# [CVE-2019-14899] hijacking VPN-tunneled TCP connections

## e3k

[CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections.

 *Quote:*   

> We have discovered a vulnerability in Linux, FreeBSD, OpenBSD, MacOS,
> 
> iOS, and Android which allows a malicious access point, or an adjacent
> 
> user,  to determine if a connected user is using a VPN, make positive
> ...

 

----------

## Anon-E-moose

 *Quote:*   

> Most of the Linux distributions we tested were vulnerable, especially
> 
> Linux distributions that use a version of systemd pulled after November
> 
> 28th of last year which turned reverse path filtering off. However, we
> ...

 

So if not using ipv6 then turning the filtering back on works fine.

----------

## A.S. Pushkin

I have just signed up for ExpressVPN. Am I wasting my time and creating more security problems?

I'm not using it with Gentoo yet, but with a laptop running Linux Mint. I note that when trying

to access the Gentoo Forum with the laptop the Forum webpage says "You've been banned from this web site.

Is this VPN a problem, are there others that users would prefer?

TIA

----------

## Tony0945

 *A.S. Pushkin wrote:*   

> , but with a laptop running Linux Mint.TIA

 

Mint uses systemd unless you are running a very old (years old) Mint.

----------

## NeddySeagoon

A.S. Pushkin,

The forums gets lots of spam via VPN. We can and do set IP bans to keep the noise and work down.

Its possible that a spammer had the IP you are using to connect to the forum and it got banned.

You will need to test with something like  https://whatismyipaddress.com/

Do not post more information here. email forum-mods @ g.o (spoilt) with the detail.

Having VPN exit points blocked is a feature of using a public VPN.

----------

## davewoski

 *A.S. Pushkin wrote:*   

> I have just signed up for ExpressVPN. Am I wasting my time and creating more security problems?
> 
> I'm not using it with Gentoo yet, but with a laptop running Linux Mint. I note that when trying
> 
> to access the Gentoo Forum with the laptop the Forum webpage says "You've been banned from this web site.
> ...

 

Dude, I just signed up again because it showed that I have been banned so I tried a different vpn because with last vpn I was using, my ip wasn't changing after connecting as well.

Sometimes, ip tools show a cache version but this time, it was real because I received a ban message.

----------

## Tony0945

I inadvertantly tried to access the forum with my VPN. I got "forum.gentoo.org" is not responding. Shut off the tunnel and all is fine.

Actually, this morning I couldn't connect to anyone. Maybe Torguard is having problems. Maybe everywhere I go they are banning VPN.

----------

## pjp

 *Tony0945 wrote:*   

> I inadvertantly tried to access the forum with my VPN. I got "forum.gentoo.org" is not responding. Shut off the tunnel and all is fine.
> 
> Actually, this morning I couldn't connect to anyone. Maybe Torguard is having problems. Maybe everywhere I go they are banning VPN.

  You may want to (re?)read NeddySeagoon's earlier post in this thread.

VPN is itself not banned. Although it is possible some IPs used by VPN services may have been banned due to spam. Also at one time, tor was blocked. For a period, that was not true for technical reasons, but I don't know the current status on whether or not tor is allowed or blocked.

----------

## Tony0945

 *pjp wrote:*   

> You may want to (re?)read NeddySeagoon's earlier post in this thread.

 

No, I'm aware that you can't access the foruns with VPN. "Inadvertantly". I used to be able to contact my banks and my broker with VPN. Why should my ISP eavesdrop on my financial business?

----------

## Hu

If your bank and broker are at all competent, all their traffic will be over https, so the only thing your ISP can see is that you are interacting with the bank/broker, but not what you are doing.

Remember that a VPN just changes who gets to see your traffic.  If your VPN provider wants to snoop, they can see all the things that your ISP would have seen if you had not used the VPN.

----------

## Tony0945

@Hu   

True.

----------

