From 5da262688398ce5d1446f07757bc42e6bb50c2f3 Mon Sep 17 00:00:00 2001
From: Kaladin Light <0.kaladin@gmail.com>
Date: Sat, 23 Apr 2016 15:08:14 -0400
Subject: [PATCH] Increase default levels of security

---
 Default.txt       | 6 ++----
 server_config.txt | 4 +++-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Default.txt b/Default.txt
index 6c382dd..d73440e 100644
--- a/Default.txt
+++ b/Default.txt
@@ -6,10 +6,8 @@ resolv-retry infinite
 nobind
 persist-key
 persist-tun
-mute-replay-warnings
-ns-cert-type server
 key-direction 1
-cipher AES-128-CBC
+cipher AES-256-CBC
+auth SHA256
 comp-lzo
 verb 1
-mute 20
diff --git a/server_config.txt b/server_config.txt
index d054f9e..cb9208b 100644
--- a/server_config.txt
+++ b/server_config.txt
@@ -16,6 +16,7 @@ push "route 10.8.0.0 255.255.255.0"
 push "route LOCALIP 255.255.255.0"
 # Set your primary domain name server address for clients
 push "dhcp-option DNS 8.8.8.8"
+push "dhcp-option DNS 8.8.4.4"
 # Override the Client default gateway by using 0.0.0.0/1 and
 # 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
 # overriding but not wiping out the original default gateway.
@@ -24,7 +25,8 @@ client-to-client
 duplicate-cn
 keepalive 10 120
 tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
-cipher AES-128-CBC
+cipher AES-256-CBC
+auth SHA256
 comp-lzo
 user nobody
 group nogroup