VPNs can be hacked thanks to a new vulnerability

Windows Articles

How to repair a USB drive in Windows 10.

Hi! USB sticks are undoubtedly very functional elements for working in Windows 10. Indeed, their use ranges from file management to creating...

How to install double-tap on back gesture on your Android

Hi, how are you? The double-tap on back gesture is one of the new functions available on Android 11 and IOS 14....

How to install KVM on Debian 10?

Hello friends, in this post I will show you how to install KVM on Debian 10. KVM stands for...

How to open Windows 10 Mobility Center

Hello! There are many types of users of Windows 10. As it depends on the type of hardware used. That is, the...

Ubuntu 20.04.1 available

Canonical, the company led by Mark Shuttleworth, releases Ubuntu 20.04.1. It has a new image, with updates and security patches for the...
angeloma
angeloma
Senior Writer and partner

While Unix-based systems are much safer than Windows, they are not exempt from problems. This time a new vulnerability has been reported that affects VPNs. So today we will talk to you about it.

Recently, a new vulnerability has been published that affects Unix-based systems. This new vulnerability registered under the code CVE-2019-14899, shows us that malicious users can compromise the security of VPNs. It has been reported by the University of New Mexico.

What do we mean by compromising security? Well, that an external user can know if a user is connected to a VPN or visiting a certain website. However, it could also hijack all TCP connections that pass through that VPN. That is to say, connections to databases, FTP servers or even entire websites of that server would be at risk.

According to the researchers who have detected the new vulnerability, the steps for the attack are as follows:

  1. Determining the VPN client’s virtual IP address.
  2. Using the virtual IP address to make inferences about active connections.
  3. finally, using the encrypted replies to unsolicited packets to determine the sequence and acknowledgment numbers of the active connection to hijack the TCP session.

Which systems are affected for this new vulnerability?

The affected systems are quite a lot because they cover different versions of Linux, as well as BSD and probably macOS.

So, the expert researchers, has drawn up a non-exhaustive list of distributions that are compromised. The list is as follows:

  • Ubuntu 19.10 (systemd)
  • Fedora (systemd)
  • Debian 10.2 (systemd)
  • Arch 2019.05 (systemd)
  • Manjaro 18.1.1 (systemd)
  • Devuan (sysV init)
  • MX Linux 19 (Mepis+antiX)
  • Linux Void (runit)
  • Slackware 14.2 (rc.d)
  • Deepin (rc.d)
  • FreeBSD (rc.d)
  • OpenBSD (rc.d)

So, we’re talking about a lot of Linux users.

What can we do about it?

This is a vulnerability that happens at a very technical level. Therefore, it is expected that Linux distributions will be launched to make the patch that definitively covers the vulnerability.

However, the experts give some possible temporary solutions:

  1. Turning reverse path filtering on
  2. Bogon filtering
  3. Encrypted packet size and timing

Anyway, keep your system up to date because the patch should be here soon.

So, for more information, I leave you the link to the original publication of the new vulnerability. There you will find many technical details about it.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to repair a USB drive in Windows 10.

Hi! USB sticks are undoubtedly very functional elements for working in Windows 10. Indeed, their use ranges from file management to creating...

How to install double-tap on back gesture on your Android

Hi, how are you? The double-tap on back gesture is one of the new functions available on Android 11 and IOS 14....

How to install KVM on Debian 10?

Hello friends, in this post I will show you how to install KVM on Debian 10. KVM stands for...

How to open Windows 10 Mobility Center

Hello! There are many types of users of Windows 10. As it depends on the type of hardware used. That is, the...

Ubuntu 20.04.1 available

Canonical, the company led by Mark Shuttleworth, releases Ubuntu 20.04.1. It has a new image, with updates and security patches for the...