Blog > DevSecOps > VPNNotify: A VPN Notification bot for Slack VPNNotify: A VPN Notification bot for Slack In an earlier post, we talked about how we implemented centralized authentication at Threat Stack. This project initially allowed us to create clearer access control for our servers. A side benefit of this work has allowed us to write tooling around common authentication processes. One thing we’ve wanted to do is create an alert when folks are using a VPN to connect to one of our environments. In the event of a stolen laptop and stolen credentials, a user could be alerted to someone logging in with their credentials. With OpenVPN, performing actions on a client connect is possible using a client-connect script, so in the tradition of writing small Go applications to improve visibility, we did just that. For the last few months our Slack bot VPN Notifier has been letting our engineers know when they connect into a Threat Stack environment. We’ve now done the work to open source the tool so that others can use and improve on it. We specifically mention improve, because our tool has limitations: The current version does extremely basic environment checking, and extremely basic alert suppression. Our hope is that we can collaborate with others who want to take this tool the extra mile. Using VPNNotify Our README.md has full instructions on using the tool, along with requirements. In summary, you will: Use a configuration management tool to place a configuration file (/etc/vpnnotify.json is the default) on your OpenVPN host. Use a configuration management tool to distribute a VPNnotify package. (We use FPM to make our own.) Set the client-connect option in your OpenVPN Server configuration to where you installed VPNNotify — it will read in the VPN/user details over environment variables that OpenVPN provides. Wrapping up… Getting visibility into when VPN sessions are opened on your behalf helps you know if your credentials are being misused. VPNNotify helps you do just that. We look forward to hearing how you’ll use it! Interested in VPNNotify? Check it out on GitHub. Star Additional Open Source Tools From Threat Stack If you’re interested in other open sources tools developed by Threat Stack, take a look at the following blog posts. Each provides information on how to use the tool along with a link to download it: Authkeys: Making Key-Based LDAP Authentication Faster Authkeys performs LDAP lookups of SSH keys without the need for using scripts or other interpreted code. Balancing Security and Your On-Call Rotation Using Deputize This is the tool we created and use to manage our on-call rotation at Threat Stack. Deputize uses PagerDuty’s API to get the email addresses of the engineers on call, then compares that to the named users in the on-call group, and updates accordingly. Tags:Open Source Security ToolsSecurityVPN Access NotificationVPNNotify Request a Consultation You Might Also Like... How ActiveCampaign Creates Compliance Framework Templates with Threat Stack How ThreatML Reduces the Burden on Teams Making Supervised Learning Work: Threat Stack’s Unique Data Labeling Experience For Security Categories Application Security Cloud Security Compliance Container Security & Orchestration DevSecOps General Professional Development SOC Threat Intel Threat Stack Uncategorized