DeepAI AI Chat
Log In Sign Up

Client-side Vulnerabilities in Commercial VPNs

by   Thanh Bui, et al.

Internet users increasingly rely on commercial virtual private network (VPN) services to protect their security and privacy. The VPN services route the client's traffic over an encrypted tunnel to a VPN gateway in the cloud. Thus, they hide the client's real IP address from online services, and they also shield the user's connections from perceived threats in the access networks. In this paper, we study the security of such commercial VPN services. The focus is on how the client applications set up VPN tunnels, and how the service providers instruct users to configure generic client software. We analyze common VPN protocols and implementations on Windows, macOS and Ubuntu. We find that the VPN clients have various configuration flaws, which an attacker can exploit to strip off traffic encryption or to bypass authentication of the VPN gateway. In some cases, the attacker can also steal the VPN user's username and password. We suggest ways to mitigate each of the discovered vulnerabilities.


page 1

page 2

page 3

page 4


Holes in the Geofence: Privacy Vulnerabilities in "Smart" DNS Services

Smart DNS (SDNS) services advertise access to "geofenced" content (typic...

Very Pwnable Network: Cisco AnyConnect Security Analysis

Corporate Virtual Private Networks (VPNs) enable users to work from home...

Practical Traffic Analysis Attacks on Secure Messaging Applications

Instant Messaging (IM) applications like Telegram, Signal, and WhatsApp ...

Data Analysis: Communicating with Offshore Vendors using Instant Messaging Services

The purpose of this study is to find whether the choice of correct analy...

Tails Tor and other tools for Safeguarding Online Activities

There are not many known ways to break Tor anonymity, and they require a...

Lost and Found: Stopping Bluetooth Finders from Leaking Private Information

A Bluetooth finder is a small battery-powered device that can be attache...

How Do Tor Users Interact With Onion Services?

Onion services are anonymous network services that are exposed over the ...