precaution to protect against a man-in-the-middle attack where an authorized client attempts to connect to another client by impersonating the server. The attack is easily prevented by having clients verify the server certificate using any one of --ns-cert-type, --tls-remote, or --tls-verify. A CRL certificate revocation list is used when a particular key is compromised but when the overall PKI is still intact. Suppose a laptop computer containing a client key and certificate was stolen.

By adding the stolen certificate to the CRL file, you could reject any connection which attempts to use it, while preserving the overall integrity of the PKI.

The only time when it would be necessary to rebuild the entire PKI from scratch would be if the root certificate key itself was compromised.

One of the advantages of persistent tunnels is that they eliminate the need for separate --up and --down scripts to run the appropriate ifconfig 8 and route 8 commands. These commands can be placed in the the same shell script which starts or terminates an OpenVPN session. This can be useful to provide uninterrupted connectivity through the tunnel in the event of a DHCP reset of the peer's public IP address see the --ipchange option above.

One disadvantage of persistent tunnels is that it is harder to automatically configure their MTU value see --link-mtu and --tun-mtu above.

There are, however, two prerequisites for using this mode: By default in --dev tap mode, OpenVPN will take the normally unused first address in the subnet. For example, if your subnet is OpenVPN will "claim" this address, so make sure to use a free address.

Normally a very long lease time is preferred because it prevents routes involving the TAP-Win32 adapter from being lost when the system goes to sleep. The default lease time is one year. This method appears to work correctly on Windows XP but not Windows This approach does not have ideal semantics, though testing has indicated that it works okay in practice. DNS addr -- Set primary domain name server address. Repeat this option to set secondary DNS server addresses.

Repeat this option to set secondary WINS server addresses. Repeat this option to set secondary NTP server addresses. You need JavaScript enabled to view it. This option is intended to be used to troubleshoot problems with the --ifconfig and --ip-win32 options, and is used to give the TAP-Win32 adapter time to come up before Windows IP Helper API operations are applied to it. The second parameter indicates the initial state of exit-event and normally defaults to 0.

Multiple OpenVPN processes can be simultaneously executed with the same exit-event parameter. In any case, the controlling process can signal exit-event, causing all such OpenVPN processes to exit. It's an important security feature to prevent the malicious coding of strings from untrusted sources to be passed as parameters to scripts, saved in the environment, used as a common name, translated to a filename, etc.

Here is a brief rundown of OpenVPN's current string types and the permitted character class for each string:. Alphanumeric is defined as a character which will cause the C library isalnum function to return true. Same as Common Name, with one exception: Any "printable" character except CR or LF. Printable is defined to be a character which will cause the C library isprint function to return true. As of OpenVPN 2. If the network or gateway are resolvable DNS names, their IP address translations will be recorded rather than their names as denoted on the command line or configuration file.

This signal may also be internally generated by a timeout condition, governed by the --ping-restart option. This signal, when combined with --persist-remote-ip, may be sent when the underlying parameters of the host's network interface change such as when the host is a DHCP client and is assigned a new IP address.

See --ipchange above for more information. If you have Linux 2. If you are using a Linux iptables-based firewall, you may need to enter the following command to allow incoming packets on the TUN device:.

See the firewalls section below for more information on configuring firewalls for use with OpenVPN. Now we will choose the tunnel endpoints. Each machine will use the tunnel endpoint of the other machine to access it over the VPN. In our example, the tunnel endpoint for may. Once the VPN is established, you have essentially created a secure alternate path between the two hosts which is addressed by using the tunnel endpoints.

You can control which network traffic passes between the hosts a over the VPN or b independently of the VPN, by choosing whether to use a the VPN endpoint address or b the public internet address, to access the remote host. For example if you are on may. However in the same scenario, you could also use the command telnet You can use any address you wish for the tunnel endpoints but make sure that they are private addresses such as those that begin with 10 or If you use an address that is part of your local subnet for either of the tunnel endpoints, you will get a weird feedback loop.

The --verb 9 option will produce verbose output, similar to the tcpdump 8 program. Omit the --verb 9 option to have OpenVPN run quietly. This command will build a random key file called key in ascii format.

Now copy key to june over a secure medium such as by using the scp 1 program. Then construct Diffie Hellman parameters see above where --dh is discussed for more info.

You can also use the included test files client. For Diffie Hellman parameters you can use the included file dh Note that all client, server, and certificate authority certificates and keys included in the OpenVPN distribution are totally insecure and should be used for testing only.

Notice the --reneg-sec 60 option we used above. That tells OpenVPN to renegotiate the data channel keys every minute. Since we used --verb 5 above, you will see status information on each new key negotiation.

For production operations, a key renegotiation interval of 60 seconds is probably too frequent. Omit the --reneg-sec 60 option to use OpenVPN's default key renegotiation interval of one hour. Now any machine on the In a production environment, you could put the route command s in a shell script and execute with the --up option.

If you are using HMAC-based packet authentication the default in any of OpenVPN's secure modes , having the firewall filter on source address can be considered optional, since HMAC packet authentication is a much more secure method of verifying the authenticity of a packet source. OpenVPN also works well on stateful firewalls. In some cases, you may not need to add any static rules to the firewall list if you are using a stateful firewall that knows how to track UDP connections.

If you specify --ping n, OpenVPN will be guaranteed to send a packet to its peer at least once every n seconds.

If n is less than the stateful firewall connection timeout, you can maintain an OpenVPN connection indefinitely without explicit firewall rules. Go here to download the latest version of OpenVPN, subscribe to the mailing lists, read the mailing list archives, or browse the CVS repository. For more information on the TLS protocol, see http: For more information on the LZO real-time compression library see http: Though all command line options are preceded by a double-leading-dash "--" , this prefix can be removed when an option is placed in a configuration file.

If --config file is the only option to the openvpn command, the --config can be removed, and the command can be given as openvpn file Note that configuration files can be nested to a reasonable depth. For example on Windows, use double backslashes to represent pathnames: Sample OpenVPN configuration file for using a pre-shared static key. Use a dynamic tun device.

By default, OpenVPN runs in point-to-point mode "p2p". If specified, OpenVPN will bind to this address only.

VPNs Keep You Safe Online

Leave a Reply