For privacy, what should I redact when I post OpenVPN Daemon log files from Windows?
Posted: Sun Jun 04, 2017 2:46 am
For privacy, what should I redact when I post OpenVPN Daemon log files from Windows?
Specifically, did I redact the correct five items in my sample log file below in order to protect my privacy when posting log files online?
I just want to know what I need to REDACT in order to protect my privacy (e.g., my unique MAC address or my unique Internet IP address, etc.).
Here is a typical Windows log file created by sending a freely available vpngate free public VPN server *.ovpn config file to the Windows OpenVPN Daemon.
I redacted five items, but I only ask here whether I needed to redact only those five (more? fewer?) in order to protect my privacy.
The reason I ask is that I need to post some log files and I don't understand which line items I need to redact to protect my privacy.
Q: Did I redact the correct set of five privacy-related line items?
(Probably I redacted too many, but potentially I redacted too few - where it's highly unlikely I redacted just the correct amount.)
=========================================================================
Thu Jun 01 12:33:44 2017 OpenVPN 2.4.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 11 2017
Thu Jun 01 12:33:44 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Thu Jun 01 12:33:44 2017 library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.10
Thu Jun 01 12:33:44 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Jun 01 12:34:45 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]71.227.170.10:1232
Thu Jun 01 12:34:45 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Jun 01 12:34:45 2017 UDP link local: (not bound)
Thu Jun 01 12:34:45 2017 UDP link remote: [AF_INET]71.227.170.10:1232
Thu Jun 01 12:34:45 2017 TLS: Initial packet from [AF_INET]71.227.170.10:1232, sid=[#1 of 5 REDACTED]
Thu Jun 01 12:34:45 2017 VERIFY OK: depth=2, C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
Thu Jun 01 12:34:45 2017 VERIFY OK: depth=1, C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
Thu Jun 01 12:34:45 2017 VERIFY OK: depth=0, OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.opengw.net
Thu Jun 01 12:34:45 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Thu Jun 01 12:34:45 2017 [*.opengw.net] Peer Connection Initiated with [AF_INET]71.227.170.10:1232
Thu Jun 01 12:34:46 2017 SENT CONTROL [*.opengw.net]: 'PUSH_REQUEST' (status=1)
Thu Jun 01 12:34:47 2017 PUSH: Received control message: 'PUSH_REPLY,ping 3,ping-restart 10,ifconfig 10.211.1.1 10.211.1.2,dhcp-option DNS 10.211.254.254,dhcp-option DNS 8.8.8.8,route-gateway 10.211.1.2,redirect-gateway def1'
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: route options modified
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: route-related options modified
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Jun 01 12:34:47 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jun 01 12:34:47 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun 01 12:34:47 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jun 01 12:34:47 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun 01 12:34:47 2017 interactive service msg_channel=0
Thu Jun 01 12:34:47 2017 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=9 HWADDR=[#2 of 5 REDACTED]
Thu Jun 01 12:34:47 2017 open_tun
Thu Jun 01 12:34:47 2017 TAP-WIN32 device [Ethernet] opened: \\.\Global\{#3 of 5 REDACTED}.tap
Thu Jun 01 12:34:47 2017 TAP-Windows Driver Version 9.21
Thu Jun 01 12:34:47 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.211.1.1/255.255.255.252 on interface {#4 of 5 REDACTED} [DHCP-serv: 10.211.1.2, lease-time: 31536000]
Thu Jun 01 12:34:47 2017 Successful ARP Flush on interface [8] {#5 of 5 REDACTED}
Thu Jun 01 12:34:47 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Jun 01 12:34:52 2017 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Thu Jun 01 12:34:52 2017 C:\WINDOWS\system32\route.exe ADD 71.227.170.10 MASK 255.255.255.255 192.168.1.1
Thu Jun 01 12:34:52 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu Jun 01 12:34:52 2017 Route addition via IPAPI succeeded [adaptive]
Thu Jun 01 12:34:52 2017 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.211.1.2
Thu Jun 01 12:34:52 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu Jun 01 12:34:52 2017 Route addition via IPAPI succeeded [adaptive]
Thu Jun 01 12:34:52 2017 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.211.1.2
Thu Jun 01 12:34:52 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu Jun 01 12:34:52 2017 Route addition via IPAPI succeeded [adaptive]
Thu Jun 01 12:34:52 2017 Initialization Sequence Completed
=========================================================================
Specifically, did I redact the correct five items in my sample log file below in order to protect my privacy when posting log files online?
I just want to know what I need to REDACT in order to protect my privacy (e.g., my unique MAC address or my unique Internet IP address, etc.).
Here is a typical Windows log file created by sending a freely available vpngate free public VPN server *.ovpn config file to the Windows OpenVPN Daemon.
I redacted five items, but I only ask here whether I needed to redact only those five (more? fewer?) in order to protect my privacy.
The reason I ask is that I need to post some log files and I don't understand which line items I need to redact to protect my privacy.
Q: Did I redact the correct set of five privacy-related line items?
(Probably I redacted too many, but potentially I redacted too few - where it's highly unlikely I redacted just the correct amount.)
=========================================================================
Thu Jun 01 12:33:44 2017 OpenVPN 2.4.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 11 2017
Thu Jun 01 12:33:44 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Thu Jun 01 12:33:44 2017 library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.10
Thu Jun 01 12:33:44 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Jun 01 12:34:45 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]71.227.170.10:1232
Thu Jun 01 12:34:45 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Jun 01 12:34:45 2017 UDP link local: (not bound)
Thu Jun 01 12:34:45 2017 UDP link remote: [AF_INET]71.227.170.10:1232
Thu Jun 01 12:34:45 2017 TLS: Initial packet from [AF_INET]71.227.170.10:1232, sid=[#1 of 5 REDACTED]
Thu Jun 01 12:34:45 2017 VERIFY OK: depth=2, C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
Thu Jun 01 12:34:45 2017 VERIFY OK: depth=1, C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
Thu Jun 01 12:34:45 2017 VERIFY OK: depth=0, OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.opengw.net
Thu Jun 01 12:34:45 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Thu Jun 01 12:34:45 2017 [*.opengw.net] Peer Connection Initiated with [AF_INET]71.227.170.10:1232
Thu Jun 01 12:34:46 2017 SENT CONTROL [*.opengw.net]: 'PUSH_REQUEST' (status=1)
Thu Jun 01 12:34:47 2017 PUSH: Received control message: 'PUSH_REPLY,ping 3,ping-restart 10,ifconfig 10.211.1.1 10.211.1.2,dhcp-option DNS 10.211.254.254,dhcp-option DNS 8.8.8.8,route-gateway 10.211.1.2,redirect-gateway def1'
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: route options modified
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: route-related options modified
Thu Jun 01 12:34:47 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Jun 01 12:34:47 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jun 01 12:34:47 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun 01 12:34:47 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jun 01 12:34:47 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun 01 12:34:47 2017 interactive service msg_channel=0
Thu Jun 01 12:34:47 2017 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=9 HWADDR=[#2 of 5 REDACTED]
Thu Jun 01 12:34:47 2017 open_tun
Thu Jun 01 12:34:47 2017 TAP-WIN32 device [Ethernet] opened: \\.\Global\{#3 of 5 REDACTED}.tap
Thu Jun 01 12:34:47 2017 TAP-Windows Driver Version 9.21
Thu Jun 01 12:34:47 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.211.1.1/255.255.255.252 on interface {#4 of 5 REDACTED} [DHCP-serv: 10.211.1.2, lease-time: 31536000]
Thu Jun 01 12:34:47 2017 Successful ARP Flush on interface [8] {#5 of 5 REDACTED}
Thu Jun 01 12:34:47 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Jun 01 12:34:52 2017 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Thu Jun 01 12:34:52 2017 C:\WINDOWS\system32\route.exe ADD 71.227.170.10 MASK 255.255.255.255 192.168.1.1
Thu Jun 01 12:34:52 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu Jun 01 12:34:52 2017 Route addition via IPAPI succeeded [adaptive]
Thu Jun 01 12:34:52 2017 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.211.1.2
Thu Jun 01 12:34:52 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu Jun 01 12:34:52 2017 Route addition via IPAPI succeeded [adaptive]
Thu Jun 01 12:34:52 2017 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.211.1.2
Thu Jun 01 12:34:52 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Thu Jun 01 12:34:52 2017 Route addition via IPAPI succeeded [adaptive]
Thu Jun 01 12:34:52 2017 Initialization Sequence Completed
=========================================================================