Have a couple of updates to share:
I’ve updated the Seven Minute VPN scripts to:
-
Block ads by setting the VPN server itself as a DNS server using dnsmasq and populating /etc/hosts with a boatload of known ad networks from Steven Black’s master hosts file.
-
Install OpenVPN 2.3.15 as an RPM built from source instead of pulling Amazon’s package, as OpenVPN’s audits are complete and a few vulnerabilities discovered.
I’ve updated the book with the following sections:
-
Using iptables to block ports from the host itself (important for blocking port 22 on Lightsail, which doesn’t allow granular firewall rules from the AWS UI the way traditional EC2 does).
-
Added a section on adding custom OSSEC rules for OpenVPN.
-
Added a new chapter that describes how to block ads using dnsmasq and a fatty /etc/hosts file.
-
Various editorial updates, prettier notes and tips, better pagination.
-
Instructions for building OpenVPN 2.3.15 instead of using Amazon’s version (ebook only until the next print run of the book; but ebook updates are always free from Amazon if you have the book already).
Also! Good news on the ChromeOS front — OpenVPN may be updated soon! Keep an eye on this bug and this bug.