Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Open VPN worries

From: Xinyun Zhou <me () xyzhou com>
Date: Thu, 19 Sep 2013 17:56:06 +1000
On Wed, 2013-09-18 at 11:06 -0700, ToddAndMargo wrote:

your physically have to call the operator on the phone and have them
start the tunnel.  They (or I) kill the tunnel when they log out.
The tunnel is always off after hours.


This is a good way if you don't care about the trouble.


My concern is that someone could physically break into one of the client 
machine, sit down at the computer, log into one of the
servers, and starting something mischievous.


Is there any protection to the computer itself (like login, disk
encryption)? If not, you can put the key to an USB, which may be a
really simple solution.


Am I over worrying things?  Would it be better to have the Open VPN
client prompt for a password?


You can setup OpenVPN so that it will require both key and password, it
shouldn't be too difficult to setup, few do some Googling and you should
be able to get it.


If I am not over worrying it, can clients be made to prompt for
passwords when the connect?  Can someone point me to a "How To"
for doing this with both Windows and Linux?


Actually I don't think I am fully understanding what your scenario is
because it sounds really confusing. What role are you and your client?
where's the OpenVPN server installed? Who is the phone Operator you
mean? What OS does the server run, and what do you need the OpenVPN
server for? ... Sorry maybe I did get those.

-- 
Xinyun Zhou


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: