On Fri, 2017-11-03 at 10:10 -0700, Rick Stevens wrote: > > > That explains it. I've implemented openvpn in a subnet-to-subnet > > > config before from the command-line. Much of this is research for my > > > father-in-law and his fedora box. > > If the OP's father-in-law is simply trying to stay anonymous and hide > his IP address while he does his cyberbusiness, a VPN isn't really > necessary. What he wants is an anonymous proxy.
Yes, I did mention that in my reply. > There are lots of those > around. If he wants to encrypt the traffic between his computer and the > anonymous proxy to shield it from prying eyes, then that's where the VPN > might come in--provided the anonymous proxy supports VPN access and if > so, what kind of VPN it offers. > > A VPN is just that...a virtual private network. It simply establishes an > encrypted data link between endpoints (typically while going across one > or more public internet hops) to prevent the "bad guys" from snooping > the data streams. It can be effective, depending on the encryption > algorithms used, the keys the encryption is based on, etc., etc. > > > > Is the shell script publically available? I'd be very interested in > > > seeing how they're doing it. > > > > On looking again, it turns out to be a binary executable rather than a > > Shell script. Sorry for the confusion. However I'm fairly sure I did > > once manage to use openvpn with the credentials supplied by the > > provider, so it's not black magic. > > There's nothing magic about OpenVPN. I meant there isn't anything magical about the specific provider I use, even though they have a binary-only client, i.e. they are entirely compatible with OpenVPN, which I think is probably the case for most of them, to the extent that I'd be suspicious of any public services that weren't. > While we don't use it ourselves (we > use Cisco-based VPNs using ASA devices and clients such as vpnc), I know > a number of people who have deployed OpenVPN with quite reasonable > results (in fact, sometimes better results than we get with our > hardware-based VPN equipment). That's the end-to-end use case, so of course you are in control of both ends. > Using a VPN all depends on how paranoid you are (or rather the OP's > father-in-law is). They certainly have their uses. They can also be simpler to set up than proxies, for the non-expert user, since they are focused on what the general public wants, or thinks it wants. poc _______________________________________________ users mailing list -- [email protected] To unsubscribe send an email to [email protected]
