The Tin Hat

VPN Kill Switch | Stop Application After VPN Disconnects

VPN Kill Switch | Stop Application After VPN Disconnects

Category: misc
A 2 Minute Read

24 Jan 2014

Image By Yutaka Tsutano

Check out my new VPN kill switch guide that uses simple firewall rules to better protect against VPN drops!

VPNs are a good way to increase your privacy, but it's not uncommon for them to disconnect. Unfortunately, when this happens it can completely nullify the benefit of using the VPN in the first place. Because of this, its important to take measures to protect you when your VPN drops.

Many VPN companies include a killswitch feature in their clients, which can make the task of protecting yourself monumentally easier. But most Linux users tend not to use the company's VPN client, often because it doesn't exist on Linux, and even more often because the NetworkManager with OpenVPN is more convenient and robust.

The downside of the NetworkManager though is that it includes no killswitch, leaving Linux users to have to resort to other options. Fortunately, there are a few ways you can protect yourself, such as setting up IPTables firewalls, configuring connections to go through proxies only accessible through the VPN, etc. While these setups definitely work, I've come across another method that works best for me: VPNDemon. This won't be long like most of my tutorials, but I thought many people might find VPNDemon useful, so I wanted to point it out.

VPNDemon is a small application which can be installed to your system, or just run as a bash script. It monitors your NetworkManager for events, specifically a VPN disconnect. When it receives this message, it will kill a particular application that you choose during setup. For example, you can connect your VPN, start up VPNDemon, set it to kill Transmission upon VPN disconnect, and it will start to monitor for when the VPN drops. If it does drop, Transmission will be killed instantly. The way I use it on my Qubes setup is to kill the NetworkManager itself, cutting the connection to the entire system.

You can find VPNDemon on GitHub. It simply needs to be extracted and executed in the terminal.

Share, Follow & Comment

Follow On Twitter

Follow On Facebook

Latest Posts

Is Bitcoin Actually Private?

A primer on privacy and Bitcoin, why it matters for fungibility, and what cryptocurrencies are trying to fix it.

Slantwise Action | How WhatsApp, Signal, and Steemit Are Feeding the Resistance

Can people meaningfully resist surveillance without knowing it?

The Internet of Things Isn't Just About Networked Juicers | Privacy, Health, & Technology

The privacy failings of the internet of things get worse when we realize its inevitable health applications

But The Data Says So | Why Data Can't Exist in a Social Vacuum

Some people still don't grasp that data can't be removed from society (and it's racist tendencies)

Tahoe-LAFS Tutorial (Part 3) | Running a Storage Node on I2P

Learn how to contribute to Tahoe-LAFS on I2P by running your own storage node!

What is Ransomware and How Do I Protect Against It?

Learn how ransomware is shutting down entire institutions, and how you can defend against it

How Secure Is Email?

A primer on email security. Learn where email is weak and how to make it stronger.

Tahoe-LAFS Tutorial (Part 2) | Running Tahoe-LAFS on I2P

Tahoe-LAFS offers decentralized, resilient, and secure storage. This tutorial shows you how to run Tahoe-LAFS using I2P on Linux

Tahoe-LAFS Tutorial (Part 1) | Decentralized Cloud Storage

Tahoe-LAFS offers decentralized, resilient, and secure storage. This tutorial is the first in a three part series that teaches you the basics of Tahoe-LAFS

How Do I Start An Anonymous Blog?

If you want to start an anonymous blog, there's a lot of considerations. This primer will point you to the tools and tips you need to get started.

Privacy in America Now Starts With a VPN | A Brief Note on Threat Modelling and Lesser Evils

American ISPs are now selling your data, and despite controversy, a VPN isn't necessarily a bad idea.

4 Reasons To Ditch Your Browser and Use Brave (and yes, one of them is Bitcoin)

Brave is disrupting the entire online advertising model for the better. Learn what it can do for you.

Is Tor Safe? | Assessing 5 Claims About Tor’s Security

Is Tor funded by the US government? Can it be hacked? Can it be broken by mere statistics? This article unpacks those claims.

ZeroNet | Introduction & Setup Tutorial

Discover how ZeroNet could revolutionize Tor and I2P's hidden services, before learning how to install it yourself

Why Location Privacy Matters

Location data says a lot about us, with or without Stingrays at work. We need to take it more seriously.

What is Device Fingerprinting?

Learn what browser fingerprinting is and how it canb e used to track you online.

How To Actually Torrent Privately & Anonymously For Free

Learn the pros and cons of using a VPN to torrent, as well as how to use I2P to anonymously torrent for free!

The Best VPN Kill Switch For Linux Using Easy Firewall Rules

Learn how to protect against your VPN disconnecting using these simple Linux firewall rules

Ledger Nano S Review | Why You Need a Bitcoin Hardware Wallet

A review of the Ledger Nano S, and an explanation of why hardware wallets just make life better when using Bitcoin

What is Two Factor Authentication (2FA) And Why Use It?

What 2FA is, why you should use it, and why we need FIDO U2F.

Support The Tin Hat on Patreon!

The Tin Hat now has a few more ways to support the site.

What is a hash?

A simple explanation of what hashing is, and how hashes are used.

Trump's Toolbox | Future Attribute Screening Technology

FAST is a program that attempts to wirelessly detect whether youre a terrorist, and its in Trump's back pocket.

uBlock Origin | The Best AdBlock Alternative

For AdBlock (Plus) alternatives, look no further than uBlock Origin. This tutorial explains why, and how, you should use it.