From owner-freebsd-questions@freebsd.org Fri Nov 27 14:49:01 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2A13EA3A418 for ; Fri, 27 Nov 2015 14:49:01 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B82FB1619 for ; Fri, 27 Nov 2015 14:49:00 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by wmvv187 with SMTP id v187so73880921wmv.1 for ; Fri, 27 Nov 2015 06:48:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; bh=wzeyuZG2X9a34rprz8jyl+efp0/XbHtWoXRjw9vnt8I=; b=MEJSuEwjJC4eyCgWJMdHwPOnlVgqguxYN040NYMKRH4/qIZJVFhaR/o6CCJAubMftB 3KVyC221W2aCK23tuEpZX82AStiXqvz8hrKmLUfYp/ICvB0CN4KfAJTSYYlRxJTmpGPz lrD6sZQ5Il8f48G/XO7EEFs6SFM3hdIObIDivrx1Fv+msxpGPdT2Xmj1B81ZYOry0xI8 XurhMPJADFRXJjesyULemTRG/f/MmBEg6kjBDhWJCVyivQYQaSBYEP9V3p9mtZ8PMsdS t6XC54UaMRN1k+ADwtiqSmqgyj82iMb68kXQULhu9ndwXWORQQeMst8Lt/xquozcyGvv PJnw== X-Received: by 10.194.9.169 with SMTP id a9mr23470308wjb.60.1448635739175; Fri, 27 Nov 2015 06:48:59 -0800 (PST) Received: from gumby.homeunix.com ([94.8.70.38]) by smtp.gmail.com with ESMTPSA id 186sm7830990wmv.9.2015.11.27.06.48.57 for (version=TLSv1/SSLv3 cipher=OTHER); Fri, 27 Nov 2015 06:48:58 -0800 (PST) Date: Fri, 27 Nov 2015 14:48:08 +0000 From: RW To: freebsd-questions@freebsd.org Subject: Re: VPN security breach Message-ID: <20151127144808.6a0cc686@gumby.homeunix.com> In-Reply-To: <20151127104401.7fdfd5fd@Papi> References: <20151127104401.7fdfd5fd@Papi> X-Mailer: Claws Mail 3.13.0 (GTK+ 2.24.28; amd64-portbld-freebsd10.2) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Nov 2015 14:49:01 -0000 On Fri, 27 Nov 2015 10:44:01 -0300 Mario Lobo wrote: > Any comments on this? > > https://thehackernews.com/2015/11/vpn-hacking.html I don't follow that. I can see that an attacker might use an exit IP address to identify a private IP address inside the vpn, but I thought the client's real public IP address was only used to create a tunnel to the vpn.