Re: Verifying Encryption

2019-01-28 Thread AudioGames . net Forum — Off-topic room : Ethin via Audiogames-reflector 


  


Re: Verifying Encryption

The testssl thing can be run on any unix/linux/cygwin system with the latest version of openssl (preferably) installed. The VPN is most likely slower because of the encryption, though I don't really understand why that is.

URL: https://forum.audiogames.net/post/408051/#p408051




-- 
Audiogames-reflector mailing list
Audiogames-reflector@sabahattin-gucukoglu.com
https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector

Re: Verifying Encryption

2019-01-28 Thread AudioGames . net Forum — Off-topic room : Chris via Audiogames-reflector 


  


Re: Verifying Encryption

Thanks! All the tests come back positive. I'm given the public IP address of my Linode as my public IP, a private IP address starting with 10, told that I'm in California, my DNS servers are all from Google, and the torrent test lists the Linode IP. Everything appears to be working. However, the connection is really slow. Files download around 100 KBps even though my connection is much faster when not connected. Is this because the traffic is routed through my Linode and back to my regular connection? I know I'm using Wi-Fi, but it's faster when not using the VPN.Where do I type those commands to verify SSL? Do I type them into the Linux console as root? Thanks for all the help.

URL: https://forum.audiogames.net/post/408050/#p408050




-- 
Audiogames-reflector mailing list
Audiogames-reflector@sabahattin-gucukoglu.com
https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector

Re: Verifying Encryption

2019-01-28 Thread AudioGames . net Forum — Off-topic room : redfox via Audiogames-reflector 


  


Re: Verifying Encryption

@chris, Slightly OT, but you might consider putting your servers info in your... damn, it just left my min what it's called, the thing you have your aac stage link in?

URL: https://forum.audiogames.net/post/408014/#p408014




-- 
Audiogames-reflector mailing list
Audiogames-reflector@sabahattin-gucukoglu.com
https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector

Re: Verifying Encryption

2019-01-28 Thread AudioGames . net Forum — Off-topic room : Ethin via Audiogames-reflector 


  


Re: Verifying Encryption

For your VPN, go to dnsleaktest.com to check for DNS leaks, whatismyipaddress.com to check if your VPN is leaking your IP address, and ipleak.net to perform a P2P torret test. To do these:* first, go to dnsleaktest.com. If the data there matches your actual ISP, country and such, your not secured by your VPN when doing DNS requests.* Next, go to whatismyipaddress.com and determine if your IP is your actual IP or your VPN's IP. If it is your real IP, your VPN is pretty much useless.* Finally, go to ipleak.net, download the torrent file in your favorite torrent client and look at the data it shows there. If it shows - again -- your actual IP, your VPN is not secure, since the torrent should only be able to track your VPN IP.This post has more informationFor non-HTTPS stuff, Quallies SSLLabs may work, though I doubt it (its mainly for looking at websites). You can either packet sniff it with wireshark and find a way to use it despite your problems with it, or run the following command in the terminal:# check that SSL even worksopenssl s_client -connect host:port# attempt certificate extraction:echo | openssl s_client -connect host:port 2>&1 | sed --quiet "/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p" | wc -l# (ensure that that prints a number greater than 0)# test for TLS 1.2 support (recommended)openssl s_client -connect host:port -tls1_2# and TLS 1.3 (probably not supported, who knows)openssl s_client -connect host:port -tls1_3# test for BEAST vulnerability# step 1 - attempt to connect without TLS at allecho | openssl s_client -connect host:port -cipher 'ALL:!RC4' -no_tls1_1 -no_tls1_2# That should give you an error# now step 2 - see if the server accepts RC4 (it shouldn't)echo | openssl s_client -connect host:port -cipher 'ALL:+RC4' -no_tls1_1 -no_tls1_2# again, it should fail with an errorAll of these commands look daunting. There is a much easier way to do this, though the above commands also work if you want to see everything that's going on. There is a script called testssl.sh. When I test my own servers I usually run it like so:# install testssl.shwget --quiet -O - https://testssl.sh > testssl.sh# test something that uses SSL/TLStestssl -e -E -s -p -S -P -c -h -U --quiet --wide --color 0 --html --htmlfile testssl.html --hints host:portYou can find out what these options do with testssl without any options.

URL: https://forum.audiogames.net/post/408008/#p408008




-- 
Audiogames-reflector mailing list
Audiogames-reflector@sabahattin-gucukoglu.com
https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector