Community: Hang out with the Boleh family > General Discussion

ROUTING ‘FEATURE’ CAN EXPOSE VPN USERS’ REAL IP-ADDRESSES

<< < (2/2)

userjame:

--- Quote from: PitBoss on December 26, 2015, 12:47:50 PM ---Dedicated IP that we are using do not use upnp nor does it use forwarding, so it would not be affected by this hack. However you still to make sure that webrtc is disabled while you are using the vpn. webrtc exploits is much more practical and easier to do cause it is enabled by default.

--- End quote ---

Thank you for replying and clearing that up  :)
Use this as startpage https://ipleak.net/  it checks for dns leaks and webrtc.

ValdikSS:
It has nothing with port forwarding or UPnP, please read the article more thoughtful.

PitBoss:
Hi Valdik, I've read your articles on this and appreciate your input. Thank you.

Reuben:
Got everything to do with it:

https://torrentfreak.com/huge-security-flaw-can-expose-vpn-users-real-ip-adresses-151126/


--- Quote ---The security flaw affects all VPN protocols including OpenVPN and IPSec and applies to all operating systems.

“Affected are VPN providers that offer port forwarding and have no protection against this specific attack,” PP notes.

For example, if an attacker activates port forwarding for the default BitTorrent port then a VPN user on the same network will expose his or her real IP-address (in a setting where users share the same IP-address).
--- End quote ---


--- Quote ---PIA informs TorrentFreak that their fix was relatively simple and was implemented swiftly after they were notified.

“We implemented firewall rules at the VPN server level to block access to forwarded ports from clients’ real IP addresses. The fix was deployed on all our servers within 12 hours of the initial report,” PIA’s Amir Malik says.
--- End quote ---

shadowdrifter:
Are Boleh servers that allow open ports still vulnerable to the attack listed in the above article in this thread?

Navigation

[0] Message Index

[*] Previous page