VPN traffic leaks in IPv6/IPv4 dual-stack networks/hosts

To: tech-net%NetBSD.org@localhost
Subject: VPN traffic leaks in IPv6/IPv4 dual-stack networks/hosts
From: Fernando Gont <fernando%gont.com.ar@localhost>
Date: Tue, 27 Nov 2012 12:04:26 -0300

Folks,

FYI. This is might affect NetBSD users employing e.g. OpenVPN:
<http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages>.

For a project such as OpenVPN, a (portable) fix might be non-trivial.
However, I guess NetBSD might hook some PF rules when establishing the
VPN tunnel, such that e.g. all v6 traffic is filtered (yes, this is
certainly not the most desirable fix, but still probably better than
having your supposedly-secured traffic being sent in the clear).

P.S.: Please check the corresponding thread (same "Subject") on the
tech%openbsd.org@localhost mailing-list, since they have some patches for some 
of
these issues...

Thanks,
-- 
Fernando Gont
e-mail: fernando%gont.com.ar@localhost || fgont%si6networks.com@localhost
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

Follow-Ups:
- Re: VPN traffic leaks in IPv6/IPv4 dual-stack networks/hosts
  - From: Darren Reed

Prev by Date: You have (1) new ecard!
Next by Date: Re: VPN traffic leaks in IPv6/IPv4 dual-stack networks/hosts
Previous by Thread: You have (1) new ecard!
Next by Thread: Re: VPN traffic leaks in IPv6/IPv4 dual-stack networks/hosts
Indexes:

Home | Main Index | Thread Index | Old Index