From owner-freebsd-questions@freebsd.org  Fri Nov 27 15:31:43 2015
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 79D74A3AF38
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Fri, 27 Nov 2015 15:31:43 +0000 (UTC)
 (envelope-from guru@unixarea.de)
Received: from ms-10.1blu.de (ms-10.1blu.de [178.254.4.101])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 3A8441E33
 for <freebsd-questions@freebsd.org>; Fri, 27 Nov 2015 15:31:42 +0000 (UTC)
 (envelope-from guru@unixarea.de)
Received: from [93.104.1.37] (helo=localhost.unixarea.de)
 by ms-10.1blu.de with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.76) (envelope-from <guru@unixarea.de>) id 1a2KNN-0000lk-85
 for freebsd-questions@freebsd.org; Fri, 27 Nov 2015 15:51:53 +0100
Received: from localhost.my.domain (c720-r276659 [127.0.0.1])
 by localhost.unixarea.de (8.14.9/8.14.9) with ESMTP id tAREpouq002062
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
 for <freebsd-questions@freebsd.org>; Fri, 27 Nov 2015 15:51:51 +0100 (CET)
 (envelope-from guru@unixarea.de)
Received: (from guru@localhost)
 by localhost.my.domain (8.14.9/8.14.9/Submit) id tAREpnMA002061
 for freebsd-questions@freebsd.org; Fri, 27 Nov 2015 15:51:49 +0100 (CET)
 (envelope-from guru@unixarea.de)
X-Authentication-Warning: localhost.my.domain: guru set sender to
 guru@unixarea.de using -f
Date: Fri, 27 Nov 2015 15:51:48 +0100
From: Matthias Apitz <guru@unixarea.de>
To: freebsd-questions@freebsd.org
Subject: Re: VPN security breach
Message-ID: <20151127145148.GA2047@c720-r276659.oa.oclc.org>
Reply-To: Matthias Apitz <guru@unixarea.de>
Mail-Followup-To: Matthias Apitz <guru@unixarea.de>,
 freebsd-questions@freebsd.org
References: <20151127104401.7fdfd5fd@Papi>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20151127104401.7fdfd5fd@Papi>
X-Operating-System: FreeBSD 11.0-CURRENT r269739 (i386)
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Con-Id: 51246
X-Con-U: 0-guru
X-Originating-IP: 93.104.1.37
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Nov 2015 15:31:43 -0000

El día Friday, November 27, 2015 a las 10:44:01AM -0300, Mario Lobo escribió:

> Any comments on this?
> 
> https://thehackernews.com/2015/11/vpn-hacking.html

$ netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags      Netif Expire
default            192.168.2.1        UGS       wlan0
10.0.1.0/24        10.49.94.103       UGS        tun0
10.13.1.0/24       10.49.94.103       UGS        tun0
...

i.e. my default route goes to the WLAN AP in my home with an unreachable
private IP addr. So what?

	matthias

-- 
Matthias Apitz, ✉ guru@unixarea.de, 🌐 http://www.unixarea.de/  ☎ +49-176-38902045