Hi
Am 12.08.2015 um 04:12 schrieb Jason Haar:
Hi there
...
Not much to go on I know, but could there be some way for openvpn server
to keep track of something like "timestamp:externalIP:cert" and
basically start ignoring new sessions if it sees more than one every XX
seconds? That would redu
On 12/08/15 20:20, Erich Titl wrote:
>
> The script might do this just the same. This would avoid having to
> wait for an implementation in openvpn, which might break behaviour too.
>
Well yeah - but it's the calling hundreds of scripts per minute that
are causing the load :-)
...but you are corr
Hi
Am 12.08.2015 um 11:18 schrieb Jason Haar:
On 12/08/15 20:20, Erich Titl wrote:
The script might do this just the same. This would avoid having to
wait for an implementation in openvpn, which might break behaviour too.
Well yeah - but it's the calling hundreds of scripts per minute that
Hi,
On Wed, Aug 12, 2015 at 01:20:38PM +0200, Erich Titl wrote:
> You may want to mess around with the sticky bit on those scripts.
I have my doubts that this would be doing anything at all on a recent
unix or linux - and even then, it won't stop recompilation of the script
on each call, which is
Hi all,
I'm now hardening our OpenVPN Production Server.
I've managed to hardened all required aspects, except the HMAC/TLS-AUTH
option.
AFAICT, activating the HMAC extra security mechanism, will force me to
reconfigure all clients, with the risk of failure and a lot of downtime.
The only way a
Hi Rui,
On 12/08/15 16:49, Rui Santos wrote:
> Hi all,
>
> I'm now hardening our OpenVPN Production Server.
> I've managed to hardened all required aspects, except the HMAC/TLS-AUTH
> option.
>
> AFAICT, activating the HMAC extra security mechanism, will force me to
> reconfigure all clients, with
