Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

VPN protocols can be exploited by hackers to identify users' real IPs

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

November 30, 2015

Several Virtual Private Network (VPN) protocols have a serious design flaw that can be potentially exploited by hackers to identify some users' real IP addresses, which defeats one of the purpose of VPNs in the first place.

For example, security provider Perfect Privacy, which discovered the VPN security weakness has dubbed it "port fail", and says it affects VPNs based on the IPSec (Internet Protocol Security) or PPTP (point-to-point tunnelling protocol) specifications, or using the OpenVPN client software.

VPN security providers that offer port forwarding services are all affected unless they've taken specific defensive measures, the company says.

Attackers need simply to have an account with the same vulnerable provider as their intended victim, and need to trick the target victim to visit a website under the hackers' control.

"If the potential hacker has port forwarding activated for his or her account on the same server, he or she can find out the real IP addresses of any user on the same VPN by simply tricking the target victim into visiting a link that redirects the traffic to a port under his or her control," the researchers say.

One reader has even offered a more detailed breakdown of the security issue. Major virtual private network providers have already been warned about the security hole.

BitTorrent users are under particular threat, Perfect Privacy says, because if they use port forwarding as their default torrent client port, they don't need to be tricked into visiting an attacker's web site.

Researchers suggest VPN providers set server-side firewall rules to block access from client's real IP address to forwarded ports the client does not use as an added security measure.

Source: Perfect Privacy.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer