Hello and welcome to the Thursday, August 10th,

2000,

3 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich,

and today I'm recording from Jacksonville, Florida.

Well, let's start out with a couple of VPN issues.

The first one is a paper that was presented at the Eusnix conference by researchers from the New York University as well as KU. Lüven. And they call the attack Tunnel Crack. It's pretty straightforward, actually. And the first part I don't think is that terribly surprising, which essentially

affects VPNs and the ability to trick a victim into sending traffic outside of the VPN.

The first one affects clients that are connected to untrusted networks, and that's, of course,

when you usually use a VPN for the famous coffee shop, Wi-Fi network and such. And what the attacker does

here, if the attacker would like to intercept traffic to a particular IP address, they just

assign the victim in this Wi-Fi network an IP address inside that

particular network. So they basically claim that this network that the victim is trying to reach

is the local network. Packets inside the local network are usually not going through the VPN. After all,

you may need to get

past captive portals and such. So that's the first attack that they call the local net attack.

The other one is the server IP attack, as they call it. This one is a little bit more tricky,

and it relies on VPN clients

often not encrypting traffic that's actually going to the VPN server. And what this means really

is it's trying to sort of avoid this double encryption where you basically set up a tunnel to the VPN

server. If you're now trying to send traffic to the VPN

server directly, well, that traffic is not encrypted. Otherwise, the VPN sort of would encrypt itself.

...