tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

VPN traffic leaks in IPv6/IPv4 dual-stack networks/hosts



Folks,

FYI. This is might affect NetBSD users employing e.g. OpenVPN:
<http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages>.

For a project such as OpenVPN, a (portable) fix might be non-trivial.
However, I guess NetBSD might hook some PF rules when establishing the
VPN tunnel, such that e.g. all v6 traffic is filtered (yes, this is
certainly not the most desirable fix, but still probably better than
having your supposedly-secured traffic being sent in the clear).

P.S.: Please check the corresponding thread (same "Subject") on the
tech%openbsd.org@localhost mailing-list, since they have some patches for some 
of
these issues...

Thanks,
-- 
Fernando Gont
e-mail: fernando%gont.com.ar@localhost || fgont%si6networks.com@localhost
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1





Home | Main Index | Thread Index | Old Index