Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎05-12-2024 08:56 PM
‎05-12-2024 08:56 PM

New attack leaks VPN traffic using rogue DHCP servers

HI All

 

A new attack dubbed "TunnelVision" can route traffic outside a VPN's encryption tunnel, allowing attackers to snoop on unencrypted traffic while maintaining the appearance of a secure VPN connection.

The method, described in detail in a report by Leviathan Security, relies on the abuse of Dynamic Host Configuration Protocol's (DHCP) option 121, which permits the configuration of classless static routes on a client's system.

The attackers set up a rogue DHCP server that alters the routing tables so that all VPN traffic is sent straight to the local network or a malicious gateway, never entering the encrypted VPN tunnel.

 

https://www.bleepingcomputer.com/news/security/new-tunnelvision-attack-leaks-vpn-traffic-using-rogue...

 

Regards

 

Caute_Cautim

 

 

Reply
0 Replies