Is an employer's VPN secure?

S

selbi2017-02-26 21:41:47

openvpn

selbi, 2017-02-26 21:41:47

Dear users of the Toaster, I am contacting you for the first time and because I myself do not understand such issues at all. Please do not scold me if the topic has long been disclosed, but I did not find the answer to one simple question - does the employer see the sites I visit, and can he "steal" email passwords, for example?
The fact is that the employer gave me access to his server, but it is available only through vpn, he threw off the settings for me, everything works, but the question of security arose.
Here is the contents of the config:
port 1190
remote XX.XXX.XX.XX
proto tcp-client
dev tun
secret key.key
ifconfig 192.168.99.16
keepalive 10 120
comp-lzo
user www-data
group www-data
persist-key
persist-tun
log /var/log/openvpn05.log
verb 4
route XX.XXX.XX.XX 255.255.255.255
please tell me, is it worth worrying about personal data when you are actively connected to the employer's vpn?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

K

ky0, 2017-02-26
@selbi

If you use the VPN server as the default gateway (now, judging by the config, you have access to only one address through vpn, but in general you can send any settings when connecting), the employer’s DNS and resources whose passwords bother you, without encryption - it is quite possible to see the password in the traffic dump. Another thing is that now you still need to look for such a mail provider.
In general - if you go to sites with HTTPS and encryption is not disabled in the mail client settings - there is nothing to worry about, even if the employer wants to get something there.