Hello!
Hope we are not too late .
We jist tested block-local using this client in Windows 10 Pro 22H2
and do not see any difference in behaviour comparing with 2.6.
Thank you!
06.06.2024 16:23, Gert Doering пишет:
Hi,
we have new code in master that helps with the "TunnelCrack" and
"T
Hi,
if you think this is a useful security enhancement, and would like to have
it in a "short term" 2.6.x release, we need test results...
please!
gert
On Thu, Jun 06, 2024 at 02:23:33PM +0200, Gert Doering wrote:
> Hi,
>
> we have new code in master that helps with the "TunnelCrack" and
> "T
Hi,
On Thu, Jun 06, 2024 at 05:23:31PM +0400, Dmitry Melekhov wrote:
> redirect-gateway def1 block-local
>
> also apply block-outside-dns ?
"everything" includes DNS, so, yes.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a comput
06.06.2024 16:23, Gert Doering пишет:
Hello!
We used to have
block-outside-dns
to prevent Windows from doing DNS lookups "around the VPN" - the main
intent of this was "make sure split DNS works", but a side effect has
also been "avoid DNS leaks".
Heiko has now extended this code to be ab
Hi,
On Thu, Jun 06, 2024 at 02:23:33PM +0200, Gert Doering wrote:
> Now - this code has been merged into "git master", and installers
> are here:
>
>https://github.com/OpenVPN/openvpn-build/actions/runs/9391365526?pr=641
>
> (bottom of the page, "Artifacts", .zip files with a .msi inside).
Hi,
we have new code in master that helps with the "TunnelCrack" and
"TunnelVision" attacks, that is, packets intended to go into the
VPN being leaked away by means of a malicious DHCP server (= routing
points outside the tunnel, so packets never hit OpenVPN).
We used to have
block-outside-dns
