Ideas for securing OpenVPN on an OpenWrt router



ok, i putted an OpenVPN server on port 1194 on an OpenWrt 10.03 router.
https://pastebin.com/raw.php?i=xEZTvnhT
http://pastebin.mozilla.org/1138443


Questions: what could i do to increase security regarding this OpenVPN server? - i mean on server side!


1 - i sed 's/1194/50000/' the port number to a higher one - it's against the automated robots, ok!
2 - iptables? i should only allow ip ranges [on the input chain] that i will use in reality? - ok!
3 - if i don't use my router - e.g.: when i'm sleeping i just turn it off.
4 - ? what else?? Plese write down you're idea/solution!!!


OpenWrt isn't OpenBSD, so from the "ps" command i can see that the OpenVPN is runned by root. it's not so secure. How can i make it more secure?

--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users


Relevant Pages

  • Ideas for securing OpenVPN on an OpenWrt router
    ... what could i do to increase security regarding this OpenVPN server? ... OpenWrt isn't OpenBSD, so from the "ps" command i can see that the OpenVPN is runned by root. ... How can i make it more secure? ...
    (Fedora)
  • Ideas for securing OpenVPN on an OpenWrt router
    ... what could i do to increase security regarding this OpenVPN server? ... OpenWrt isn't OpenBSD, so from the "ps" command i can see that the OpenVPN is runned by root. ... How can i make it more secure? ...
    (Debian-User)
  • [ GLSA 200511-07 ] OpenVPN: Multiple vulnerabilities
    ... The OpenVPN client is potentially vulnerable to the execution of ... when the OpenVPN server runs ... potentially executing arbitrary code on the ... Security is a primary focus of Gentoo Linux and ensuring the ...
    (Bugtraq)
  • [Full-disclosure] [ GLSA 200511-07 ] OpenVPN: Multiple vulnerabilities
    ... The OpenVPN client is potentially vulnerable to the execution of ... when the OpenVPN server runs ... potentially executing arbitrary code on the ... Security is a primary focus of Gentoo Linux and ensuring the ...
    (Full-Disclosure)