Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

Top Commercial VPNs Leak Data

July 7, 2015

Apparently, VPNs are not as secure as everyone thinks. Five researchers from London and Rome have documented that 14 of the top commercial virtual private networks leak IP data. They tested the top client software versions of well-known providers such as Hide My Ass, PrivateInternetAccess and IPVanish. Their test environment simulated users trusting a VPN to protect the data transmission. Unfortunately, there is precious little protection. They discovered that the most common VPN tunneling technologies relied on outdated technologies such as PPTP with MS-CHAP2.

The researchers summarized the situation with the following quote. "Whereas our work initially started as a general exploration, we soon discovered that a serious vulnerability, IPv6 traffic leakage, is pervasive across nearly all VPN services. In many cases, we measured the entirety of a client’s IPv6 traffic being leaked over the native interface. A further security screening revealed two DNS hijacking attacks that allow us to gain access to all of a victim’s traffic."

The recommendation to minimize the hijacking of your data is to alter the IPv6 routing tables to capture all traffic and ensure that requests for the DNS server always go through the tunnel. Maybe the researchers' report will get vendors to fix the discovered holes in the VPN clients so that we won’t have to implement work around solutions.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com