On Wed, 9 Dec 2020 11:49:45 +0200 Andrei POPESCU <andreimpope...@gmail.com> wrote:
> On Ma, 08 dec 20, 12:27:40, Joe wrote: > > > > This application is also useful with a home VPN server, if you're > > not trying to hide anything, but just want to use the Net > > reasonably safely from an unsafe location e.g. Internet cafe. You > > can tailor a set of firewall rules to allow nothing in or out > > except DNS, DHCP and HTTP (normally a local web login is required), > > not forgetting the tunnelling protocol port out. A VPN client will > > normally have a switch to route everything through the tunnel to > > achieve this. > > Sorry, I must be dense. How is this improving safety compared to > accessing the internet from my home network? > > It isn't. It's improving safety compared to surfing the web from public wifi or other untrusted network. It then uses your home Internet connection for surfing the web, etc., which should be safer. Only local DHCP, DNS and HTTP must be allowed to the local network initially, and once the VPN is up, even these are routed through the encrypted tunnel. -- Joe