Comments (2)
Awesome! Thank you very much for the explanations! And for the script too!!
from vpn-slice.
It's a good question.
Can my network admin (who provides the VPN) identify that I have exposed the private network ?
No. From the VPN administrator's perspective, there is no sign that you have configured your routing on the client side differently from the default. Lots of VPN client software spies on your computer and reveals details of client-side routing and security configuration (!!!), but openconnect does not do this unless you really insist on it and use a wrapper script to protect your system.
Perhaps the VPN administrator will see that you are only ever connecting to 2-3 internal IP addresses, whatever you've whitelisted with vpn-slice, but… so what? Maybe it's your personal practice not to use the Internet when your access is going through the corporate VPN. Lots of people I know do that.
I was wondering if you could explain what risks, if any, I am taking by using vpn-slice.
By giving you more control over the routing config, vpn-slice certainly makes it possible for you to evade or subvert the firewalls around a corporate network, which is probably why few corporate VPNs offer split tunneling by default.
- You could connect to multiple VPNs and bridge them. Let's say you are a contractor who has access to both Apple's VPN and Samsung's VPN, and you connect to both simultaneously and configure the routing badly… they will probably not be thrilled to see packets from each others' internal networks 😛
- If you have a virus or other malware on your computer, it could steal data from the corporate network and then pass it to a server on the public internet, without the corporate firewalls having a chance to intercept its outgoing traffic.
from vpn-slice.
Related Issues (20)
- Eliminate deprecated route cache flushing
- Connect WSL2 with openconnect and vpn-slice, to use windows apps like a pro HOT 1
- Use syscall instead of subprocess HOT 2
- Connect to IP on non http/s ports HOT 3
- current `vpn-slice` fails with `(22, 'Invalid argument')` HOT 6
- vpn-slice fails to install on Fedora 37 HOT 2
- Cannot read/write /etc/hosts with no-ns-hosts option HOT 2
- Please release a new version of the master branch HOT 5
- Split DNS check incorrectly uses ResolveConfSplitDNSProvider on Fedora 37 HOT 7
- vpn-slice==0.16.1 raise PackageNotFoundError(name) HOT 4
- Question (not bug): Kerberos SSO over VPN-Slice HOT 2
- Specifying a route with a non-default port HOT 2
- loading stuck HOT 1
- WARNING: no split dns provider available; can't split dns HOT 1
- Exclude hosts by name HOT 1
- Routes cleanup on disconnect HOT 2
- --dump option causes crash when using one or more host-to-ip aliases
- Split DNS not working when using `--background` flag HOT 6
- hostname args ineffective in background mode on openconnect HOT 12
- New issue with openconnect/vpn-slice due to env change? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vpn-slice.