- Report this article
Glen Newell (He,Him)
Glen Newell (He,Him)
OSINT/DFIR, Investigations and security consulting
Published May 7, 2024
+ Follow
One thing that's always recommended when we discuss privacy and security while using the internet, is the use of a VPN. While it can be argued that a VPN is not necessary in every case, and in fact might not actually protect you as you might think it would, it's still a really good idea in a wide variety of situations:
This is a really interesting write-up of a potential vulnerability that both explains how a VPN works and some of the stuff going on under the hood when you connect to the internet, and also demonstrates how a VPN might be defeated.
https://www.leviathansecurity.com/blog/tunnelvision
I like the mitigations they suggest, but they are pretty technical and not really practical in my experience for most people ( Not to mention that in this article and proof of concept, the application in a Microsoft environment isn't really well addressed, for understandable reasons from a researchers point of view) . Since the central issue is the use of a DHCP server in the local environment this is both the main vulnerability and begs the easiest solution: don't use a DHCP client for secure communications if you can possibly help it. This also isn't usually practical for folks who connect to multiple public networks- you'd have to enable and disable DHCP along with connecting/disconnecting from the VPN in order to use each network: this can be scripted or done manually, but it's an extra level of 'needing to do something every time' and can be a training issue : I'd guess at best you'd get 2/3 of users to do it if it wasn't completely automated. The detections are a similar issue: they have to both be implemented and responded to. This also can be done automatically and even invisibly to the user, but it's still policy and action intensive- not really practical for a user or even a medium-sized business to accomplish on their own consistently .
Recommended by LinkedIn
So, the question I'd anticipate - and have heard and seen discussed- from most people concerned about this, regardless of their technical level is- should I bother with a VPN at all?
In this specific case, it's relevant to note that there isn't evidence of this actually having been in use (yet) and also the exploit would require some level of local administrative access. Note that the DHCP client need not be altered, you'd just be taking advantage of the way DHCP works , but you do need the client to accept DHCP from a source you control to take advantage of it. While most 'attackers' would consider this trivial, it seems like it's pretty specific : and at that level, you would have other problems you'd be dealing with as well that have to do with someone hiding in your local network environment.
All of that having been said: having and using a VPN is just one layer of internet security. Think of it as one more thing you can do to protect yourself, your business, your work, your data. The point is that to really be effective, it has to be used along with other measures and policies in order to 'work' for you.
If you have questions ( or comments) regarding cyber security and personal data provicy, my DMs are always open .
Like
Celebrate
Support
Love
Insightful
Funny
1
1 Comment
Jeff F.
Systems and Network Consultant
3mo
- Report this comment
Why is this a problem? Supposedly anyone that works remote doesn't work at all. 😊
1Reaction 2Reactions
To view or add a comment, sign in
More articles by this author
No more previous content
- Some thoughts on OSINT , Infuence, Propaganda and Protest Movements May 1, 2024
No more next content
Sign in
Stay updated on your professional world
Sign in
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Insights from the community
- Internet Services How do you overcome common risks in internet services?
- Network Security What are the essential factors to keep in mind when testing a VPN?
- Telecommunications Engineering How can you update GPRS security protocols for effective encryption?
- Network Security How can you train users to use VPNs securely?
- Computer Science How does a router work?
- Computer Networking How can you secure your VPN with IDS/IPS?
- Cybersecurity What role does a VPN play in securing WiFi voice calls?
- Cybersecurity How can setting up a VPN on your router enhance device security?
- Cybersecurity How does setting up a VPN on your router enhance your internet security?
- Network Security What are the benefits of using a VPN for improving your network security?
Others also viewed
- Symlex VPN: Bridging the Gap between Security and Convenience Symlex VPN 11mo
- Understanding Double VPN: How Does It Work? Symlex VPN 1y
- My Favorite VPN and Why You May Need It Steve Ryan 4mo
- How to Stay Safe on Public Wi-Fi Stan Kats 1y
- VPN Risk and non-Risk... Dominic A. 3y
- VPNs and Cybersecurity Lazarus Alliance, Inc. 8mo
- The Best VPN Services of 2017 Lawrence Dring 7y
- Why You Should Invest in a VPN Kirkham IronTech 9mo
- CYBER RISKS ASSOCIATED WITH THE USE OF VIRTUAL PRIVATE NETWORKS (VPNs) Chimaobim Umunna 3y
Explore topics
- Sales
- Marketing
- IT Services
- Business Administration
- HR Management
- Engineering
- Soft Skills
- See All