Ideas for securing OpenVPN on an OpenWrt router
Sam Sharpe
lists.redhat at samsharpe.net
Tue Mar 8 16:46:02 UTC 2011
On 8 March 2011 15:34, erikmccaskey64 <erikmccaskey64 at zoho.com> wrote:
> ok, i putted an OpenVPN server on port 1194 on an OpenWrt 10.03 router.
> https://pastebin.com/raw.php?i=xEZTvnhT
> http://pastebin.mozilla.org/1138443
> Questions: what could i do to increase security regarding this OpenVPN
> server? - i mean on server side!
> 1 - i sed 's/1194/50000/' the port number to a higher one - it's against the
> automated robots, ok!
> 2 - iptables? i should only allow ip ranges [on the input chain] that i will
> use in reality? - ok!
> 3 - if i don't use my router - e.g.: when i'm sleeping i just turn it off.
> 4 - ? what else?? Plese write down you're idea/solution!!!
> OpenWrt isn't OpenBSD, so from the "ps" command i can see that the OpenVPN
> is runned by root. it's not so secure. How can i make it more secure?
If I were you, I would ask on an OpenVPN or OpenWrt mailing list,
rather than a Fedora mailing list
--
Sam
More information about the users
mailing list