Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Networking Privacy Security IT

VPN Flaw Shows Users' IP Addresses 124

Posted by Soulskill from the illusion-of-privacy dept.
AHuxley writes "A VPN flaw announced at the Telecomix Cyphernetics Assembly in Sweden allows individual users to be identified. 'The flaw is caused by a combination of IPv6, which is a new Internet protocol due to replace the current IPv4, and PPTP (point-to-point tunneling protocol)-based VPN services, which are the most widely used. ... The flaw means that the IP address of a user hiding behind a VPN can still be found, thanks to the connection broadcasting information that can be used to identify it. It's also relatively easy to find a MAC address (which identifies a particular device) and a computer's name on the network that it's on.' The Swedish anti-piracy bureau could already be gathering data using the exploit."
This discussion has been archived. No new comments can be posted.

VPN Flaw Shows Users' IP Addresses More

VPN Flaw Shows Users' IP Addresses

Comments Filter:

  • Re:Tor (Score:3, Interesting)

    by Rijnzael ( 1294596 ) on Monday June 21, 2010 @01:35PM (#32643434)
    Good point, anyone can host a Tor node, and I'm sure we can bet the bad guys are hosting just as many or more than the good guys. Web of trust for Tor, anyone?

  • Re:IPv6 (Score:2, Interesting)

    by xanadu113 ( 657977 ) on Monday June 21, 2010 @01:36PM (#32643440)
    Right after we get switched to the metric system!

    In elementary school, they ONLY taught me the metric system, because it was going to replace the english system by the time I graduated high school... I'm still waiting...

  • Re:garbage in, garbage out... (Score:1, Interesting)

    by Michael Kristopeit ( 1751814 ) on Monday June 21, 2010 @01:48PM (#32643600)
    see my comment [slashdot.org] above...

    you flood the network with "ghosts"... 1,000+ spoofed IP packets for every 1 real one. sort of like under siege dark territory with the ghost satellites.

    it isn't perfect, but provides enough ambiguity to make a counter attack almost pointless for a considerable time.

  • User flaw shows dilluded sense of privacy on net (Score:3, Interesting)

    by Bob_Who ( 926234 ) on Monday June 21, 2010 @01:51PM (#32643642) Journal

    The only flaw is when people believe that VPN or any other network technology streaming on the public superhighway via telecoms and satellite networks is absolutely private and secure 100% of the time. Once you fix that defect, the rest won't matter anymore. Too bad our national security experts are having so much difficulty with that concept, since its bad for business to accept reality or to tell the truth, in general.

  • Re:garbage in, garbage out... (Score:3, Interesting)

    by Rijnzael ( 1294596 ) on Monday June 21, 2010 @01:52PM (#32643650)
    Definitely an interesting thought, though with a MITM attacker (presumably the person one is using Tor/VPN/whathaveyou to hide from) it would be pretty obvious that one isn't actually establishing true communication, as the TCP sequence numbers et al wouldn't make any sense, and the remote machine wouldn't be sending back any data packets. With UDP it might be less obvious, though it would be clear one is only sending and not receiving.

  • So, what's the move? (Score:3, Interesting)

    by b0bby ( 201198 ) on Monday June 21, 2010 @01:57PM (#32643718)

    What, then, is the best way to preserve anonymity when using, for instance, BitTorrent? I have looked at services like BTGuard & Predator, but there's always a little spidey-sense tingle of lack of trust...

  • Re:Tor (Score:3, Interesting)

    by Rijnzael ( 1294596 ) on Monday June 21, 2010 @02:09PM (#32643852)
    I think persistently sending a file over SSL over Tor to wikileaks might be somewhat suspicious to a malicious man in the middle listening for as much. Hiding who one is talking to is still as important as hiding what is said.

  • Re:doesen't IPv6 drop some of need for VPN? (Score:3, Interesting)

    by vlm ( 69642 ) on Monday June 21, 2010 @02:27PM (#32644076)

    My thinking is that NATing on IPv6 will continue to be OK for security reasons

    My thinking is we're going to see massive namespace pollution in the marketing world. Since most people use "nat security" as basically a complicated as heck one way valve, and its "expensive" to do nat compared to simple state based firewalls, I suspect the marketing droids are going to get simple state based firewalls that only allow outgoing connections from engineering, and then sell them as "ipv6 NAT" even though theres no address translation going on.

    After all, its the same as ipv6 NAT because it allows you to connect your lan to the internet and it only allows outgoing connections, so it must be marketed with the same name.

    Who cares if the engineers know that NAT actually means something.

    And when it happens, you can say you saw it here on slashdot, first.

Slashdot Top Deals

"What man has done, man can aspire to do." -- Jerry Pournelle, about space flight

Close