Sticky Rice Balls Posted May 10 Share Posted May 10 20 minutes ago, BE88 said: 2 hours ago, sungod said: The only people who need to watch pornhub in Thailand must be into some totally weird stuff........ The only bizarre types are those who don't admit it but are the first to go there assiduously. i actually just use bing search...much bigger reach for content.....but im a super weirdo with my porn!....also bypasses firewall if one was to do a porn search here......i have a vpn but dont need it as i used to in the past here.. 1 Link to comment Share on other sites More sharing options...
sungod Posted May 10 Share Posted May 10 40 minutes ago, BE88 said: 3 hours ago, sungod said: The only people who need to watch pornhub in Thailand must be into some totally weird stuff........ The only bizarre types are those who don't admit it but are the first to go there assiduously. I really have no idea what that means, does that mean you like it up the hoop? 2 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 10 Author Share Posted May 10 16 hours ago, ChaiyaTH said: You are really a tool lol, reading articles like this, to then think and know you are up-to-date, while this is like years old knowledge. Same time tons of solutions but whatever. These are the worst creatures; those who read that type of tech articles, while being entirely stupid about tech themself. You have absolutely no clue what you are talking about. These are the worst creatures; those who read that type of tech articles, while being entirely stupid about tech themself. 1 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 10 Author Share Posted May 10 5 hours ago, Sticky Rice Balls said: arent you the guy that believes a website that says something and you conclude it for fact???? oh dude...hahaha the irony Where are the proofs for your stupid claim. Link to comment Share on other sites More sharing options...
Negita43 Posted May 10 Share Posted May 10 21 hours ago, AreYouGerman said: ALL VPN's are affected if they are connecting to a compromised Wif with enabled DHCPi. Facts, bro. So it's not a VPN issue. it's a router issue because if the router isn't compromised then any issue with the VPN can't be expoited Link to comment Share on other sites More sharing options...
Middle Aged Grouch Posted May 10 Share Posted May 10 Ok boys what's the issue ? VPN in general unsafe ? or only unsafe when on a public wifi network ? 1 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 10 Author Share Posted May 10 9 minutes ago, Negita43 said: So it's not a VPN issue. it's a router issue because if the router isn't compromised then any issue with the VPN can't be expoited It's not directly a VPN vulnerability but VPNs are vulnerable to it. It's a routing issue, yes. It's also an issue of. "if you let the stranger in yoru Wifi it might be that he sees my traffic even if I use a VPN". Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 10 Author Share Posted May 10 3 minutes ago, Middle Aged Grouch said: Ok boys what's the issue ? VPN in general unsafe ? or only unsafe when on a public wifi network ? Yes, generally all VPNs are affected (yes, there are exceptions and probably many VPN providers updated their client already) if you connect to a Wifi where you get your IP assigned by a DHCP and other people except you have access to the Wifi as they can setup a rogue DHCP. 1 Link to comment Share on other sites More sharing options...
eisfeld Posted May 10 Share Posted May 10 28 minutes ago, Negita43 said: So it's not a VPN issue. it's a router issue because if the router isn't compromised then any issue with the VPN can't be expoited It's not a router issue. It's a VPN client issue. VPN clients are supposed to send all traffic through the VPN but a malicious router can tell the OS to route traffic whereever, that's its job in a way. It's up to the VPN client to make sure the router can't override what the VPN is supposed to do. 1 Link to comment Share on other sites More sharing options...
eisfeld Posted May 10 Share Posted May 10 20 minutes ago, AreYouGerman said: It's not directly a VPN vulnerability but VPNs are vulnerable to it. It's a routing issue, yes. It's also an issue of. "if you let the stranger in yoru Wifi it might be that he sees my traffic even if I use a VPN". 17 minutes ago, AreYouGerman said: Yes, generally all VPNs are affected (yes, there are exceptions and probably many VPN providers updated their client already) if you connect to a Wifi where you get your IP assigned by a DHCP and other people except you have access to the Wifi as they can setup a rogue DHCP. Other people on the same Wifi can't just pose as a DHCP to push routes to you, only the router can. Link to comment Share on other sites More sharing options...
SingAPorn Posted May 10 Share Posted May 10 so best is to avoid a VPN in other words....as nobody really can be 100% sure either way...so why add further portails or risky back doors.. Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 10 Author Share Posted May 10 13 minutes ago, eisfeld said: Other people on the same Wifi can't just pose as a DHCP to push routes to you, only the router can. That's incorrect. "The DHCP server is usually under the control of the system administrator and third parties cannot manipulate it. However, an attacker could inject a second DHCP server into the LAN - but he would have to silence the actual, "authoritative" DHCP server. The easiest method is probably to request IP addresses en masse until its address pool is exhausted. The smuggled DHCP server can then step into the breach and assign addresses itself. Once he has bound the target device to himself, he redirects its traffic before VPN encryption and can read along from then on." https://www.heise.de/news/Tunnelvision-Angreifer-koennen-VPNs-aushebeln-und-Daten-umleiten-9710188.html 1 Link to comment Share on other sites More sharing options...
johng Posted May 10 Share Posted May 10 14 minutes ago, SingAPorn said: so best is to avoid a VPN in other words No its still better to use the VPN especially with a VPN client that has been patched to guard against the leaking of data https://windscribe.com/ is one such VPN client that is supposed to not be vulnerable there are probably (hopefully) many more. 1 Link to comment Share on other sites More sharing options...
eisfeld Posted May 10 Share Posted May 10 24 minutes ago, AreYouGerman said: That's incorrect. "The DHCP server is usually under the control of the system administrator and third parties cannot manipulate it. However, an attacker could inject a second DHCP server into the LAN - but he would have to silence the actual, "authoritative" DHCP server. The easiest method is probably to request IP addresses en masse until its address pool is exhausted. The smuggled DHCP server can then step into the breach and assign addresses itself. Once he has bound the target device to himself, he redirects its traffic before VPN encryption and can read along from then on." https://www.heise.de/news/Tunnelvision-Angreifer-koennen-VPNs-aushebeln-und-Daten-umleiten-9710188.html That's an attack that is only possible if the network allows any device to send these DHCP packets. A proper network only allows the router or so called secure ports to send them. The feature is usually called DHCP snooping. Even if it's not enabled and any client is allowed to act as a DHCP server then performing this attack is going to be noticed very quickly when all normal IP routing in the local network is messed up and DHCP leases exhausted. Plus the attacker needs to know the timing of the new device connecting, who he is targeting etc. It's not as easy as Heise describes. Link to comment Share on other sites More sharing options...
eisfeld Posted May 10 Share Posted May 10 44 minutes ago, SingAPorn said: so best is to avoid a VPN in other words....as nobody really can be 100% sure either way...so why add further portails or risky back doors.. The attack voids the security a VPN can provide but you are not less secure than without VPN. Well, I guess at least you don't have a false sense of security that you would have if you had a VPN and someone managed to circumvent it. Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 10 Author Share Posted May 10 17 minutes ago, eisfeld said: It's not as easy as Heise describes. Nobody said it's easy but you said it's not possible. Link to comment Share on other sites More sharing options...
eisfeld Posted May 10 Share Posted May 10 1 minute ago, AreYouGerman said: Nobody said it's easy but you said it's not possible. In a properly set up network it's not possible. Link to comment Share on other sites More sharing options...
clearance Posted May 10 Share Posted May 10 On 5/9/2024 at 8:40 AM, BE88 said: So that it works in Thailand for Pornhub I have no problems It is banned on DNS level, so you just can change your DNS to public ones (8.8.8.8 and 1.1.1.1 for example). No VPN needed. 1 Link to comment Share on other sites More sharing options...
clearance Posted May 10 Share Posted May 10 On 5/9/2024 at 6:14 AM, AreYouGerman said: In short, it's basically you going in some public wifi or compromised wifi and you won't know that your traffic is not routed through your VPN as you are connected to your VPN and everything seems in order. Everything is affected except Android, at the time of writing. "TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation." More on: https://securityaffairs.com/162894/hacking/tunnelvision-attack-vpn.html https://www.techradar.com/pro/security/many-top-vpn-apps-can-be-hacked-and-almost-totally-ruined-by-this-attack It can be mitigated by one more device in chain. For example you can connect your phone to a public wifi, then share this connection to your laptop. So your phone will act as DHCP server, and VPN from your laptop will be safe. Or some wifi mobile router, that can connect to other wifi and share it to your devices. 1 Link to comment Share on other sites More sharing options...
johng Posted May 10 Share Posted May 10 8 minutes ago, clearance said: It is banned on DNS level, so you just can change your DNS to public ones (8.8.8.8 and 1.1.1.1 for example). No VPN needed. That doesn't work for me on TOT AKA National Telecom I think they use some sort of invisible proxy as well as DNS poisoning..it's beyond my level of "Kung Fu" Link to comment Share on other sites More sharing options...
Negita43 Posted May 10 Share Posted May 10 1 hour ago, eisfeld said: malicious router can tell the OS to route traffic whereever, that's its job in a way. So it's a router issue - no malicious router no VPN issue Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 10 Author Share Posted May 10 (edited) 3 minutes ago, johng said: That doesn't work for me on TOT AKA National Telecom I think they use some sort of invisible proxy as well as DNS poisoning..it's beyond my level of "Kung Fu" I think they are checking the non encrypted DNS request to see if you are trying to resolve the website's domain and then block it, and maybe even banned server IPs. But why break the law. It's illegal to use the website, you should accept it. Edited May 10 by AreYouGerman Link to comment Share on other sites More sharing options...
clearance Posted May 10 Share Posted May 10 (edited) Also, I wonder if it can be mitigated by split tunneling. VPN provider can push 0.0.0.0/0 route that can be affected by this attack. Or push split routes for all ranges with different netmask. For example you can push 0.0.0.0/1 and 128.0.0.0/1 to client. Or do it for every range, like 1.0.0.0/8, 2.0.0.0/8, 3.0.0.0/8 and so on. And if you are on Linux you can compile DHCP client that will ignore option 121 (like Android). I wonder if some clients allow to disable DHCP options already. Edited May 10 by clearance Link to comment Share on other sites More sharing options...
johng Posted May 10 Share Posted May 10 5 minutes ago, AreYouGerman said: But why break the law. It's illegal to use the website, you should accept it. ohh I would not break the law just wondering how they achieve the blocking. Link to comment Share on other sites More sharing options...
eisfeld Posted May 10 Share Posted May 10 3 minutes ago, clearance said: Also, I wonder if it can be mitigated by split tunneling. VPN provider can push 0.0.0.0/0 route that can be affected by this attack. Or push split routes for all ranges with different netmask. For example you can push 0.0.0.0/1 and 128.0.0.0/1 to client. Or do it for every range, like 1.0.0.0/8, 2.0.0.0/8, 3.0.0.0/8 and so on. That could work because the most specific mask wins usually. But the attacker could do that as well. Then it becomes a race condition I guess. Link to comment Share on other sites More sharing options...
eisfeld Posted May 10 Share Posted May 10 4 minutes ago, johng said: ohh I would not break the law just wondering how they achieve the blocking. Do a DNS lookup on the hostname. Then a WHOIS on the IP that you get. I get a network called "Reflected Networks". If you get something strange in Thailand then they might just intercept and spoof the DNS. If the IP is fine and you can't access it then they might be just nullrouting the IPs. You can also switch for example in Firefox all DNS to go over HTTPS via DoH in the settings, then the ISP can't intercept the DNS requests of the browser. See if it becomes available that way. Or use a public website to get the IP of the site and put it in your local devices network config so no DNS request goes out for it. Link to comment Share on other sites More sharing options...
rickudon Posted May 16 Share Posted May 16 Maybe not related, but last month i decided to install a VPN for a.minor need. Then got 8 links stopped by my anti-virus in the next week. I then uninstalled the VPN and the attacks stopped. Are VPN's actually safe? Thid was a free VPN but supposedly with many millions of users. I have no need for a VPN normally, and doubt if i will use one again. Link to comment Share on other sites More sharing options...
scottiejohn Posted May 16 Share Posted May 16 27 minutes ago, rickudon said: Are VPN's actually safe? Thid was a free VPN but supposedly with many millions of users. Not free ones! They have to make money somehow Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now