this post was submitted on 06 May 2024
497 points (98.3% liked)

Technology

59589 readers
2962 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] NeatNit@discuss.tchncs.de 22 points 6 months ago (1 children)

This technique can also be used against an already established VPN connection once the VPN user’s host needs to renew a lease from our DHCP server. We can artificially create that scenario by setting a short lease time in the DHCP lease, so the user updates their routing table more frequently. In addition, the VPN control channel is still intact because it already uses the physical interface for its communication. In our testing, the VPN always continued to report as connected, and the kill switch was never engaged to drop our VPN connection.

Sounds to me like it totally works even after the tunnel has started.

[–] Natanael@slrpnk.net 2 points 6 months ago (1 children)

Yeah, it's like a fake traffic cop basically, sending your (network) traffic down the wrong route

[–] KairuByte@lemmy.dbzer0.com 1 points 6 months ago (1 children)

More like a corrupt traffic cop. There are reasons you might want this kind of functionality, which is why it exists. Normally you can trust the cop (DHCP server) but in this case the cop has decided to send everyone from all streets down to the docks.

[–] Natanael@slrpnk.net 1 points 6 months ago (1 children)

These types of attacks would likely be implemented via DHCP spoofing / poisoning, unless you're on a malicious network

[–] KairuByte@lemmy.dbzer0.com 1 points 6 months ago

I’d think the place most people use VPN is public wifi, unless they are utilizing workplace VPN.