Shows bits, netmask, first IP, last IP, number of IPs in range
Encrypt traffic between 2 locations.
SSL vs IPSec VPNs
2 forms:
- site-to-site VPNs - usually between two datacenters or an office and a datacenter
- client-to-site VPNs - usually between your desktop / laptop and the office or datacenter
- consumer VPNs - these are client-to-site VPNs that are used to encrypt traffic so your ISP can't snoop on you, or to change your geographic location to watch Netflix or other streaming services that may not be available where you are physically located or may have restricted shows by country
OpenVPN is the open source standard for VPNs.
Several products are build on this open source base software and use it under the hood, eg. Tunnelblick.
Standard open source GUI client on Mac that can connect to OpenVPN.
- OpenVPN Client
- Perimeter 81 - user friendly VPN
- NordVPN - commercial well-established with a kill-switch to reduce risk of leakage
- TunnelBear - consumer VPN with free tier
- Proton VPN - free to use privacy from your internet / wifi hotspot provider. Pay for more features or server locations. This often breaks DNS resolution when connecting/disconnecting on Mac. Workaround:
dscacheutil -flushcache
sudo killall -HUP mDNSResponder
If you are sourcing DevOps-Bash-tools repo in your .bashrc
there is a shell function
shortcut so you can just run: flushdns
.
fingerprint.com can still sort of identify you using a hash of common characteristics. Click the link from Incognito/Private Browsing and on/off VPN to see
Documentation:
Open source library (TODO read this code):
https://github.com/fingerprintjs/fingerprintjs
ping 4.2.2.1
On Linux:
route -n
On Windows or Mac:
netstat -rn
Look up a well known public DNS address:
On Linux or Mac:
host google.com
On Windows:
nslookup google.com
route add ...
ip route ...
...that you are NAT'd through as well as geolocation and other details:
curl ifconfig.co
iptables -nL -line-numbers