The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,518 other followers

Archive for the ‘OpenVPN’ Category

It looks like a volunteer has been found to maintain the openvpn chocolatey

Posted by jpluimers on 2021/08/09

The chocolatey package for OpenVPN has not been updated for quite a while. It looks like it has to do with the current dependency to verify the OpenVPN signature.

The current [Wayback] Chocolatey Software | OpenVPN 2.4.7 version is both outdated on the major version number ([Wayback/Archive.is] Release OpenVPN v2.5.3 release · OpenVPN/openvpn) and minor version ([Wayback/Archive.is] Release OpenVPN v2.4.11 release · OpenVPN/openvpn). The version 2.4 Windows installers are now called “Legacy Windows Installers”.

Luckily less than a day after the start of the [Wayback/Archive.is] RFM – openvpn · Issue #1024 · chocolatey-community/chocolatey-package-requests, a volunteer stepped forward.

Hopefully by now the package is being maintained again.

–jeroen

Posted in Network-and-equipment, OpenVPN, Power User, VPN | Leave a Comment »

Tools for TCP tunnels over HTTP/HTTPS

Posted by jpluimers on 2019/01/16

With the advent of WebSockets, it looks like TCP tunnels over HTTP/HTTPS are gaining more ground and I need to put some research time in them.

Some old to new links:

CONNECT requests are not supported by many HTTP proxies, especially in larger organisations, so chisel and crowbar have a much bigger chance there.

And of course there is SoftEtherVPN/SoftEtherVPN: A Free Cross-platform Multi-protocol VPN Software. * For support, troubleshooting and feature requests we have http://www.vpnusers.com/. For critical vulnerability please email us. (mail address is on the header.).

However, that is a VPN solution which is much broader than just a single TCP tunnel. You can so similar things with OpenVPN, but over HTTP/HTTPS, also requires CONNECT:

SoftEtherVPN seems to be more versatile though. I blogged about that before, but back then didn’t have needs for it yet. VPN over HTTPS: Ultimate Powerful VPN Connectivity – SoftEther VPN Project.

–jeroen

via: [WayBackVPN through only http – Server Fault answer by [WayBack] neutrinus

Posted in Communications Development, Development, HTTP, https, Internet protocol suite, Network-and-equipment, OpenVPN, Power User, TCP, VPN, WebSockets, Windows-Http-Proxy | Leave a Comment »

ssl/ssh multiplexer

Posted by jpluimers on 2017/08/07

sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.

Probes for HTTP, SSL, SSH, OpenVPN, tinc, XMPP are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow serving several services on port 443 (e.g. to connect to ssh from inside a corporate firewall, which almost never block port 443) while still serving HTTPS on that port.

Hence sslh acts as a protocol demultiplexer, or a switchboard. Its name comes from its original function to serve SSH and HTTPS on the same port.

sslh supports IPv6, privilege dropping, transparent proxying, and more.

Interesting…

–jeroen

Posted in *nix, https, Linux, OpenSSL, OpenVPN, Power User, Security | Leave a Comment »

With so many vulnerabilities out there, here is how to find out of if a fixed…

Posted by jpluimers on 2017/06/23

For my blog archive as I already shared it on G+

[WayBack] With so many vulnerabilities out there, here is how to find out of if a fixed is applied to vulnerabilities on Debian/Ubuntu Linux using CVE. – Jeroen Wiert Pluimers – Google+

[WayBackDebian/Ubuntu Linux: Find If Installed APT Package Includes a Fix/Patch Via CVE Number – nixCraft

Explains how to view the changelog of an installed package on a Debian or Ubuntu Linux server to find out if a fix/patch applied via CVE number.

Hans Wolters:
And find all packages that belong to one cve :-)

zgrep -i cve /usr/share/doc/*/changelog.Debian.gz|grep 1000364

–jeroen

 

Posted in OpenVPN, Power User, Security | Leave a Comment »

Some links for MikroTik tips and scripts

Posted by jpluimers on 2017/04/25

MikroTik has great hardware, but getting things to work can be a bit ehm intimidating.

So here are some links that were useful getting my CCR1009 and CRS226 configurations to do what I wanted.

Very advanced stuff:

Packet flow (maybe the toughest part to wrap your head around):

Scripts:

Load balancing:

Syntax highlighting:

Pictures

Very well written blog:

Manito Network’s Mikrotik solutions blog. In-depth articles on Mikrotik routing, security, best practices, VPN, and more.

Source: Mikrotik — Manito Networks

Solutions for RouterOS-based Mikrotik networks. Includes security and best practices, VPN, routing, switching, and more.

Source: Mikrotik-1 — Manito Networks

–jeroen

Posted in DNS, Internet, IPSec, MikroTik, Network-and-equipment, OpenVPN, Power User, PPTP, routers, VPN | Leave a Comment »

 
%d bloggers like this: