Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,208
- Points
- 113
OpenVPN and WireGuard were not as reliable as previously thought.
On July 16, security researcher Benjamin Mixon-Baca presented a report entitled "An Attack on Connection Tracking Systems Used by Virtual Private Networks (VPNs)"as part of the annual Privacy Enhancing Technologies Symposium (PETS) event. This study identified a unique vulnerability of VPN services called "Port Shadow".
The study found that popular VPN programs such as OpenVPN, WireGuard, and OpenConnect can make users less secure. The vulnerability allows attackers to act as intermediary routers between the user and the VPN server, which can lead to anonymity disclosure, DNS redirection, or port scanning.
The authors of the study offer a number of recommendations for VPN providers. These include randomizing the source port selection, prohibiting the use of the VPN server listening port as the source port, and limiting the number of simultaneous VPN connections. Users are also advised to connect to private VPN servers that they have exclusive access to, or use less vulnerable encryption protocols.
The vulnerability was discovered on VPN servers running on Linux and FreeBSD, and Linux servers were the most susceptible to attacks. Developers of VPN programs and operating systems have been notified of the vulnerability, but due to its specific nature, complete elimination is possible only with the help of certain firewall rules.
The study also noted that the vulnerability is particularly dangerous for those who use VPNs to circumvent censorship and protect their identity. For example, journalists or activists can be targeted by hackers who can intercept and redirect their traffic.
Users are encouraged to use the ShadowSocks or Tor protocols, which do not depend on vulnerable connection tracking systems. In addition, it is important to use VPN servers where only trusted users are located.
Source
On July 16, security researcher Benjamin Mixon-Baca presented a report entitled "An Attack on Connection Tracking Systems Used by Virtual Private Networks (VPNs)"as part of the annual Privacy Enhancing Technologies Symposium (PETS) event. This study identified a unique vulnerability of VPN services called "Port Shadow".
The study found that popular VPN programs such as OpenVPN, WireGuard, and OpenConnect can make users less secure. The vulnerability allows attackers to act as intermediary routers between the user and the VPN server, which can lead to anonymity disclosure, DNS redirection, or port scanning.
The authors of the study offer a number of recommendations for VPN providers. These include randomizing the source port selection, prohibiting the use of the VPN server listening port as the source port, and limiting the number of simultaneous VPN connections. Users are also advised to connect to private VPN servers that they have exclusive access to, or use less vulnerable encryption protocols.
The vulnerability was discovered on VPN servers running on Linux and FreeBSD, and Linux servers were the most susceptible to attacks. Developers of VPN programs and operating systems have been notified of the vulnerability, but due to its specific nature, complete elimination is possible only with the help of certain firewall rules.
The study also noted that the vulnerability is particularly dangerous for those who use VPNs to circumvent censorship and protect their identity. For example, journalists or activists can be targeted by hackers who can intercept and redirect their traffic.
Users are encouraged to use the ShadowSocks or Tor protocols, which do not depend on vulnerable connection tracking systems. In addition, it is important to use VPN servers where only trusted users are located.
Source