Security Basics mailing list archives
Re: Open VPN worries
From: Xinyun Zhou <me () xyzhou com>
Date: Thu, 19 Sep 2013 17:56:06 +1000
On Wed, 2013-09-18 at 11:06 -0700, ToddAndMargo wrote:
your physically have to call the operator on the phone and have them start the tunnel. They (or I) kill the tunnel when they log out. The tunnel is always off after hours.
This is a good way if you don't care about the trouble.
My concern is that someone could physically break into one of the client machine, sit down at the computer, log into one of the servers, and starting something mischievous.
Is there any protection to the computer itself (like login, disk encryption)? If not, you can put the key to an USB, which may be a really simple solution.
Am I over worrying things? Would it be better to have the Open VPN client prompt for a password?
You can setup OpenVPN so that it will require both key and password, it shouldn't be too difficult to setup, few do some Googling and you should be able to get it.
If I am not over worrying it, can clients be made to prompt for passwords when the connect? Can someone point me to a "How To" for doing this with both Windows and Linux?
Actually I don't think I am fully understanding what your scenario is because it sounds really confusing. What role are you and your client? where's the OpenVPN server installed? Who is the phone Operator you mean? What OS does the server run, and what do you need the OpenVPN server for? ... Sorry maybe I did get those. -- Xinyun Zhou ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Open VPN worries ToddAndMargo (Sep 18)
- Re: Open VPN worries Xinyun Zhou (Sep 19)
- Re: Open VPN worries ToddAndMargo (Sep 19)
- Re: Open VPN worries Pui Edylie (Sep 19)
- Re: Open VPN worries Xinyun Zhou (Sep 19)