Privacy Vulnerability Exposes VPN Users' Real IP Addresses - Slashdodt News

NetworkGuyNetworkGuy
edited November 2015 in Off-topic Discussion
http://it.slashdot.org/story/15/11/27/2353227/privacy-vulnerability-exposes-vpn-users-real-ip-addresses
https://thestack.com/security/2015/11/27/privacy-vulnerability-exposes-vpn-users-real-ip-addresses/
https://www.perfect-privacy.com/blog/2015/11/26/ip-leak-vulnerability-affecting-vpn-providers-with-port-forwarding/

Slashdot News Quote: "A major security flaw which reveals VPN users' real IP addresses has been discovered by Perfect Privacy (PP). The researchers suggest that the problem affects all VPN protocols, including IPSec, PPTP and OpenVPN. The technique involves a port-forwarding tactic whereby a hacker using the same VPN as its victim can forward traffic through a certain port, which exposes the unsuspecting user's IP address. This issue persists even if the victim has disabled port forwarding. PP discovered that five out of nine prominent VPN providers that offer port forwarding were vulnerable to the attack."

Comments

  • Osborne_CoxOsborne_Cox
    See also:
    https://www.privateinternetaccess.com/forum/discussion/19310/ip-leak-vulnerability-in-port-forwarding-feature
  • catcher749catcher749
    This issue persists even if the victim has disabled port forwarding. PP discovered that five out of nine prominent VPN providers that offer port forwarding were vulnerable to the attack."
    So wait a minute, does this issue effect native OpenVPN users?
  • alaricalaric
    edited November 2015

    A newly discovered vulnerability can expose the real IP-addresses of VPN users with relative ease. The issue, which affects all VPN protocols and operating systems, was uncovered by Perfect Privacy who alerted several affected competitors to the threat before making it public.

    ip-addressFor the past several years interest in encrypted and anonymous communications has spread to a much wider audience.

    VPN providers are particularly popular among BitTorrent users, who by default broadcast their IP-addresses to hundreds of people when downloading a popular file.

    The goal of using a VPN is to hide one’s ISP IP-address, but a newly discovered vulnerability shows that this is easily bypassed on some providers.

    The problem, uncovered by VPN provider Perfect Privacy (PP), is a simple port forwarding trick. If an attacker uses the same VPN as the victim the true IP-address can be exposed by forwarding traffic on a specific port.

    The security flaw affects all VPN protocols including OpenVPN and IPSec and applies to all operating systems.

    “Affected are VPN providers that offer port forwarding and have no protection against this specific attack,” PP notes.

    For example, if an attacker activates port forwarding for the default BitTorrent port then a VPN user on the same network will expose his or her real IP-address (in a setting where users share the same IP-address).

    The same is true for regular web traffic, but in that case the attacker has to direct the victim to a page that connects to the forwarded port, as Perfect Privacy explains in detail.

    The vulnerability affected the setup of various large VPN providers, who were warned last week. This included Private Internet Access (PIA), Ovpn.to and nVPN, who have all fixed the issue before publication.

    PIA informs TorrentFreak that their fix was relatively simple and was implemented swiftly after they were notified.

    “We implemented firewall rules at the VPN server level to block access to forwarded ports from clients’ real IP addresses. The fix was deployed on all our servers within 12 hours of the initial report,” 

    PIA’s Amir Malik says.

    In addition, PIA complimented Perfect Privacy for responsibly disclosing the vulnerability prior to making it public and awarded their competitor with a $5,000 bounty under its Whitehat Alert Security Program.

    Not all VPN providers were tested so it is likely that many others are still vulnerable. Hopefully, these will address the issue in the near future.

    source: https://torrentfreak.com/huge-security-flaw-can-expose-vpn-users-real-ip-adresses-151126/

  • JoyeuxBlancJoyeuxBlanc
    @alaric Thank you or the information and linking the post.


    They release a second update to fix the issue for good.
  • tomewormtomeworm
    edited November 2015
    Razal_Trebor said:
    @alaric Thank you or the information and linking the post.


    They release a second update to fix the issue for good.
    How do you know it's fixed for good, let alone fixed at all? They bragged about how rapidly they supposedly fixed it to TorrentFreak: "PIA informs TorrentFreak that their fix was relatively simple and was implemented swiftly after they were notified." 

    Then they were quickly exposed by a PIA customer as having not fixed it at all. Did they even bother to test their "fix"? How do we even know they've thoroughly tested this latest fix? Given how significant a screw up this is I can't share your confidence.

    Can someone please test this fix of a fix to see if it actually did fix the port forwarding leak and report back?



  • JoyeuxBlancJoyeuxBlanc
    You are right, i am mostly taking their word at face value. one reason i am confident is i have been watching the forum post and it seems they can not prove it right now or they do not have time to re test the vulnerability.


    I cant find my source so i could be in error here, I believe i read from the support account that the fix they did was server side to solve the issue. And this second fix is the v53 client side fix to fully block the vulnerability. In the past i have no reason to distrust pia in my own personal experience. so now that they have admitted that the issue was not fixed right away and then re released a fix i have no problem believing them.
Sign In or Register to comment.