Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
openvpn-access-server-scripts
Advanced tools
npm module containing scripts that are used to run further setup steps on the OpenVPN and PiHole EC2 instances created in the openvpn-access-server-infra CDK project
A node module that holds a collection of scripts that will be used by EC2 instances spawned in the openvpn-access-server-infra infrastructure deployment to complete the setup of OpenVPN Access Server and PiHole.
Scripts in this module are not standalone. They are built specifically to run based on infrastructure that has been set up in
openvpn-access-server-infra
. Usage of these scripts beyond that context may not have desired results.
Example to run the OpenVPN script:
npx openvpn-access-server-scripts setup-openvpn -i 1.0.0.1 -d domain.foo-bar.com -e foo@bar.com -b foo-bar-bucket -r ap-southeast-1 -u user -p 123@abc -c staging
Example to run the PiHole script:
npx openvpn-access-server-scripts setup-pihole -r ap-southeast-1 -p abc!@123
setup-openvpn
This function:
-i, --ip
is defined)After requesting a new certificate, this function will store the generated certificate in an S3 bucket for reuse. This is because there's a rate limit of 5 certificates for the same domain name per week. If a certificate already exists, this function will get those artifacts and reuse them when assigning the certificate to OpenVPN Access Server.
Option | Required | Description |
---|---|---|
-i --ip | :x: | The private ip address of the upstream dns ec2 instance |
-d --domain-name | :heavy_check_mark: | The FQDN to be used for certificate registration |
-e --email | :heavy_check_mark: | The email to use for certificate registration |
-b --bucket | :heavy_check_mark: | The S3 Bucket to store/obtain certificate artifacts |
-r --region | :heavy_check_mark: | The AWS region for the S3 SDK client to use |
-u --user-name | :heavy_check_mark: | The default vpn client username |
-p --user-password | :heavy_check_mark: | The default vpn client password (special characters need to be escaped before they are passed here) |
-c --cert-environment | :x: | Which environment should be used when requesting SSL cert from Lets Encrypt (staging, production) |
setup-pihole
Installs Pi Hole as a DNS server for Ad Blocking and sets up Unbound to serve as a recursive DNS service. Also installs some additional tooling to enhance Pi Hole functionality.
Option | Required | Description |
---|---|---|
-r --region | :heavy_check_mark: | The AWS region for the S3 SDK client to use |
-p --password | :heavy_check_mark: | The pi hole web interface password (special characters need to be escaped before they are passed here) |
A note about versions:
Versioning follows semantic versioning.
semver
is installed to help with this.
To create a beta release:
npm run publish:beta
To create a patch
release:
npm run publish
FAQs
npm module containing scripts that are used to run further setup steps on the OpenVPN and PiHole EC2 instances created in the openvpn-access-server-infra CDK project
The npm package openvpn-access-server-scripts receives a total of 0 weekly downloads. As such, openvpn-access-server-scripts popularity was classified as not popular.
We found that openvpn-access-server-scripts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.