Hosted by Darren Kitchen and Shannon Morse. New episodes Tuesdays.
Put together by a band of IT ninjas, security professionals and hardcore gamers, Hak5 isn't your typical tech show. We take on hacking in the old-school sense, covering everything from network security, open source and forensics, to DIY modding and the homebrew scene. Then we wrap it all up with a... Read More
This time on the show, bypass restrictive firewalls with a free and open source virtual private network server for Windows and Linux that will have you connecting back to the home or office with just a web browser!
Thus far we've only spoken about implementing Virtual Private Networks using Point-To-Point Tunneling Protocol. While PPTP is a ok protocol for secure tunneling, at least in my experience it comes with a few gotchyas. Namely firewalls.
VPNs based on Secure Sockets Layer or SSL technologies are less encumbered by these restrictions. Certificates are already in the browsers and there is often no software to install. Secure, Easy, Versatile.
You can think of SSL VPNs as the Webmail of email. Rather than setting up a dedicated client like Outlook or Thunderbird to use POP3 or IMAP4 we'll be using our web browser to access an https site.
SSL Explorer is a web based SSL VPN server. The technology was acquired by Barracuda Networks. Project named
Windows Install
Can be sorta tricky so Lars Werner made an awesome installer using NSIS-Installer. Make sure you have the latest Java JRE.
Download, Run, Next, next, next, install, next, Create certificate, Install Service, browse to https://server:28080 from client, Login as admin and follow the certificate creation wizard.
System Configuration is basically the same on Linux or Windows.
Begin by setting up a LAMP and OpenSSH server. In this segment I used Ubuntu Server 8.04 32-bit.
Install Java JDK and configure paths.
sudo apt-get install sun-java6-bin and sun-java6-jdk export JAVA_HOME=/usr/lib/jvm/java-6-sun export PATH=$PATH:$JAVA_HOME/bin java -version
Next install ant, which is kinda like make for Java.
sudo apt-get install ant
Then in /opt go ahead and download and install OpenVPN-ALS.
cd /opt wget http://downloads.sourceforge.net/project/openvpn-als/adito/adito-0.9.1/adito-0.9.1-bin.tar.gz (note: at time of writing this was the latest version.) sudo tar zxvf *.gz cd adito-0.9.1/ ifconfig (remember this IP, you'll need it in a minute) sudo ant install
From a browser go to http://
Once the wizard is complete the installer will finish. Now we'll install OpenVPN-ALS as a service.
sudo ant install-service sudo ant start
At this point we can stop and start the service using /etc/init.d/adito stop|start|restart.
You can now browse to the server's IP on the port you configured in the setup wizard (default is 443 so simply prepend the IP by https://). Login with the super user account and you'll be greeted by a management GUI. From here you can create accounts, groups, policies, and add resources. In this segment I configured an SSL Tunnel, a Network Place, and a Web Forward. For more details on configuration I advise consulting the SSL-Explorer Admin Guide (Zipped PDF). While the name has changed most of the functionality is the same. You may find additional documentation at the OpenVPN ALS forums.
6 days ago
Employers want social media passwords, US gets a #CPO, and #TheOnion! All that and more this time on #ThreatWire! http://t.co/SrZpicvnt6
9 days ago
#Installing #Solar panels, #Google #Chrome #extensions, and more on @Hak5! http://t.co/QppYLgZpi5
9 days ago
Legalizing #Internet eavesdropping, #LivingSocial is #hacked, and more on this weeks #ThreatWire! http://t.co/xyIxzy8kes
9 days ago
@thescribe I didn't! They were disabled and enabled throughout the segment. Each one has a different icon. - @Snubs
9 days ago
@myraitnetwork thank you!
24 days ago
#PGP #Encrypt your email, back up your #Gmail Account with #Ubuntu, text #messaging your #WiFi #Pineapple On #Hak5! http://t.co/KSZeO4GEPU
