Mitigation of TunnelVision DHCP attack on VPN traffic

1 risposta [Ultimo contenuto]
thomzane
Offline
Iscritto: 02/28/2019

I was reading about TunnelVision [1] and I was curious what the method of mitigation would be for Trisquel users. Android is immune by ignoring DHCP option 121, but I am not sure how to do the same with Trisquel. Any thoughts?

[1] https://www.theregister.com/2024/05/07/vpn_tunnelvision_dhcp/

Avron

I am a translator!

Offline
Iscritto: 08/18/2020

Thanks for reporting this. I don't have an answer but I suspect there might be several other overlooked features with a similar result.

Perhaps it was not an attack but when I was recently on travel and using a hotel wifi, I noticed that even though I was connected to my own home VPN server or to the VPN of a third party, websites that report your IP address reported a local IPv6 address where I was and not an address from home or from the VPN provider network. I deactivated IPv6 in the local interface parameters, tried again and then all traffic was seen as originating from home or from the VPN provider network. It may be misconfiguration of my home VPN or of the VPN provider, but such misconfiguration may be common, and I have difficulties finding advice that look right for configuration of IPv6 with other features.