VPN hijacking on Linux (and beyond) systems
VPN hijacking on Linux (and beyond) systems
William Tolley has disclosed a severe VPN-related problem in most current
systems: "I am reporting a vulnerability that exists on most Linux distros, and
other *nix operating systems which allows a network adjacent attacker
to determine if another user is connected to a VPN, the virtual IP
address they have been assigned by the VPN server, and whether or not
there is an active connection to a given website. Additionally, we are
able to determine the exact seq and ack numbers by counting encrypted
packets and/or examining their size. This allows us to inject data into
the TCP stream and hijack connections.
" There are various partial
mitigations available, but a full solution to the problem has not yet been
worked out. Most VPNs are vulnerable, but Tor evidently is not.