03-01-2023, 10:38 PM
(03-01-2023, 09:31 PM)Exiled Yorkshireman Wrote:(03-01-2023, 06:34 PM)Nick Wrote: As mentioned, it's what happens at and after the target VPN server that matters.
I think you misunderstand. Wireguard is a VPN that runs on your Pi. The target VPN server is your own. No third party involvement at all. It doesn't provide any additional benefits on your home network, but really helps with your mobile devices.
Nope. I don't misunderstand.
Wireguard is a cross-platform suite of programs that implement the Wireguard VPN protocol over a wide range of devices and operating systems, of which an RPi running Linux is just but one. Several commercial offerings are also built around the Wireguard protocol, but not necessarily with wireguard-provided client or server code
I currently run several instances of Wireguard style servers, mainly, but not exclusively, on Digital Ocean droplets but hosted in different countries; typically these are Algo-managed instances.
I presume from what you have now said that you are using Wireguard from your mobile devices into your home network, tunneling through your domestic firewall. Your mobile devices then appear to be emanating from your domestic IP address for the purposes of tracking. This is a decent approach and will certainly help your mobile security as you have control of the destination server.
Depending on the resulting DNS configuration you could still be subject to a MitM attack via DNS poisoning once traffic is outside your network. i.e. as mentioned, upstream DNS handling is important.
It's really difficult to cover all bases completely. Actually, nobody can, it's always a process of risk management/mitigation and compromise.
sıʌǝɹq ɐʇıʌ `ɐƃuol sɹɐ
ʞɔıu
ʞɔıu
