Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.

  • PowerCrazy@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    This won’t mitigate this specific attack, however running your VPN as a full tunnel will.

    • noride@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      Full tunnel would not mitigate this attack because smaller routes are preferred over larger ones. So, sure, 0.0.0.0/0 is routed over the tunnel, but a route for 8.8.8.8/32 pointing to somewhere layer2 adjacent, pushed via DHCP option 121, would supercede that due to being more specific.