Sales Queries > Product Enquiries
VPN Vulnerability
PitBoss:
The lockdown feature if enabled will remove your default gateway once a connection is made. In the event of disconnections, it will not be able to reconnect because the default gateway is no longer available. This gateway will be restored once you click disconnect .No traffic will be leaving nor coming to PC while the vpn is in lockdown mode.
The firewall option is another type of blocking or filtering. It will allows or drop traffic based on your firewall rules, this is more of users with experence in configuring the rules. Lockdown is literally lock everything to go thru the tunnel even when in connected or disconnected state.
We will be doing some minor to upgrading that will improve the securit within the next couple of days, refer to our https://www.bolehvpn.net/announcement/vpn-servers-security-maintenance-update/.
Bahadir:
Thanks for the update Pitboss.
kayman:
--- Quote from: PitBoss on February 01, 2017, 03:24:25 PM ---The lockdown feature if enabled will remove your default gateway once a connection is made. In the event of disconnections, it will not be able to reconnect because the default gateway is no longer available. This gateway will be restored once you click disconnect .No traffic will be leaving nor coming to PC while the vpn is in lockdown mode.
The firewall option is another type of blocking or filtering. It will allows or drop traffic based on your firewall rules, this is more of users with experence in configuring the rules. Lockdown is literally lock everything to go thru the tunnel even when in connected or disconnected state.
We will be doing some minor to upgrading that will improve the securit within the next couple of days, refer to our https://www.bolehvpn.net/announcement/vpn-servers-security-maintenance-update/.
--- End quote ---
While doing upgrading, are you going to introduce a DNS leak protection and a Lockdown feature for Linux?
Currently (latest ovpn files,keys etc.) only FullyRouted Luxembourg won't leak DNS, all other FullyRouted servers leak DNS.
Also, when enabling the Linux firewall (UFW) only FullyRouted Luxembourg will connect, all other FullyRouted servers won't; Because of geological proximity I'd prefer the Singapore server.
PitBoss:
I'm sorry to hear to that DNS leaks is happening to your setup.
We do not have DNS leaks in all the testing we have done based on our recommended installation. DNS leaks will happen if users changed DHCP to static DNS and static IP address for their network setup.
The latest update will plug the following leaks, if any:
1. IPv6 DNS leaks
2. IPv6 Traffic leaks
3. Reconnect leaks
We are not implementing force killswitch as not all users required a killswitch. The fixed we applied, is good enough to prevent any leaks during a disconnect and preventing traffic while it is trying to reconnect. As it is now, the term killswitch is being used so commonly by VPN users or providers without stating the fact that it is not a switch at all. Killswitch is a switch that you activated when something bad happen and it's supposed to be triggered manually. However in VPN, this is triggered immediately upon establishing a connection.
OpenVPN already has this features built-in and we have activated and pushed the features from the server side. This protection will be in force for as long as the vpn service is active.
Thank you
Navigation
[0] Message Index
[*] Previous page
Go to full version