I'm trying to configure an IPsec VPN connexion with OpenBSD as a VPN Server with 3-DES for the Encryption, HMAC-SHA-1 for the Integrity, and PresharedKey for the Authentification.
My Questions are :
If it's possible to do it with OpenBSD, can anybody give me a working tutorial to do this?
If it's not possible to do it with OpenBSD, can anybody give me others solution and tutorials for this?
i have found in the past these guides very useful.
if you want to use l2tp/ipsec with npppd check out this undeadly article.
finally if you plan to use openvpn we have assembled a small guide at our site.
Related
My Hyperledger Fabric enironment is behind a firewall, and I have to establish a connection with another organization. I know that Hyperledger uses GRPC for communication, and my organization has a HTTP proxy to access the internet, and I don't know if HTTP proxy solves this problem.
Any idea?
IT teams of both the organizations need to open communication between each other. HTTP proxy is to cut your communication with actual internet. That is not going to work here, as both the orgs are individually controlled environments.
Once connectivity between orgs is established (like some n/w tunnel creation or something), you can work with the servers of the other org as if those are in your LAN. Your IT team should get involved here. All the best.
I'm really bad with networking things, but i tried today to set-up an OpenVPN server using GCP Marketplace following this tutorial:
https://openvpn.net/vpn-server-resources/google-cloud-platform-byol-instance-quick-launch-guide/
When trying to connect using OpenVPN Client on Windows 10, the connection seems ok but no traffic is redirected trough the VPN.
What i try to acheive is to route all the traffic from my Windows 10 computer trough the OpenVPN Server.
I think it's just about a settings on the server/client but i can't seem to understand while searching for a solution.
Thanks for the help!
Jimmy
I finally found the answer myself.
It was just a configuration to do in the OpenVPN web admin interface to ask the server to re-route all traffic.
I had another issue with DNS, so i did setup DNS manually in the admin interface.
Cheers.
Jimmy
I am doing malware analysis of a pdf file in windows vm. This malicious pdf file is going to connect to the internet and I don't want it to. But I want to see the network activity it is going to do.
I watched in a video that I can connect the windows vm to some other vm like remnux and test the packets being sent through wireshark.
If somebody wants to watch the video I am talking about here is the link: -https://www.youtube.com/watch?v=kNlRDNt7Zp0
She talks about the remnux thing in between 15:00 to 16:00 min. I don't understand how she did that.
Can somebody please explain me how those steps are done. I have searching the net all day but I can't find anything. I am really a beginner in all that networking stuff so any topics I did find were just jargon to me.
Thank you for your help.
I am using VMware player version 7.
Edit: I did do a lot of research on this topic but whatever is available on google is far too much for me to understand. Please don't think that I didn't try anything myself.
Malware is likely to generate a DNS request to resolve the ip of the C&C server. Therefore you can set the DNS in the victim (windows) machine to the ip address of the remnux machine and you will get the DNS request generated by the malware. You can then configure remnux to direct the malware to the same remnux machine to monitor traffic generated by malware when it tries to connect to C&C server after DNS resolution.
You may have to write a custom server for responding to the malware request. Modern malware use RSA challenge which will almost render initiating communication impossible.
Ref SANS tutorial for further details
I am trying to make it possible for a tool I use to connect via VPN to the network in my University. The problem with that is, that I am just able to generate a tun/tap device. The tool itself does not support using a specific network interface BUT it supports using a HTTP-proxy.
So now I am looking for a HTTP-Proxy which I can bind to a specific interface (tun device) in order to let the tool connect to my VPN via this HTTP-proxy.
I have looked at privoxy an squid but I couldn't find a hint thtat they support it.
Do you know any HTTP-proxy that supports what I plan to do?
I believe just binding to a tun interface is not enough. Since the packets coming into your HTTP-proxy will be IP packet, you will also need some TCP stack in the proxy code which can terminate the connect. Lwip is a stack for embedded device which seems full-featured. Maybe you can use that to terminate the connection and proxy it out.
Also, neither squid nor privoxy support tuntap device.
Hope this helps.
I want to add the option of automatic port forwarding (NAT Traversal) to an application.
I know this can be done using UPnP (specifically the part that communicates with the device presenting itself as an IGD - Internet Gateway Device).
I need to be able to test this port forwarding feature while developing it. And whatever big router system company traffic is routered over
Doesn't provide UPnP.
Wouldn't want me messing around with it while it's in live service.
My question is:
Does anyone know of any software that acts as or emulates a UPnP compatible router?
You could use Windows Firewall / Internet Connection Sharing, which supports UPnp by default. Just setup another machine, with Internet Connection Sharing activated, and you will have a UPnp router.
Also, you could check the UPnp forum for more information here.
Later edit:
You could also try setting up a linux/unix firwall with igd activated.
Here is a forum post for ubuntu.
And there is a miniUPnp project too.