Month: March 2016

improving openvpn client in linux: dns bug workaround and systemd service creation

Part 1, workaround According to bug info, there is an issue with NetworkManager, it doesn’t update client’s DNS pushed by OpenVPN server. If you are using the option of routing all traffic through OpenVPN tunnel, there are no another way but updating /etc/resolv.conf manually. But it, of course, can be automated. The main idea is

Continue Reading…

COMPLETELY disable SSLv3 in nginx (avoiding POODLE attack)

Since SSLv3 is deprecated, it’s a good idea to disable it in webserver config to become invulnerable to POODLE attack (sorry, Windows XP users). The problem is, even if you disable it in config, it may be still available for negotiation! Follow the article to see the remedy for this issue. The main part is

Continue Reading…