Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Proceedings on Privacy Enhancing Technologies

4 Issues per year

Open Access
Online
ISSN
2299-0984
See all formats and pricing
More options …

A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients

Vasile C. Perta / Marco V. Barbera / Gareth Tyson / Hamed Haddadi / Alessandro Mei
Published Online: 2015-04-18 | DOI: https://doi.org/10.1515/popets-2015-0006

Abstract

Commercial Virtual Private Network (VPN) services have become a popular and convenient technology for users seeking privacy and anonymity. They have been applied to a wide range of use cases, with commercial providers often making bold claims regarding their ability to fulfil each of these needs, e.g., censorship circumvention, anonymity and protection from monitoring and tracking. However, as of yet, the claims made by these providers have not received a sufficiently detailed scrutiny. This paper thus investigates the claims of privacy and anonymity in commercial VPN services. We analyse 14 of the most popular ones, inspecting their internals and their infrastructures. Despite being a known issue, our experimental study reveals that the majority of VPN services suffer from IPv6 traffic leakage. The work is extended by developing more sophisticated DNS hijacking attacks that allow all traffic to be transparently captured.We conclude discussing a range of best practices and countermeasures that can address these vulnerabilities

Keywords : VPN; IPV6; DNS hijacking

References

  • [1] “Global surveillance disclosures (2013-present),” http://en. wikipedia.org/wiki/Global_surveillance_disclosures_(2013- present).Google Scholar

  • [2] R. Clayton, S. J. Murdoch, and R. N. Watson, “Ignoring the Great Firewall of China,” in Proceedings of the 6th Workshop on Privacy Enhancing Technologies. Springer, 2006, LNCS vol. 4258, pp. 20-35.Google Scholar

  • [3] S. Khattak, M. Javed, S. A. Khayam, Z. A. Uzmi, and V. Paxson, “A Look at the Consequences of Internet Censorship Through an ISP Lens,” in Proceedings of the 14th Conference on Internet Measurement. ACM, 2014, pp. 271-284.Google Scholar

  • [4] C. Abdelberi, T. Chen, M. Cunche, E. Decristofaro, A. Friedman, M. A. Kaafar et al., “Censorship in the Wild: Analyzing Internet Filtering in Syria,” in Proceedings of the 14th Conference on Internet Measurement. ACM, 2014, pp. 285-298.Google Scholar

  • [5] R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The second-generation Onion Router,” in Proceedings of the 13th USENIX Security Symposium. USENIX Association, 2004, pp. 303-320.Google Scholar

  • [6] R. Stedman, K. Yoshida, and I. Goldberg, “A user study of off-the-record messaging,” in Proceedings of the 4th Symposium on Usable Privacy and Security. ACM, 2008, pp. 95-104.Google Scholar

  • [7] “Whispersystems,” https://whispersystems.org.Google Scholar

  • [8] “BestVPN,” https://www.bestvpn.com.Google Scholar

  • [9] “Ultrasurf: the definitive review,” https://blog.torproject.org/ blog/ultrasurf-definitive-review.Google Scholar

  • [10] “Five Best VPN Service Providers,” http://lifehacker.com/ 5935863/five-best-vpn-service-providers, 2014.Google Scholar

  • [11] “10 Reasons to Use a VPN for Private Web Browsing,” http: //netforbeginners.about.com/od/readerpicks/tp/Reasons-to- Use-a-VPN-Service.htm.Google Scholar

  • [12] “Naked Security Blog: What is your phone saying behind your back?” http://nakedsecurity.sophos.com/2012/10/02/ what-is-your-phone-saying-behind-your-back.Google Scholar

  • [13] “Firesheep,” http://en.wikipedia.org/wiki/Firesheep.Google Scholar

  • [14] “Session hijacking,” http://en.wikipedia.org/wiki/Session_ hijacking.Google Scholar

  • [15] N. Sastry, J. Crowcroft, and K. R. Sollins, “Architecting Citywide Ubiquitous Wi-FiAccess,” in 6th Workshop on Hot Topics in Networks. ACM, 2007.Google Scholar

  • [16] “5 Best VPNs in China,” http://www.bestvpn-china.com/blog/ 9690/5-best-vpns-in-china-2014-update/.Google Scholar

  • [17] J. Appelbaum, M. Ray, K. Koscher, and I. Finder, “vpwns: Virtual pwned networks,” in 2nd USENIX Workshop on Free and Open Communications on the Internet. USENIX Association, 2012.Google Scholar

  • [18] M. Marlinspike, “Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate,” https://www.cloudcracker.com/ blog/2012/07/29/cracking-ms-chap-v2, 2012.Google Scholar

  • [19] F. Gont, “Virtual Private Network (VPN) traffic leakages in dual-stack hosts/networks,” 2012.Google Scholar

  • [20] “Best VPN: 4 ways to prevent a DNS leak when using VPN,” https://www.bestvpn.com/blog/5184/4-ways-to-prevent-adns- leak-when-using-vpn.Google Scholar

  • [21] A. Serjantov and P. Sewell, “Passive attack analysis for connection-based anonymity systems,” in Proceedings of the 8th European Symposium on Research in Computer Security. Springer, 2003, LNCS vol. 2808, pp. 116-131.Google Scholar

  • [22] B. N. Levine, M. K. Reiter, C. Wang, and M. Wright, “Timing attacks in low-latency mix systems,” in Proceedings of the 8th International Conference on Financial Cryptography. Springer, 2004, LNCS vol. 3110, pp. 251-265.Google Scholar

  • [23] S. J. Murdoch and P. Zieli ´ nski, “Sampled traffic analysis by internet-exchange-level adversaries,” in Proceedings of the 7th Privacy Enhancing Technologies Symposium. Springer, 2007, LNCS vol. 4776, pp. 167-183.Google Scholar

  • [24] A. Johnson, C. Wacek, R. Jansen, M. Sherr, and P. Syverson, “Users get routed: Traffic correlation on Tor by realistic adversaries,” in Proceedings of the 2013 Conference on Computer & Communications Security. ACM, 2013, pp. 337-348.Google Scholar

  • [25] R. Dingledine, N. Hopper, G. Kadianakis, and N. Mathewson, “One fast guard for life (or 9 months),” in 7th Workshop on Hot Topics in Privacy Enhancing Technologies. HotPETs, 2014.Google Scholar

  • [26] R. Dingledine and N. Mathewson, “Anonymity Loves Company: Usability and the Network Effect,” in 5th Workshop on the Economics of Information Security, 2006.Google Scholar

  • [27] T. Elahi, K. Bauer, M. AlSabah, R. Dingledine, and I. Goldberg, “Changing of the guards: A framework for understanding and improving entry guard selection in Tor,” in Proceedings of the 2012 ACM Workshop on Privacy in the Electronic Society. ACM, 2012, pp. 43-54.Google Scholar

  • [28] “Tor Project Blog: Improving Tor’s anonymity by changing guard parameters,” https://blog.torproject.org/blog/improvingtors- anonymity-changing-guard-parameters, 2013.Google Scholar

  • [29] “Tor Project Blog: Traffic correlation using netflows,” https: //blog.torproject.org/blog/traffic-correlation-using-netflows, 2014.Google Scholar

  • [30] B. Schneier, D. Wagner et al., “Cryptanalysis of Microsoft’s PPTP Authentication Extensions (MS-CHAPv2),” in Secure Networking - CQRE (Secure). Springer, 1999, LNCS vol. 1740, pp. 192-203.Google Scholar

  • [31] J. Czyz, M. Allman, J. Zhang, S. Iekel-Johnson, E. Osterweil, and M. Bailey, “Measuring IPv6 Adoption,” in Proceedings of the 2014 ACM Conference on SIGCOMM. ACM, 2014, pp. 87-98.Google Scholar

  • [32] C. Metz, “Protocol independence using the sockets API,” in FREENIX Track, 2000 USENIX Annual Technical Conference. USENIX Association, 2000.Google Scholar

  • [33] “Happy Eyeballs: Success with Dual-Stack Hosts,” http:// tools.ietf.org/html/rfc6555.Google Scholar

  • [34] “THC-IPV6 Attack Toolkit,” https://www.thc.org/thc-ipv6/ README.Google Scholar

  • [35] “Hurricane Electric Free IPv6 Tunnel Broker,” https://www. tunnelbroker.net/.Google Scholar

  • [36] A. Dhamdhere, M. Luckie, B. Huffaker, A. Elmokashfi, E. Aben et al., “Measuring the deployment of IPv6: topology, routing and performance,” in Proceedings of the 12th Conference on Internet Measurement. ACM, 2012, pp. 537-550.Google Scholar

  • [37] B. Miller, L. Huang, A. D. Joseph, and J. D. Tygar, “I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis,” in Proceedings of the 14th Privacy Enhancing Technologies Symposium. Springer, 2014, LNCS vol. 8555, pp. 143-163.Google Scholar

  • [38] S. Chen, R. Wang, X. Wang, and K. Zhang, “Side-channel leaks in web applications: A reality today, a challenge tomorrow,” in Proceedings of the 2010 IEEE Symposium on Security and Privacy. IEEE, 2010, pp. 191-206.Google Scholar

  • [39] M. Marlinspike, “sslstrip,” http://www.thoughtcrime.org/ software/sslstrip/.Google Scholar

  • [40] B. Krishnamurthy and C. E. Wills, “Generating a privacy footprint on the Internet,” in Proceedings of the 6th Conference on Internet Measurement. ACM, 2006, pp. 65-70.Google Scholar

  • [41] B. Krishnamurthy, D. Malandrino, and C. E. Wills, “Measuring Privacy Loss and the Impact of Privacy Protection in Web Browsing,” in Proceedings of the 3rd Symposium on Usable Privacy and Security. ACM, 2007, pp. 52-63.Google Scholar

  • [42] B. Krishnamurthy and C. Wills, “Privacy diffusion on the Web: a longitudinal perspective,” in Proceedings of the 18th International Conference on World Wide Web. ACM, 2009, pp. 541-550.Google Scholar

  • [43] “Alexa Top Sites,” http://www.alexa.com/.Google Scholar

  • [44] “Selenium WebDriver,” http://www.seleniumhq.org.Google Scholar

  • [45] “Google Play Unofficial Python API,” https://github.com/ egirault/googleplay-api.Google Scholar

  • [46] N. Viennot, E. Garcia, and J. Nieh, “A Measurement Study of Google Play,” in Proceedings of the 2014 ACM International Conference on Measurement and Modeling of Computer Systems. ACM, 2014, pp. 221-233.Google Scholar

  • [47] C. Castelluccia, M.-A. Kaafar, and M.-D. Tran, “Betrayed by Your Ads!” in Proceedings of the 12th Privacy Enhancing Technologies Symposium. Springer, 2012, LNCS vol. 7384, pp. 1-17.Google Scholar

  • [48] “IPv6-enabled BitTorrent Peers,” https://www.vyncke.org/ ipv6status/p2p.php.Google Scholar

  • [49] M. Defeche, “Measuring IPv6 Traffic in BitTorrent Networks,” 2012, IETF Internet Draft.Google Scholar

  • [50] “DNS Processes and Interactions,” https://technet.microsoft. com/en-us/library/dd197552(v=ws.10).aspx.Google Scholar

  • [51] “OpenVPN,” https://openvpn.net/index.php/open-source.html.Google Scholar

  • [52] A. Herzberg and H. Shulman, “Retrofitting Security into Network Protocols: The Case of DNSSEC,” Internet Computing, IEEE, vol. 18, no. 1, pp. 66-71, 2014.Google Scholar

  • [53] “Security Enhancements in Android 4.4,” http://forum.xdadevelopers. com/showpost.php?p=48703545.Google Scholar

  • [54] Y. Elkhatib, G. Tyson, and M. Welzl, “Can SPDY Really Make the Web Faster?” in Proceedings of the IFIP Networking 2014 Conference, 2014, pp. 1-9.Google Scholar

  • [55] “Tor Project: TorifyHOWTO,” https://trac.torproject.org/ projects/tor/wiki/doc/TorifyHOWTO.Google Scholar

  • [56] “Tor Project Blog: Bittorrent over Tor isn’t a good idea,” https: //blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea.Google Scholar

  • [57] “Tails: The Amnesic Incognito Live System,” https://tails. boum.org.Google Scholar

  • [58] “Whonix Operating System,” https://www.whonix.org/wiki/ About.Google Scholar

  • [59] L. Fazal, S. Ganu, M. Kappes, A. S. Krishnakumar, and P. Krishnan, “Tackling security vulnerabilities in VPN-based wireless deployments,” in 2004 IEEE International Conference on Communications, vol. 1. IEEE, 2004, pp. 100-104.Google Scholar

  • [60] F. Gont and W. Liu, “Security Implications of IPv6 on IPv4 Networks,” 2014, RFC 7123.Google Scholar

  • [61] L. Olejnik, C. Castelluccia, A. Janc et al., “Why Johnny can’t browse in peace: On the uniqueness of Web browsing history patterns,” in 5th Workshop on Hot Topics in Privacy Enhancing Technologies, 2012.Google Scholar

  • [62] D. Perito, C. Castelluccia, M. A. Kaafar, and P. Manils, “How unique and traceable are usernames?” in Proceedings of the 11th Privacy Enhancing Technologies Symposium. Springer, 2011, LNCS vol. 6794, pp. 1-17.Google Scholar

  • [63] P. Eckersley, “How unique is your Web Browser?” in Proceedings of the 10th Privacy Enhancing Technologies Symposium. Springer, 2010, LNCS vol. 6205, pp. 1-18. Google Scholar

About the article

Received: 2014-11-22

Revised: 2015-02-17

Accepted: 2015-02-16

Published Online: 2015-04-18

Published in Print: 2015-04-01


Citation Information: Proceedings on Privacy Enhancing Technologies, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2015-0006.

Export Citation

© 2015. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. BY-NC-ND 3.0

Comments (0)

Please log in or register to comment.
Log in