OVPN does not log any activity whatsoever for users connected to our VPN servers. We do not know who is connected, what they are doing, or when they are doing it.
We’ve put a lot of effort into making sure that it’s completely impossible for our VPN and DNS servers to store any logs with user activity. If you want to know how we achieved this, read on!
We have three layers of security. The first layer is what we can software security - and what this article focuses on. The second layer of security is our strong physical security, and the third layer is our legal insurance security.
OpenVPN
Currently, OVPN only uses OpenVPN as it is considerably safer than other VPN protocols. However, OpenVPN allows logging of everything going on in the VPN tunnel, which we absolutely want to prevent.
In the server configuration for OpenVPN, we’ve entered the following lines:
log /dev/null
status /dev/null
The log parameter creates a file that, among other things, stores the IP address used when using the client and at what time this occurred. By reading the log file, you can then retroactively correlate who was connected to the VPN service and at what time.
This is very sensitive information, and neither we nor our customers want it to ever exist. Our configuration allows us to discard this information by sending this information directly to /dev/null since we want to get rid of it altogether.
The status parameter creates a file showing all connected clients with their corresponding MAC address. This information is also highly sensitive and nothing we want to keep. We treat this log in the same way as the log parameter and send it straight to /dev/null and get rid of it.
We didn’t stop at just inactivating the logs with our configuration. We also use AppArmor to remove all writing rights that OpenVPN doesn’t need to function.
The AppArmor configuration we’ve setup is:
/{,var/}run/openvpn/*.pid rw,
/dev/net/tun rw
OpenVPN thus only maintains the writing rights needed to function and nothing else.
It’s completely impossible for OpenVPN to log any information since it has no writing privileges for it.
DNS - Bind9
OVPN operates its own DNS servers to prevent our customers from getting DNS leaks. A DNS server is able to log every request you send to it. Again, this is something we want to prevent, and we changed the DNS configuration into the following:
logging {
category client { null; };
category config { null; };
category database { null; };
category default { null; };
category delegation-only { null; };
category dispatch { null; };
category dnssec { null; };
category general { null; };
category lame-servers { null; };
category network { null; };
category notify { null; };
category queries { null; };
category resolver { null; };
category rpz { null; };
category rate-limit { null; };
category security { null; };
category unmatched { null; };
category update { null; };
category update-security { null; };
category xfer-in { null; };
category xfer-out { null; };
};
Every log is completely inactivated. And yet again, we didn’t stop there. We’ve also activated AppArmor to remove the writing rights that Bind9 don’t need in order to operate.
The AppArmor configuration for the writing rights is:
/var/lib/named/var/lib/bind/** rw,
/var/lib/named/var/lib/bind/ rw,
/var/lib/named/var/cache/bind/** lrw,
/var/lib/named/var/cache/bind/ rw,
/var/lib/named/var/run/** lrw,
/var/lib/named/var/run/ rw,
/{,var/}run/named/named.pid w,
/{,var/}run/named/session.key w,
As you can see, Bind9 only retains the writing rights absolutely necessary to operate. Our configurations make it impossible for our DNS servers to log anything at all.
Conclusion
Our customers can relax! We’ve worked hard to prevent any logs from being generated in any of the software or the servers needed to run our services. We also use the strongest encryption for all traffic going through our VPN service.
As mentioned in the beginning of this article, we've also implemented a strong physical security - something that we're very excited about. We even have an insurance that covers legal expenses - which means we have the capability of taking any requests of user information to court and battle them there, right in the open.
Are you currently using another VPN provider? Have they told you about the precautions they’ve taken to make sure that no logs with sensitive information are kept on their servers, and how they guarantee your safety?