Discussion:
Is there evidence that the open-source OpenVPN is a "honeypot"? If so, what openvpn client do you suggest that isn't?
Add Reply
Bob J Jones
2018-05-28 16:07:33 UTC
Reply
Permalink
Raw Message
In another thread on a process to get all users (even noobs) up to speed in
minutes on testing out a vpn process with an integrated killswitch, the old
Usenet netizen Shadow brought up this statement with regards to OpenVPN
open-source code.
https://openvpn.net/index.php/open-source/downloads.html
Florida, USA.
Honeypot anyone ?
Shadow's implication is that the open-source OpenVPN client is a honeypot.

First question of the tribe:
Q1: Is there any evidence that the open-source OpenVPN client is a honeypot?
A1: ?

Second (related) question (depending on the answer above):
If evidence of honeypot exists, then...

Q2: What is a "safer" open-source openvpn client to suggest noobs use?
A2: ?
Mike Easter
2018-05-28 16:14:14 UTC
Reply
Permalink
Raw Message
Post by Bob J Jones
In another thread on a process to get all users (even noobs) up to speed in
minutes on testing out a vpn process with an integrated killswitch, the old
Usenet netizen Shadow brought up this statement with regards to OpenVPN
open-source code.
Once upon a time, I encountered a discussion in a newsgroup which
provided a link to a website which had a significant 'system' for
evaluating the various VPNs in a variety of parameters which included
what I would call 'integrity' in that regard.

At this time, I can recall neither the group nor the website nor any
useful terms I might use to find it again. I only recall that at that
time I found ProtonVPN.
--
Mike Easter
Mike Easter
2018-05-28 16:28:55 UTC
Reply
Permalink
Raw Message
Post by Mike Easter
Post by Bob J Jones
In another thread on a process to get all users (even noobs) up to
speed in minutes on testing out a vpn process with an integrated
killswitch, the old Usenet netizen Shadow brought up this statement
with regards to OpenVPN open-source code.
Once upon a time, I encountered a discussion in a newsgroup which
provided a link to a website which had a significant 'system' for
evaluating the various VPNs in a variety of parameters which included
what I would call 'integrity' in that regard.
The site which was helpful to me was https://thatoneprivacysite.net/
https://thatoneprivacysite.net/vpn-section/
--
Mike Easter
Mike Easter
2018-05-28 16:48:13 UTC
Reply
Permalink
Raw Message
Post by Mike Easter
Post by Bob J Jones
OpenVPN open-source code.
The site which was helpful to me was https://thatoneprivacysite.net/
https://thatoneprivacysite.net/vpn-section/
I realize now that I was addressing a different issue than what you were
implying; that there is something 'wrong with' the openvpn client. I
was concerning my answer with vpn *services* which might be honeypots.

I don't believe that I would interpret Shadow's question mark the same
way you did. A client, particularly an opensource one, is not a
(likely) 'honeypot' per se.

When the term 'honeypot' is used in the context of VPN, I think of VPN
*services* which are honeypots/traps, not the VPN *client*.

In that regard, the site above is useful, not in regard to your original
question, to which I have no information whatsoever, except that I
consider it/ the question/ misguided.
Post by Mike Easter
Florida, USA.
Honeypot anyone ?
[]'s
--
Mike Easter
Bob J Jones
2018-05-28 18:43:19 UTC
Reply
Permalink
Raw Message
Post by Mike Easter
I realize now that I was addressing a different issue than what you were
implying; that there is something 'wrong with' the openvpn client. I
was concerning my answer with vpn *services* which might be honeypots.
I don't believe that I would interpret Shadow's question mark the same
way you did. A client, particularly an opensource one, is not a
(likely) 'honeypot' per se.
Hi Mike,
You're always helpful, where I too, at first, interpreted Shadow's remarks
to be aimed at the "VPN Service" and not the "VPN Client", so we both made
the same mistake initially (and then we both realized it).

I realized my initial mistake, which is why I opened this separate thread,
since I didn't wish to cloud the original thread with these details for
experts (which would only confuse the noobs for which the first thread was
opened):
<https://groups.google.com/d/msg/microsoft.public.windowsxp.general/56KgMK6n090/mPGfoLK6AQAJ>

In reality, it's still worth a discussion on *both* the honeypot potential
of either the client or of the service, but I do agree with you that the
open-source OpenVPN client that Shadow implied was a potential "honeypot"
is not likely to be a honeypot, since, well, since we can "assume" that
experts have looked at the code to see if that code phones home or if it
has other obvious weaknesses.

If that assumption is wrong .... well then ... the old adages apply.

In reality, we do not know what Shadow's intent was, since he clearly
stated it was the "client" that he felt was a potential honeypot, but where
most of the time the honeypot is said to be the "vpn server".

What irks me mostly, is that all of us old farts respond to keywords only
sometimes, where Shadow clearly responded to the keywords only, and not to
the actual topic of the thread.

I appreciate that you, Mike, and I, corrected ourselves.
It's time for Shadow (who is well respected here) to explain what he meant
when he implied that the open-source OpenVPN client was a "honeypot".
<https://groups.google.com/d/msg/microsoft.public.windowsxp.general/56KgMK6n090/mPGfoLK6AQAJ>
Mike Easter
2018-05-28 19:04:09 UTC
Reply
Permalink
Raw Message
he clearly stated it was the "client" that he felt was a potential
honeypot,
I don't see him clearly stating that.

I see him isolating the link you posted to the openvpn site; then I see
him saying 'Florida USA' which means nothing to me in that context, and
ONLY THEN do I see him using the word honeypot with a question mark.

I don't know why he said Florida USA yet and it seems to me that he
questioned honeypot in his own Florida context, not the openvpn context.

The Florida line understanding is essential to interpret anything after
that.
--
Mike Easter
Bob J Jones
2018-05-28 19:13:45 UTC
Reply
Permalink
Raw Message
Post by Mike Easter
I don't see him clearly stating that.
I see him isolating the link you posted to the openvpn site; then I see
him saying 'Florida USA' which means nothing to me in that context, and
ONLY THEN do I see him using the word honeypot with a question mark.
I don't know why he said Florida USA yet and it seems to me that he
questioned honeypot in his own Florida context, not the openvpn context.
The Florida line understanding is essential to interpret anything after
that.
Agreed fully.
I too didn't understand the "Florida" reference.
A whois isn't all that helpful to me on the canonical OpenVPN site either.

Domain Name: OPENVPN.NET
Registry Domain ID: 98774107_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http://networksolutions.com
Updated Date: 2017-02-09T22:20:58Z
Creation Date: 2003-06-05T05:25:35Z
Registry Expiry Date: 2022-06-05T05:25:35Z
Registrar: Network Solutions, LLC.
Registrar IANA ID: 2
Registrar Abuse Contact Email: ***@web.com
Registrar Abuse Contact Phone: +1.8003337680
Domain Status: clientTransferProhibited
https://icann.org/epp#clientTransferProhibited
Name Server: ERIN.NS.CLOUDFLARE.COM
Name Server: RICK.NS.CLOUDFLARE.COM
DNSSEC: unsigned

Server Name: NETWORKSOLUTIONS.COM
IP Address: 205.178.187.13
Registrar: Network Solutions, LLC.
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http://networksolutions.com
Domain Name: NETWORKSOLUTIONS.COM
Registry Domain ID: 4548132_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http://networksolutions.com
Updated Date: 2012-04-26T20:16:59Z
Creation Date: 1998-04-27T04:00:00Z
Registry Expiry Date: 2022-04-26T04:00:00Z
Registrar: Network Solutions, LLC.
Registrar IANA ID: 2
Registrar Abuse Contact Email: ***@web.com
Registrar Abuse Contact Phone: +1.8003337680
Name Server: NS1.NETSOL.COM
Name Server: NS2.NETSOL.COM
Name Server: NS3.NETSOL.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form:
https://www.icann.org/wicf/
Last update of whois database: 2018-01-25T00:41:15Z

So we'll just have to wait to see what Shadow (who is generally well
respected) has to say as to why he implied that:
a. The canonical OpenVPN client download site
b. is a honeypot
c. from Florida

It could be he just pasted the wrong URL, where he was then implying that
one of the freely available openvpn configuration files to public servers
was "from Florida", but even if it was from Florida, they're all from
somewhere so I don't see the significance of Florida.

If they geolocated to Fort Meade, that would be a different thing
altogether though, but even the NSA wouldn't be that obvious when setting
up a honeypot free public VPN server.
Doomsdrzej
2018-05-28 16:36:31 UTC
Reply
Permalink
Raw Message
On Mon, 28 May 2018 16:07:33 +0000 (UTC), Bob J Jones
Post by Bob J Jones
In another thread on a process to get all users (even noobs) up to speed in
minutes on testing out a vpn process with an integrated killswitch, the old
Usenet netizen Shadow brought up this statement with regards to OpenVPN
open-source code.
https://openvpn.net/index.php/open-source/downloads.html
Florida, USA.
Honeypot anyone ?
Shadow's implication is that the open-source OpenVPN client is a honeypot.
Q1: Is there any evidence that the open-source OpenVPN client is a honeypot?
A1: ?
No.
Post by Bob J Jones
If evidence of honeypot exists, then...
Q2: What is a "safer" open-source openvpn client to suggest noobs use?
A2: ?
OpenVPN is very secure in addition to having excellent performance.
nospam
2018-05-28 16:37:41 UTC
Reply
Permalink
Raw Message
Post by Doomsdrzej
Post by Bob J Jones
Q2: What is a "safer" open-source openvpn client to suggest noobs use?
A2: ?
OpenVPN is very secure in addition to having excellent performance.
secure, yes. excellent performance, no.
Bob J Jones
2018-05-28 19:06:15 UTC
Reply
Permalink
Raw Message
Post by nospam
secure, yes. excellent performance, no.
Some day nospam, you're gonna actually add value to a technical discussion.

But not today, it seems.
Bob J Jones
2018-05-28 19:16:48 UTC
Reply
Permalink
Raw Message
Post by Doomsdrzej
OpenVPN is very secure in addition to having excellent performance.
Thanks.

That's why I had suggested it to noobs, but Shadow (who is generally
respected) seemed to imply otherwise over here...
<https://groups.google.com/d/msg/microsoft.public.windowsxp.general/56KgMK6n090/mPGfoLK6AQAJ>
Loading...