The hack that was mentioned does not affect most of our users who are using our shared IP servers. These servers do not allowed any port forwarding except those initiated by the outgoing traffic from the users devices.
However those who are using the dedicated dynamic IP servers need to protect themselves using their own internal firewall. These servers are configured to give users full access to forward their own services thru the tunnel and if we were to block incoming traffic to their IP then the services are useless to them. Any users using the dedicated IP servers should know the reasons and risks of using those open port servers.
As for openvpn 2.3.9, we are delaying the release until after new year due to a few other fixes that openvpn will release. This will include dropping of support for openssl older versions and operating systems that are no longer supported by their vendors. We are monitoring the development of openvpn on a daily basis and will issue update as and when it is critical and our GUI has addressed the dns leak and routing issues long before the articles or updates were made.
Thank you
What if you are using dedicated ip server and have one port open in firewall for uttorent? Will you be exposed then?
Also, i am only allowing VPN traffic to go on the internet, everything else is blocked in firewall, so if vpn connection drops, nothing gets out.
If i understand correctly, as long as upnp is disabled in the router, then you are fine?