Warning: Creating default object from empty value in /home/ict-forward/www-apps/wp-svn/wp-includes/ms-load.php on line 138
vpn « The FORWARD project blog

Posts Tagged ‘vpn’

Security Flaw Makes VPNs Useless for BitTorrent

Wednesday, January 19th, 2011

Nowadays VPN (virtual private network) services became very common because more and more users would like privacy. Many websites, like the Pirate Bay’s Ipredator, will offer anonymous vpn services which ensures privacy in downloads from BitTorrent. But is this working?

It turns out that there’s a big security flaw in these services that allows individual users to be identified! The flaw is caused by a combination of IPv6 and PPTP -based VPN services, which is widely used ,moreover¬† IPV6 is enabled by default in most computers (vista,win7).

With this flaw, the IP address and sometimes the MAC address and the computer’s name of a user behind a VPN can be found thanks to their connection broadcasting information that can be used to identify them. Also if the clients are not seperated they might expose each other and reveal sensitive information.(seperate subnet for each one may help).
Only if the following preconditions exist, it may be possible to see a user’s public IP.

1)The computer has an IPv6 stack installed with support for tunneling IPv6 traffic over an IPv4 link (such as ISATAP) (Default in windows vista and 7)
2)The computer has a public IP address assigned.(if you are behind a router with NAT , will be compromised)

Some ways to avoid this flow is to disable IPv6 and rollback to IPv4 or use an alternative to PPTP ,the OpenVPN which is free ,open-source and more stable.
Also by using a VPN, a third party company  access to all your private information, that could be a far larger security hole than anything else, so be careful who you trust with your data.