Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 19 Sep 2018, 18:35
All times are UTC - 4
 Forum index » Off-Topic Area » Security
VPN DNS Leaks in TahrPup
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [2 Posts]  
Author Message
tahrball

Joined: 20 Aug 2017
Posts: 4

PostPosted: Sun 20 Aug 2017, 17:21    Post subject:  VPN DNS Leaks in TahrPup
Subject description: VPN DNS Leaks in TahrPup
 

New to PuppyLinux in general, so forgive me if this is a simple issue or if this post is in the wrong category. I searched the forum a few times and didn't see this question asked anywhere else.

Using Tahrpup and OpenVPN 2.3.2 installed from the Ubuntu repos, I'm seeing DNS leaks while connected. I have my ovpn connection files setup to use the update-resolv-conf script to prevent this as follows:

Code:
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf


This configuration works without leaks in Ubuntu, but not in Puppy. Just wondering if anyone had any ideas what the issue might be?

I posed the same question in the puppy hex chat and was asked to try running OpenVPN as Spot. Doing so allows me to log in, but crashes once a connection is attempted (with a permissions error). This was semi-expected behavior bc even in Ubuntu I have to run OpenVPN with sudo.

Thanks!
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 1126

PostPosted: Fri 29 Dec 2017, 01:22    Post subject:  

If you edit resolve.conf the dhcp daemon will rewrite it periodicaly. You can try using a static IP or alternatively edit "resolve.conf.head

Here are some more tips from archwiki

Quote:

To do this, add the following to the last section of /etc/dhcpcd.conf:

nohook resolv.conf

Alternatively, you can create a file called /etc/resolv.conf.head containing your DNS servers. dhcpcd will prepend this file to the beginning of /etc/resolv.conf.

Or you can configure dhcpcd to use the same DNS servers every time. To do this, add the following line at the end of your /etc/dhcpcd.conf, where dns-server-ip-addressses is a space separated list of DNS IP addresses.

static domain_name_servers=dns-server-ip-addresses

For example, to set it to Google's DNS servers:

static domain_name_servers=8.8.8.8 8.8.4.4

Write-protect /etc/resolv.conf

Another way to protect your /etc/resolv.conf from being modified by anything is setting the immutable (write-protection) attribute:

# chattr +i /etc/resolv.conf


You could also setup IPTABLES to drop DNS requests to other DNS servers.Actually though if you are using a VPN then you might want to drop all connections that aren't going through the VPN.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [2 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 2.2718s ][ Queries: 13 (2.1891s) ][ GZIP on ]