Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 2f5bd1a

Browse files
stacyspivastacyspiva
committed
gateway article
1 parent 9c09da5 commit 2f5bd1a

File tree

1 file changed

+63
-17
lines changed

1 file changed

+63
-17
lines changed

docs/hackers/configure-the-hackerone-vpn.md

Lines changed: 63 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -4,31 +4,77 @@ path: "/hackers/configure-the-hackerone-vpn.html"
44
id: "hackers/configure-the-hackerone-vpn"
55
---
66

7-
Certain programs require you to have your own VPN instance and credentials on HackerOne Gateway (VPN) in order to search for vulnerabilities. You can configure HackerOne Gateway (VPN) to start your own VPN instance and retrieve your credentials.
7+
HackerOne Gateway (VPN) specific programs require you to be connected to the HackerOne Gateway (VPN) instance in order to search for vulnerabilities. In joining a Gateway (VPN) program, HackerOne will capture all of the VPN packet data you generate with your work on the program.
88

9-
><i>Note: HackerOne Gateway (VPN) is currently only enabled for a few select programs. You can only access the VPN Credentials if you've accepted an invitation to a Gateway(VPN) enabled program.</i>
9+
All captured packet data will be securely deleted from all HackerOne systems after 1-year following the completion of the program. HackerOne will only use the captured packet data for:
10+
* Troubleshooting and debugging
11+
* Incident responses
12+
* Generating statistics for reports to programs
1013

11-
### Gateway (VPN) Configuration
12-
To configure the HackerOne Gateway (VPN):
13-
1. [Install the HackerOne VPN Root CA](/hackers/hackerone-vpn-root-ca.html).
14-
2. Download your Gateway(VPN) Credentials from HackerOne (See: <i>Accessing your Gateway (VPN) Credentials</i> below)
15-
3. [Configure your OpenVPN Client](/hackers/openvpn-clients.html).
14+
HackerOne will not use the captured packet data for any other purposes and will only be shared with the program. The program may retain the data for compliance and auditing.
1615

17-
### Accessing your Gateway (VPN) Credentials
16+
Programs requiring Gateway (VPN) enable them to have granular control over your activities on their program and assets.
1817

19-
Once you've configured HackerOne Gateway (VPN) and accepted an invitation to a Gateway (VPN) enabled program, to access your Gateway (VPN) Credentials:
18+
> **Note:** You can only access the HackerOne Gateway (VPN) if you've accepted an invitation to a Gateway(VPN) enabled program.
2019
21-
1. Go to your <b>Settings > VPN</b>.
22-
2. Click <b>Create credentials</b> to generate your Gateway (VPN) credentials. <i>Note: It'll take a few minutes to generate your credentials. Sorry for the wait!</i>
20+
If you have trouble installing the Gateway (VPN) or have additional feedback, please reach out to [[email protected]](mailto:[email protected]).
2321

24-
![vpn home page](./images/vpn-1.png)
22+
### Set up
2523

26-
3. Click <b>Download</b> to download the <code>hackerone.ovpn</code> file.
24+
To join a program that uses VPN and to set up the HackerOne Gateway (VPN):
25+
1. Click **View Invitation** in the email for the Gateway program you’ve been invited to.
26+
2. Look over the program details on the program page.
27+
3. Click **Start hacking** to join the program.
28+
4. Click **Configure VPN** in the banner on the program page. This will take you to the main Gateway (VPN) page where you can configure your VPN on HackerOne. You can also visit the Gateway (VPN) page directly by going to: https://hackerone.com/setting/vpn
2729

28-
![vpn download link](./images/vpn-2.png)
30+
![banner to configure VPN](./images/gateway-1.png)
2931

30-
4. Import the <code>hackerone.ovpn</code> file in the OpenVPN client that you've configured.
32+
5. Wait a couple of seconds for HackerOne to create your VPN configurations and add Gateway locations. You’ll see these 2 Gateway locations once your VPNs have been configured:
33+
<ul><li>Oregon, USA
34+
<li>Mumbai, India</li></ul>
35+
*These are currently the only 2 regions where HackerOne has Gateways instances available. Your latency is determined by how close you are to a Gateway location. The closer you are to a location, the better your latency.*
3136

32-
You'll be able to access your Gateway (VPN) credentials and work securely within HackerOne Gateway (VPN) to search for vulnerabilities. Every hacker will have their own Gateway (VPN) instance. You can check to see that your Gateway (VPN) instance is running successfully on the Gateway (VPN) page.
37+
![image](./images/gateway-2.png)
3338

34-
If you have trouble installing the Gateway (VPN), or have additional feedback, please reach out to [[email protected]](mailto:[email protected])
39+
6. Click **Download configuration** for each Gateway location you want to use.
40+
41+
![image](./images/gateway-3.png)
42+
43+
7. [Install the HackerOne VPN Root CA](/hackers/hackerone-vpn-root-ca.html).
44+
8. [Configure your OpenVPN Client](/hackers/openvpn-clients.html).
45+
46+
### Using Gateway (VPN)
47+
48+
Once you’ve set up your Gateway (VPN) configurations, to start using Gateway:
49+
1. Go to your profile’s **Settings > [Gateway (VPN)](https://hackerone.com/setting/vpn)**.
50+
2. Click **Start** to start running the VPN instance for the location of your choice. It’s best to use the location with the lowest latency (time it takes for your request to get to your Gateway instance).
51+
52+
It can take several minutes for the VPN instance to boot up and get configured. When the VPN instance is ready to run, there will be a banner that says Running.
53+
54+
![image](./images/gateway-4.png)
55+
56+
While the Gateway is running, your packet data will be recorded as you search for vulnerabilities.
57+
58+
>**Note:** If you’re a part of a *Full Tunnel* Gateway program, all of your activity will be captured while your VPN instance is running. Please be sure to avoid logging in to accounts where personal information can be recorded such as bank accounts.
59+
60+
### Switching Gateway Locations
61+
Sometimes the latency for the VPN instance that you’re currently running might be higher than the other, resulting in a slower connection. In that case, it’s best if you switch the location running your VPN instance.
62+
63+
To switch the location running your VPN instance:
64+
1. Go to your profile’s **Settings > [Gateway (VPN)](https://hackerone.com/setting/vpn)**.
65+
2. Click **Switch** next to the new location you want to start running an instance on.
66+
67+
The VPN instance running on the previous location will automatically stop and the VPN instance at the new location will then start to run.
68+
69+
Each time you experience a high latency in one location, you can switch back and forth between the other location to see if that will give you a lower latency.
70+
71+
### Types of VPN Programs
72+
You can keep track of all of the Gateway (VPN) programs you’re a part of in the Programs section on the bottom of the Gateway (VPN) page. Programs with different VPN requirements will be noted next to the program name with these tags:
73+
74+
Tag | Details
75+
--- | --------
76+
Full Tunnel | All traffic from your computer will be routed through the Gateway (VPN) while your VPN instance is running.
77+
Split Tunnel | Only traffic intended for assets in scope of the program(s) will be routed through the Gateway (VPN). Programs without the Full Tunnel label are a part of the Split Tunnel VPN. <p><p>*Note: If you’re a part of both a Full Tunnel and a Split Tunnel Gateway program, the default will be Full Tunnel VPN*.
78+
US Gateway Only | You can only connect to the US Gateway instance for these programs.
79+
80+
![image](./images/gateway-5.png)

0 commit comments

Comments
 (0)