Hallo David,
> However, how will this approach make sure that malware don't use such a
> (new) openvpn service to redirect all Internet traffic via a third-party
> which can analyse everything happening?
A malware on openvpn endpoint can analyse all decrypted traffic.
No need to redirect.
If you
Hi,
On Wed, 07 Mar 2012 09:00:04 +1300, Jason Haar wrote:
Your comments on rogue servers is certainly worth discussing too.
What can a rogue openvpn server push back to a client? Routes
obviously - but
other than screwing the client, is there any new risk?
if you expect the server to be
On 07/03/12 07:55, Alon Bar-Lev wrote:
> 1. Multi user computer - we need to make sure one user cannot use
> another user credentials and not effect the other users. With changes
> I suggested there is full solution for this.
Is that really a risk worth solving? I mean, does *anyone*, *anywhere*
On Tue, Mar 6, 2012 at 8:41 PM, David Sommerseth
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 06/03/12 19:26, Alon Bar-Lev wrote:
>> On Tue, Mar 6, 2012 at 7:42 PM, Russell Morris
>> wrote:
>>> Hi,
>>>
>>>
>>>
>>> That makes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/03/12 19:26, Alon Bar-Lev wrote:
> On Tue, Mar 6, 2012 at 7:42 PM, Russell Morris
> wrote:
>> Hi,
>>
>>
>>
>> That makes sense - thanks! I'm not a security expert by any means,
>> so the thread lost me when it diverged
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/03/12 18:42, Russell Morris wrote:
> Hi,
>
>
>
> That makes sense - thanks! I'm not a security expert by any means, so
> the thread lost me when it diverged into this area ... :-(.
>
>
>
> At the risk of asking a stupid question (but that
On Tue, Mar 6, 2012 at 7:42 PM, Russell Morris wrote:
> Hi,
>
>
>
> That makes sense - thanks! I'm not a security expert by any means, so the
> thread lost me when it diverged into this area ... :-(.
>
>
>
> At the risk of asking a stupid question (but that is my specialty
This exactly what we discuss at the privilege separation thread...
Currently to change configuration you need to start a process.
2012/3/6 Russell Morris :
> Hi,
>
>
>
> Taking off from the thread below - is it possible in Windows to start
> openvpn, but only as a sort of