How TunnelVision Can Bypass Your VPN and Break the Internet: Vulnerability Explained

preview_player
Показать описание
TunnelVision is a new vulnerability that lets any attacker that pretends to be a DHCP server to inject any IP address routes into your computer’s routing table. This potentially lets them redirect traffic so it doesn’t go through your VPN, create a denial of service, or even man-in-the-middle your network traffic.

In this video, you’ll see the attack happen live in action, how it works, and bigger cybersecurity consequences for it besides just turning off some someone’s VPN.

0:00 Introduction to Tunnel Vision Vulnerability
0:16 Demonstration of the attack in a lab environment
1:44 Explanation of the attack scenario
2:20 Effects of the Tunnel Vision attack on VPN protection
3:00 Risks associated with the vulnerability
4:10 Potential impact on critical infrastructure
4:33 Mitigation strategies for VPN users
5:00 Using virtual machines for added security
5:18 Considerations for using mobile hotspots
5:28 Setting up firewall rules to prevent attacks
5:40 Endpoint detection response (EDR) solutions
5:50 Network security monitoring tools
6:12 The importance of understanding networking fundamentals
7:03 Conclusion and invitation for discussion

More Info:

👍 LIKE AND SUBSCRIBE 👏

#TunnelVision #Teleseer #Cyberspatial​ #VPN

Get next-gen PCAP visualization and analysis at:
  1. Cyberspatial
  2. tunnel vision
  3. VPN
  4. network attack
  5. how tunnel vision works
  6. secure VPN
Рекомендации по теме
How TunnelVision Can 0:07:47

How TunnelVision Can Bypass Your VPN and Break the Internet: Vulnerability Explained

TunnelVision VPN Bypass 0:00:37

TunnelVision VPN Bypass Vulnerability

New ‘TunnelVision’ Technique 0:02:35

New ‘TunnelVision’ Technique Threatens VPN Security: How to Bypass VPN Blocks and Maintain Anonymity...

CVE-2024-3661 TunnelVision | 0:09:52

CVE-2024-3661 TunnelVision | How to Mitigate on Palo Alto Firewalls

VPN vulnerabilities - 0:14:43

VPN vulnerabilities - TunnelCrack & TunnelVision

Batman: Arkham Knight 0:01:38

Batman: Arkham Knight - Getting Past the Drones in the Sewers

[This video is 0:00:10

[This video is Endless]

IPv6 keeps getting 0:14:40

IPv6 keeps getting hacked on Windows

Moment Secret Service 0:00:11

Moment Secret Service shout ‘SHOOTER’S DOWN’ at Trump rally

The Ni-Fi Loop: 0:07:00

The Ni-Fi Loop: How INTJs Get TRAPPED Inside Their Own Minds

ACT 6.4.2 | 0:03:16

ACT 6.4.2 | How To Do Tunnel Vision Node With Stealth Spider

Ep. 105 - 0:19:41

Ep. 105 - How to Worry Less - on The MultiDimensional MD

Tunnelvision in a 0:00:20

Tunnelvision in a nutshell

Glaucoma Facts Your 0:08:58

Glaucoma Facts Your Doctor Wants You to Know

Can Visual Field 0:04:56

Can Visual Field Loss Post Stroke Be Corrected?

++ ᴍᴀsᴛᴇʀ ʏᴏᴜʀ 0:00:41

++ ᴍᴀsᴛᴇʀ ʏᴏᴜʀ ғᴏᴄᴜs: ᴛʜᴇ ᴜʟᴛɪᴍᴀᴛᴇ sᴜʙʟɪᴍɪɴᴀʟ ᴊᴏᴜʀɴᴇʏ ᴛᴏ ᴜɴʟᴇᴀsʜɪɴɢ ᴘʀᴏᴅᴜᴄᴛɪᴠɪᴛʏ___ʟᴀʏᴇʀᴇᴅ 18x...

Professor X: Solid 0:02:51

Professor X: Solid Evade Counter & Tunnel Vision Pro! | Marvel Contest of Champions

Glaucoma- The Silent 0:18:46

Glaucoma- The Silent Thief of Vision by Dr. Sirish Nelivigi, Bengaluru

Lock Design 5: 0:24:42

Lock Design 5: How to Prevent Bypass Methods

APOCALISSE VPN! Divulgata 0:11:01

APOCALISSE VPN! Divulgata (enorme) FALLA nella sicurezza: TunnelVision!

Dr. Weyer Discusses 0:01:24

Dr. Weyer Discusses Treatments for Glaucoma

Ep396 TunnelVision, VPNs 1:14:19

Ep396 TunnelVision, VPNs and You

128 Technology Why 0:18:15

128 Technology Why Tunnel Free is Better and How We're Different from Legacy Overlays

5 Quest 2 0:03:35

5 Quest 2 Settings You MUST Turn Off NOW (2024)

Комментарии
Автор

One of the authors of TunnelVision here. That was a great video and I wish we had the ability to make those clean animations!

Something to note that this will primarily affect those who are connecting from untrusted networks (i.e. public wifi). Your bottom line explanation was great. Hope you'll do another video when we release the second blog post about the side channel when a provider uses firewall mitigations.

lizziemoratti
Автор

For some reason your videos are easy to understand than other videos 😂

FBGKaneki-qxdk
Автор

You can always use a static ip address on devices on your home network.

jasonnaftis
Автор

So, according to the beginning on the video, the attacker has to be on your local network to do this? Or did I misunderstand the beginning? 🤔

glennac
Автор

Ok, I'm not gonna lie
I clicked just for the Portal thumbnail 😂😂😂

XxguaxinimxX.
Автор

I think the DHCP standard firewall is your best bet, unless the attacker can "convince" the network that it is somehow the home address itself; as per the latter two solutions (endpoint & network security): there's already prints that say the pen can conceal/manipulate the IP such that these security protocols don't recognize it. Speculatively, an industry could somehow how two distinct/autonomous servers, one of which is actually offline and not used for business at all, though somehow make its network configuration such that it is the main/live server, then use it as a honey pot for any pen- although this would presume the pen doesn't know which server is actually live, but some cloud trinkets could buy enough time for the honeypot to activate. Maybe someday DDOS won't be possible if somehow ALL IPs are traceable to its original hardware, but that's more sci fi for now perhaps...

dragonsword