Viktor Jaep
Part of the Furniture
Trying to wrap my head around this one... even if they could still create a way to re-route your VPN connection traffic, they would still need to get through some serious encryption.
Which is why setting up a rogue DHCP server at a Starbucks would make this threat a reality. I'm just really curious how they're able to prevent encryption of traffic between your network interface and the VPN provider through the means of routing in order to snoop. Need to read up more on this. Ugh.The way it is described - the attacker has to have access to your LAN first. VPN tunnel encryption doesn't come into play because the client traffic is re-routed around it. This thing needs knowledge about the network, time to plan plus extra hardware/software to execute. In a corporate environment it will be caught as suspicious activity perhaps immediately. The idea looks similar to common IPv6 leaks happening "automatically" on home routers, but done in a more sophisticated way using single protocol.
Need to read up more on this.
This is actually a good explainer... https://www.leviathansecurity.com/blog/tunnelvisionBill Woodcock has an SNB Forums account. Perhaps he can give you some details and jumpstart your HACKMON v1.0.1 project.
This is actually a good explainer... https://www.leviathansecurity.com/blog/tunnelvision
I wonder if there's a way to catch something like this in the act... it should be highly usual for DHCP to change your routes. Just need to something to catch it in the act, deny it, and keep existing routes in place.
The most effective fixes are to run the VPN inside of a virtual machine whose network adapter isn’t in bridged mode or to connect the VPN to the Internet through the Wi-Fi network of a cellular device.
If I understand the original issue and the above referenced .pdf.
Thread starter | Title | Forum | Replies | Date |
---|---|---|---|---|
News Might want to consider not using Chrome (or MS Edge) | General Network Security | 16 | ||
F | I don't understand why some people are still using WOL? | General Network Security | 14 |
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!