UA-9726592-1

Wednesday, December 31, 2014

Watch out for this VPN hack!

Have been using Virtual Private Network (VPN) on and off for a couple of years. Until recently, had major problems getting a VPN to work on Linux. Inclined to believe that Brighthouse was blocking the well known Open DNS ports.  Astrill VPN changed all of that.

Open VPN is more secure than the ancient Point-to-Point Tunneling Protocol (PPTP) and the Cisco Layer 2 Tunneling Protocol (L2TP) which is aged, too.

One way to check the integrity of a VPN is to use the DNS leak test at https://www.dnsleaktest.com/


Astrill VPN appeared to have some issues with the DNS leak test. Suspect someone. probably the federal government, has developed a technique, to track or hack VPN activity.
.
After installing the Astrill VPN, I noticed both Yahoo and Google DNS servers were aware of the VPN. After attempting to block these servers in my firewall, I used http://www.whatsmyip.org/whois-dns-lookup/,  which identified a CIDR address for the Yahoo network.

Unless you have an WAN networking background, you are unlikely to know what a CIDR address is. The CIDR address allowed me to block the entire offending networks from the VPN. 

I used the Astrill Settings | Site Filter | Exclude These Sites option and added these addresses: 98.136.0.0/14, 38.0.0.0/8 and 74.125.0.0/16

After making the change, the DNS leak test indicated the VPN was functioning normally.

Of interest, this solution worked on both Windows Mint 17.1 and Windows 7 laptops.

BTW the 38.0.0.0/8 belongs to PSI Net, an old Darpanet contractor that has worked with NSA for many years. PSI net developed Dropbox,a a program that Ed Snowden suggests Internet users should avoid.

While writing this article another VPN interloper popped up, Google.com with the 174.125.00/16 network address. The first CIDR address (198.36.0.0/14) keeps Yahoo.com out of my VPN.

Think of the VPN network as all of the connections between your PC and VPN server.  Blocking Yahoo and Google addresses in the VPN connection will not prevent you from getting to the Yahoo web site or from receiving Gmail.


Subscribe to the Rightardia feed: http://feeds.feedburner.com/blogspot/UFPYA 
  Creative Commons License

Rightardia by Rightard Whitey of Rightardia is licensed under a Creative Commons Attribution 3.0 Unported License.

Permissions beyond the scope of this license may be available at rightardia@gmail.com.

1 comment:

Anonymous said...
This comment has been removed by a blog administrator.