ExpressVPN

From neil.tappsville.com
Revision as of 02:03, 24 February 2020 by Gonzo (talk | contribs) (Created page with "=expressVPN= What is the next thing to test once the LI functions are working.. do what the bad guys do. Scenario: ISP -> External Router --> Internal Router with OpenVPN --...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

expressVPN

What is the next thing to test once the LI functions are working.. do what the bad guys do.

Scenario: ISP -> External Router --> Internal Router with OpenVPN --> Test Host.

Observations

What is seen

DNS

tshark dump of dns requests - endpoint is resolved as the expressVPN openVPN tunnel is established, no dns requests from the client behind the internal router from this point on. 

SOURCEv4  ISP_DNS     newzealand-ca-version-2.expressnetw.com
SOURCEv4  ISP_DNS     newzealand-ca-version-2.expressnetw.com
SOURCEv6 ISP_DNSv61        newzealand-ca-version-2.expressnetw.com
SOURCEv6 ISP_DNSv6 newzealand-ca-version-2.expressnetw.com
SOURCEv6 ISP_DNSv61        Nz.pool.ntp.org
SOURCEv6 ISP_DNSv61        Nz.pool.ntp.org
SOURCEv4  ISP_DNS     cp4g55kg60mlqmrmv8z6jfm80qpadm1ltnxjura672orzjpyidmmz9ivqlmsqu8.xpressunblock.com
SOURCEv4  ISP_DNS     cp4g55kg60mlqmrmv8z6jfm80qpadm1ltnxjura672orzjpyidmmz9ivqlmsqu8.xpressunblock.com
SOURCEv6 ISP_DNSv61        cp4g55kg60mlqmrmv8z6jfm80qpadm1ltnxjura672orzjpyidmmz9ivqlmsqu8.xpressunblock.com
SOURCEv6 ISP_DNSv6 cp4g55kg60mlqmrmv8z6jfm80qpadm1ltnxjura672orzjpyidmmz9ivqlmsqu8.xpressunblock.com

HTTP / Other

Nothing seen from inside the tunnel.

Retrieved from "https://neil.tappsville.com/index.php?title=ExpressVPN&oldid=295"