{"id":13086,"date":"2024-08-27T19:02:18","date_gmt":"2024-08-27T19:02:18","guid":{"rendered":"http:\/\/127.0.0.1\/?p=13086"},"modified":"2024-08-27T19:02:19","modified_gmt":"2024-08-27T19:02:19","slug":"tunnelvision-protection-for-any-vpn","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/2024\/08\/27\/tunnelvision-protection-for-any-vpn\/","title":{"rendered":"TunnelVision Protection for Any VPN"},"content":{"rendered":"\n<p id=\"ember2105\">Recently, researchers have identified a bug in VPNs, named <a href=\"https:\/\/arstechnica.com\/security\/2024\/05\/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose\/\">TunnelVision<\/a>, where bad actors can take advantage of built-in features of DHCP servers (the servers that assign IP addresses) to expose and snoop VPN traffic. The researchers believe that the bug has been around since 2002 and may have been exploited since then.<\/p>\n\n\n\n<p id=\"ember2106\">The researchers suggest mitigations to secure the VPN tunnel, but most are non-starters for many organizations\u2212such as real-time packet inspection, changing operating systems, implementing a patch to the DHCP protocol on your infrastructure, or using VMs to contain the damage\u2212because they are resource-intensive or very hard to implement. They also disclose that even if you include firewall mitigations, those mitigations can still introduce side-channel attacks that expose new vulnerabilities.<\/p>\n\n\n\n<p id=\"ember2107\">At Great Wing, we\u2019ve developed advanced network defenses that prevent this vulnerability with our flagship DefenceDome\u2122 Wormhole\u2122 protocol orchestrated by the Ghost\u2122 agent.<\/p>\n\n\n\n<p id=\"ember2108\">The Wormhole\u2122 protocol contains packet-tampering detection capabilities so if attackers attempt to exploit TunnelVision and perform a man-in-the-middle, the Ghost\u2122 agent will detect traffic inconsistencies, adjust to block the attacker, and reroute traffic to its appropriate destination.<\/p>\n\n\n\n<p id=\"ember2109\">Not only does Wormhole\u2122 protocol prevent DHCP vulnerabilities, it also solves most of the problems inherent to TCP\/IP by translating it to the Wormhole protocol and back again to TCP\/IP. Wormhole\u2122 turns network traffic into multiple puzzles and sends them via a very large number of messengers from many sources to many destinations.<\/p>\n\n\n\n<p id=\"ember2110\">For a bad actor to solve the puzzles, they must intercept all the pieces, arrange them in the right sequence, and know which pieces belong to which puzzle. And even if one were to reconstruct the puzzles \u2013 which is nearly impossible \u2013 it is encrypted using a very long symmetric key that changes periodically. This proprietary method for data transfer is also safe from quantum computers.<\/p>\n\n\n\n<p id=\"ember2111\">The Ghost\u2122 translates TCP\/IP into the Wormhole protocol and back again to TCP\/IP. It doesn\u2019t remain at a specific IP address or port, but jumps between IP addresses and isn\u2019t accessible to anyone on any network. The DHCP parameters in the Ghost are automatically compiled each time the Ghost is running. Since no one can access the Ghost, no one can change the parameters.<\/p>\n\n\n\n<p id=\"ember2112\">If packets arrive from a different DHCP server on the internet, they will be blocked by the Ghost at each site on the network because of the zero-trust environment of the Wormhole, even though they are in the Wormhole protocol.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"549\" height=\"228\" src=\"http:\/\/127.0.0.1\/wp-content\/uploads\/2024\/08\/image.png\" alt=\"\" class=\"wp-image-13087\" srcset=\"http:\/\/127.0.0.1\/wp-content\/uploads\/2024\/08\/image.png 549w, http:\/\/127.0.0.1\/wp-content\/uploads\/2024\/08\/image-300x125.png 300w\" sizes=\"auto, (max-width: 549px) 100vw, 549px\" \/><figcaption class=\"wp-element-caption\">DefenceDome\u2122 Wormhole\u2122 protocol orchestrated by the Ghost\u2122<\/figcaption><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\" id=\"ember2114\">Other vulnerabilities inherent in VPNs<\/h3>\n\n\n\n<p id=\"ember2115\">Two VPNs widely used today are FortiGate and Checkpoint. To protect a corporate network using these VPNs and others, you need authentication software or two-way authentication, often using your mobile phone. A bad actor who replicates remote users\u2019 hard drives and hacks their mobile phones has full access to their corporate network, unbeknownst to them. In the hard drive, they can find the username, password, corporate IP addresses, public keys, and more.<\/p>\n\n\n\n<p id=\"ember2116\"><strong>With DefenceDome, users can continue using any VPN and the vulnerabilities mentioned above are solved once they add DefenceDome to their system. Even if a bad actor succeeds in replicating a user\u2019s computer and hacking their phone and has access to text messages, emails, usernames, and passwords, the bad actor still cannot access the corporate network.<\/strong><\/p>\n\n\n\n<p id=\"ember2117\">DefenceDome also provides:<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<ul class=\"wp-block-list\">\n<li>Zero-trust environment<\/li>\n\n\n\n<li>Protection from Denial of Service (DoS) attacks<\/li>\n\n\n\n<li>Protection from eavesdropping<\/li>\n\n\n\n<li>Protection from any direct attack on the corporate servers (because they don\u2019t have internet access with our solution)<\/li>\n\n\n\n<li>Quantum-resistant encryption<\/li>\n\n\n\n<li>Secure VPN-like pathway<\/li>\n\n\n\n<li>Reports of attempted attacks<\/li>\n<\/ul>\n<\/div><\/div>\n\n\n\n<p id=\"ember2125\">To learn more about DefenceDome technology and how it can protect data in transit for any network without the need to change the network infrastructure, software, or tools contact<a href=\"mailto:info@greatwing.com\"> info@greatwing.com<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recently, researchers have identified a bug in VPNs, named TunnelVision, where bad actors can take advantage of built-in features of DHCP servers (the servers that assign IP addresses) to expose and snoop VPN traffic. The researchers believe that the bug has been around since 2002 and may have been exploited since then. The researchers suggest [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":13088,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-13086","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"_links":{"self":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/13086","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=13086"}],"version-history":[{"count":1,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/13086\/revisions"}],"predecessor-version":[{"id":13089,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/13086\/revisions\/13089"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media\/13088"}],"wp:attachment":[{"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=13086"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=13086"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=13086"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}