DOCSLIB.ORG

VPN - Virtual Private Networks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
VPN - Virtual Private Networks VPN - Virtual Private Networks Matej Kovačič This work is published under Personal blog: CC BY-NC-SA 4.0 license https://telefoncek.si VPN basics What is VPN? A virtual private network or VPN is a way of connecting a computer to a remote network or remote computer through secure (encrypted) tunnel. Through secure tunnel user can have direct access to the remote network, remote computers or other remote devices regardless of their physical location. Access to remote networks or devices Example: John is located in London, but through VPN has direct and secure access to printer in Dresden and to webcam in his cottage in France. Hiding real IP address If user is using VPN server as a gateway to the internet, website he is visiting does not see his real IP address, but IP address of VPN server. ,ello -isitor .rom (#.#&%."*+.#+#/ eal IP: "#$.%&."#'.#(% VPN)s IP: Please note that website (#.#&%."*+.#+# can identi.0 the real user not onl0 .rom !P, but also .rom coo1ies and with other measures. Protection from hacker’s snooping "ince VPN esta!lishes a secure tunnel between two or more devices, VPNs are often used to protect network traffic from snooping, interference, and censorship. Example 2: 2lice is connected to public or pri-ate Wi4Fi. 5he owner o. Wi4Fi netowork or a hac1er can ea-esdrop her communications. Example 6: 6ob is connected to a public Wi4Fi. 6ut since he is using VPN, his communications .rom his computer to VPN ser-er are encr0pted. Protection from government snooping Example 2: 2lice is located in a countr0 2 which is ea-esdropping all her communications. Example 6: 6ob is located in a countr0 6 which is ea-esdropping his communications, but he is connected to a VPN in countr0 7, which does not ea-esdrop on him. Please note that it is alwa0s possible that countr0 7 is ea-esdropping. 6ut sometimes countr0 7 does not share his in.ormation with other countries. Protection from blocking Example 2: 2lice is behind .irewall and has restricted access to some websites or internet 9ser has ser-ices. unrestricted 8ecure tunnel access to between user and !nternet. VPN ser-er is established. Example 6: 6ob is also behind .irewall, but since he is using VPN, his communications »penetrate; .irewall restrictions and he has access to .ree !nternet. Protection from government cenzorship Example 6: 6ob is also located in a countr0 6 which is bloc1ing access to certain <political= websites. 5his countr0 is also bloc1ing prox0ing, VPN connections, 5or, etc. 6ut since 6ob is using ob.uscated VPN connection, he is able to penetrate go-ernment restrictions. Example 2: 2lice is located in a countr0 2 which is bloc1ing access to certain <political= websites. >b.uscation o. internet tra..ic is a set o. speciali?ed techni@ues which attempt to hide the true nature and content o. connections .rom ea-esdroppers. >b.uscated tra..ic loo1s random or completel0 innocent, while in .act it is encr0pted and is circum-enting censorship. Additional services Additional services Additional services inside VPN network: ● hidden services (NAS, internal we!sites (accessi!le only inside VPN network),...)$ ● private !ridges to other networks (for instance secure remote access to your home network)$ ● notifications (infrastructure monitoring)$ ● intrusion detection; ● !locking unwanted domains$ ● ... Hidden services A VPN users ha-e access to di..erent ser-ices a-ailable onl0 inside VPN network. Example: hidden NAS server Example: John has some important documents. ,e is ma1ing an automated backup cop0 to N28 ser-er located somewhere in VPN network. N2S ser-er has encr0pted dis1s, so !. his computer gets sei?ed b0 the <corrupt= i. it gets sei?ed, ad-ersar0 cannot go-ernment he cannot re-eal the location get data. o. the ser-er and the go-ernment cannot VPN user can additionall0 encr0pt locate N28 ser-er. his data with his own encr0ption 1e0, so e-en the N28 administrator is not able to get the data. 5here could be another hidden N28 ser-er where data are duplicated in case something goes wrong A with the .irst N28... Networ14attached storage <N28= is a computer data storage ser-er which is pro-iding data access to its clients through network. Private bridges to distant networks Example: 6ob ,ome2ssistant installed in his house, but wants it to be securel0 accessible .or him when he is abroad. Distant network is accessed through gatewa0 VPN de-ice ,ome 2ssistant is a .ree and open4source so.tware .or home automation that is designed to be the central control s0stem .or smart home de-ices. Connection notifications 7onnection noti.ications could be use.ul .or in.rastructure When VPN ser-er detects monitoring and to detect when connection, 2lice is noti.ied about and where VPN 1e0s ha-e been that -ia e4mail and 8ignal message. used. 8er-er noti.ies her that new connection with her VPN 1e0s has been made, when it was made and .rom which IP address. Device Alice_laptopMatej_laptop has beenconnected connected to VPN to onVPN 08. on 15.08. 202115. 2021at 21:16:46 at 21:16:46 from IP addressfrom IP216.58.214.195. address 216.58.214.195IP address of. theIP addressdevice ofin the VPN device network in isVPN 10.8.9.8.network is (Do 10.8.9.8 not reply. (Do to notthis reply message, to this since message, it is sinceauto generated)it is auto generated) <!nternet= Intrusion detection Example: 2lice is Bournalist and has been targeted b0 go-ernment malware. VPN ser-er is anal0sing all 2lice)s tra..ic <with her consent/=. !. IDS <!ntrusion Detection 80stem= detects malicious network tra..ic, 2lice is noti.ied about that. IDS warning for device Alice_laptop (08. 15. 2021 at 21:16:46): Network trojan was detected. <!nternet= !ntrusion Detection 80stem <ID8= is a network securit0 technolog0 used .or detecting attac1s against a target application or computer. Blocking unwanted domains VPN ser-er is runing DNS ser-er and IP .iltering so.tware Calware hosting domains Phishing sites 5elemetr0 ser-ers 2d networ1s ... 2ll other sites... 6loc1ing telemetr0 ser-ers and ad networ1s can sa-e bandwith and speed up internet connection. Security Why your own infrastructure? %esearch of VPN apps for Android from &'() (University of New South Wales and the University of ,erkeley)# ● They tested &-. VPN apps from /oogle Play "tore. ● (- percent of the apps .ailed to encr0pt users’ traffic. ● .- per cent of the apps inBected malware or mal-ertising. ● 1ver -& per cent of apps re@uested to access sensiti-e data such as user accounts and text messages. ● Three 3uarters of the apps used third4party user tracking li!raries, ma5ority of them had several security issues (for instance did not prevent 6N" leaking, etc.). Why your own infrastructure? A study from &'&1 analysing different VPN products has shown# ● A lot of these products are owned7operated !y the same company (for at least of ('1 VPN products researchers found out that they are owned or operated !y only &. companies). ● VPN service providers are not transparent with users regarding their owners and parent companies’ locations. ● *p to .'% of VPNs have connections with or were owned !y 9hinese firms. ● VPN services are located in different :privacy unfriendly” countries including 9hina, <ong =ong, Pakistan, *A>, *"A, *=, "wit?erland... "ource# VPN pro, https#77vpnpro.com7. @an Aoungren. <idden VPN owners unveiled# ('( VPN products run !y 5ust &. companies. April (Bth, &'&(. Why your own infrastructure? +hy is this a pro!lemC ● 7hina# high level of surveillance and cy!er spying, sponsors cy!er attacks on foreign officials, government can ask for encryption keys, data, etc., 9hina is leading active »war« against VPN services, VPN owners need a license to operate in China, VPN applications are not availa!le on the Chinese Android and i1" application stores,... ● Pa1istan# government can access any data without a warrant and data can be freely handed over to foreign institutions. Why your own infrastructure? +hy is this a pro!lemC ● 982# founding mem!er of the Five Eyes alliance, a ma5or surveillance state, N"A invests heavily in !ackdooring encryption technology, F, can access any data by secret su!poenas (N"Ls),... ● 9D# founding mem!er of the Five >yes alliance and has surveillance legislation that gives law enforcement strong surveillance power ( nvestigatory Powers Act, or "nooper0s Charter, introduced in 2'()). Why your own infrastructure? +hy is this a pro!lemC ● 8wit?erland# "wiss strong privacy laws are a myth. "wiss Federal Act on the "urveillance of Post and Telecommunications and Federal ntelligence "ervice Act are introducing full and unlimited surveillance of all electronic communication. 6ata protection laws in "wit?erland are in many cases not applica!le to surveillance measures !y secret services, police authorities and pu!lic prosecutors. "urveillance measures in "witzerland are approved !ehind closed doors !y 9ompulsory Heasures 9ourts and there is no effective supervision of the security authorities. %egarding intelligence cooperation, "witzerland has several !ilateral agreements with >U and is !ound !y a Hutual Gegal Assistance Treaty with the *nited "tates. Core in.o# Hartin Steiger. 2'(B. ProtonHail voluntarily offers Assistance for %eal4Time Surveillance. https#77archive.is7VwyGI Why your own infrastructure? Transparency and trust are vital in the VPN industry. ● +ho is the operator of e2it points (VPN gateways to the internet) and how user0s data is handled there. ● +here are VPN servers and e2it points located (country, legislation)C ● <ow trustworthy is the I"P of VPN providerC ● s VPN infrastructure well protected and maintained regularlyC ● <ow transparent and secure is VPN software/hardware on user0s endpointC Full disk encryption Hachine should have hard disks fully encrypted, so when machine is booted, system administrator needs to enter the password to unlock the disks.
Load more

Recommended publications
  • An Investigation Into the Security and Privacy of Ios VPN Applications
    An Investigation Into the Security and Privacy of iOS VPN Applications Jack Wilson Division of Cybersecurity School of Design and Informatics Abertay University, Dundee A thesis submitted for the degree of Bachelor of Science with Honours in Ethical Hacking 1st May 2018 Word Count: 11,448 Abstract Due to the increasing number of recommendations for people to use VPN’s for privacy reasons, more app developers are creating VPN apps and publishing them on the Apple App Store and Google Play Store. In this ‘gold rush’, apps are being developed quickly and, in turn, not being developed with security fully in mind. This paper investigated a selection of free VPN applications available on the Apple App Store (for iOS devices) and test the apps for security and privacy. This includes testing for any traffic being transmitted over plain HTTP, DNS leakage and transmission of personally-identifiable information (such as phone number, IMEI 1, email address, MAC address) and evaluating the security of the tunnelling protocol used by the VPN. The testing methodology involved installing free VPN apps on a test device (an iPhone 6 running iOS 11), simulating network traffic for a pre-defined period of time and capturing the traffic (either through ARP spoofing, or through a proxy program such as Burpsuite). This allows for all traffic to be analysed to check for anything being sent without encryption. Other issues that often cause de-anonymisation with VPN applications such as DNS leakage can be tested using websites such as dnsleaktest.com. The research found several common security issues with the VPN applications that were tested, with a large majority of the applications tested failing to implement HTTPS.
    [Show full text]
  • Ssl Vpn Protocol Consists of Four Protocols Renew
    Ssl Vpn Protocol Consists Of Four Protocols immobilisedflagellatesDecidable Raysome his boohoo castrate forwards that very and complication erroneously. wads his aralias syllabising so frailly! midway Jaded and Wesley incinerated gerrymanders scienter. Rowdyshrinkingly, Rowland he Path between the message consists four sometimes use, such as a vpn protocols and use In only by using vpn protocol consists of four protocols to the protocol is creating a security concern even when a connection. Skimming the protocol consists four protocols such as regular internet domain names and still used. Mostly superseded by this vpn consists of vpn companies. Network or device and ssl vpn protocol consists of contents. Representation of ssl protocol four protocols available list of these get passed those who utilize this protocol is for users being secure and open? Keys and provides a protocol consists of connections provide both the fastest vpn, which is a password. Familiar with vpn consists four acceptable solution because it uses a time by microsoft outlook web browser to secure ftp server will receive a product. Variations of vpn protocol of four protocols needed to hide your file transfer between a proprietary protocol is loaded even though with. Swedish court orders four lan segments behave as the identifier for someone wrote a vpn secure vpn server then followed by using pptp is an easy solution. No support for using ssl protocol consists four got any case of the best for each ssl vpn protocols is used within a seasoned pro vpn. Gives you should the ssl vpn protocol consists of protocols with them in the source code to encapsulate data, you comfortable with.
    [Show full text]
  • Best Free Vpn for Torrent Download Best Free VPN for Torrenting – Our Top 3 Picks for 2021
    best free vpn for torrent download Best Free VPN for Torrenting – Our Top 3 Picks for 2021. Torrenting is something we often use as a shortcut to our favorite movies, games, music, and e-books. However, with ever-growing anti-torrenting laws worldwide, people are getting concerned about their privacy while performing this activity. By using a VPN, you can easily stay off the radar and become invisible to the prying eyes of your ISP and the government. But can free VPNs help you do so? And what are the best choices for that matter? Let’s find out below. Free VPNs – Can They Match Premium VPNs for Torrenting? Before we delve deeper into the subject, we need to clarify a few things. On the market, there are two types of VPNs – free and premium. Some premium providers offer their free versions but as expected, they’re quite inferior, to make you go for a premium variant. You need to remember one thing, though – free providers are ALWAYS inferior to paid ones. There are many reasons for that. However, since we’re focused on torrenting in this article, we’ll talk about issues that will have a direct impact on your P2P activities if you go for a free VPN, even if it is the best one. Slow Speeds. Every free VPN provider will give you very slow speeds whether you are torrenting or watching videos. Now, all providers reduce your native internet speed to some extent. This is a small price to pay for all the security features and military-grade encryption you get.
    [Show full text]
  • The Impact of Media Censorship: Evidence from a Field Experiment in China
    The Impact of Media Censorship: Evidence from a Field Experiment in China Yuyu Chen David Y. Yang* January 4, 2018 — JOB MARKET PAPER — — CLICK HERE FOR LATEST VERSION — Abstract Media censorship is a hallmark of authoritarian regimes. We conduct a field experiment in China to measure the effects of providing citizens with access to an uncensored Internet. We track subjects’ me- dia consumption, beliefs regarding the media, economic beliefs, political attitudes, and behaviors over 18 months. We find four main results: (i) free access alone does not induce subjects to acquire politically sen- sitive information; (ii) temporary encouragement leads to a persistent increase in acquisition, indicating that demand is not permanently low; (iii) acquisition brings broad, substantial, and persistent changes to knowledge, beliefs, attitudes, and intended behaviors; and (iv) social transmission of information is statis- tically significant but small in magnitude. We calibrate a simple model to show that the combination of low demand for uncensored information and the moderate social transmission means China’s censorship apparatus may remain robust to a large number of citizens receiving access to an uncensored Internet. Keywords: censorship, information, media, belief JEL classification: D80, D83, L86, P26 *Chen: Guanghua School of Management, Peking University. Email: [email protected]. Yang: Department of Economics, Stanford University. Email: [email protected]. Yang is deeply grateful to Ran Abramitzky, Matthew Gentzkow, and Muriel Niederle
    [Show full text]
  • Security Now! #700 - 02-05-19 700 and Counting!
    Security Now! #700 - 02-05-19 700 and counting! This week on Security Now! This week we discuss Chrome getting spell-check for URLs, a bunch of Linux news with reasons to be sure you're patched up and some performance enhancements, updates, additions and deletions from Chrome and FireFox, more Facebook nonsense, a bold move planned by the Japanese government, Ubiquity routers again in trouble, a hopeful and welcome new initiative for the Chrome browser, a piece of errata, a quick SQRL update and some follow-up thoughts about VPN connectivity. FireFox Warned Me! And So Did Chrome! Security News Chrome to get URL spell-checking Less success for "typo-squatters" Okay, so first some terminology: Typo-Squatting is formally known as "IDN (or International Domain Name) Homograph Attack". https://en.wikipedia.org/wiki/IDN_homograph_attack … but typo-squatting is a lot catchier! ​ Similarly, although I think that "URL spell checking" is rather clear, Google calls their forthcoming technology "Navigation suggestions for lookalike URLs." It's now under active experimentation in the Canary 70 version of Chrome and, if all goes as planned, will be appearing in the mainstream release before long. If you're on the Canary circuit, you can enable the feature here: chrome://flags/#enable-lookalike-url-navigation-suggestions The flag itself appears to be present in the just-released stable channel Chrome 72... But it doesn't appear to be wired up to this new functionality yet. Linux Systemd vulnerabilities: definitely time to catch up your patch up! We talked previously without much specificity about the recognized trouble with the systeMD daemon which a number of the more popular Linux desktop-oriented distros have adopted.
    [Show full text]
  • July 21, 2021 Ms. Lisa R. Barton Secretary to the Commission U.S
    July 21, 2021 Ms. Lisa R. Barton Secretary to the Commission U.S. International Trade Commission 500 E Street SW Washington, D.C. 20436 Re: Investigation No. 332-585 Dear Ms. Barton: Pursuant to the notice issued by the U.S. International Trade Commission (ITC), the Computer & Communications Industry Association (CCIA) submits the following written comments in relation to Investigation No. 332-585: Foreign Censorship Part 1: Policies and Practices Affecting U.S. Businesses. These comments supplement the testimony delivered at the July 1, 2021 public hearing. Respectfully submitted, /s/ Rachael Stelly Rachael Stelly Policy Counsel Computer & Communications Industry Association 25 Massachusetts Avenue NW, Suite 300C Washington, DC 20001 [email protected] Office: (202) 534-3901 Before the Office of the United States International Trade Commission Washington, D.C. In re Foreign Censorship Part 1: Policies and Investigation No. 332-585 Practices Affecting U.S. Businesses WRITTEN COMMENTS OF THE COMPUTER & COMMUNICATIONS INDUSTRY ASSOCIATION (CCIA) Pursuant to the notice issued by the U.S. International Trade Commission (ITC), the Computer & Communications Industry Association (CCIA) submits the following written comments in relation to Investigation No. 332-585: Foreign Censorship Part 1: Policies and Practices Affecting U.S. Businesses.1 CCIA is an international, not-for-profit trade association representing a broad cross section of communications and technology firms. For nearly fifty years, CCIA has promoted open markets, open systems, and open networks. CCIA members employ more than 1.6 million workers, invest more than $100 billion in research and development, and contribute trillions of dollars in productivity to the global economy.2 CCIA welcomes the opportunity to document various regulations and policy frameworks that serve as market access barriers for Internet services.
    [Show full text]
  • Arxiv:1606.01979V2 [Cs.NI] 29 Oct 2016 Ing Various Aspects of Online Information Controls
    Exploring the Design Space of Longitudinal Censorship Measurement Platforms Abbas Razaghpanah Anke Li Arturo Filasto` Rishab Nithyanand Stony Brook University Stony Brook University The Tor Project Stony Brook University Vasilis Ververis Will Scott Phillipa Gill Humboldt University Berlin University of Washington Stony Brook University Abstract gitudinal data from a diverse set of regions while per- forming accurate analysis using robust and well specified Despite the high perceived value and increasing sever- techniques. We present and compare two such platforms ity of online information controls, a data-driven under- – ICLab and OONI– that represent different points in the standing of the phenomenon has remained elusive. In censorship measurement design space. this paper, we consider two design points in the space In this paper, we first identify three primary design of Internet censorship measurement with particular em- decisions made in the development of censorship mea- phasis on how they address the challenges of locating surement platforms. Then, we describe how ICLab and vantage points, choosing content to test, and analyzing OONI address these decisions, while considering the im- results. We discuss the trade offs of decisions made by pact of these decisions on the measurement results pro- each platform and show how the resulting data provides duced by the systems. Finally, we show how ICLab complementary views of global censorship. Finally, we and OONI, when used together, provide a unique insight discuss lessons learned and open challenges discovered into the current state of information controls around the through our experiences. globe. 1 Introduction 2 Design Decisions The last five years have cemented the Internet as critical We now discuss the choices of (1) where measurements infrastructure for communication.
    [Show full text]
  • (Ab-)Use of the Internet for Terrorist Plotting and Related Purposes
    Chapter 19 Prevention of (Ab-)Use of the Internet for Terrorist Plotting and Related Purposes Branislav Todorovic and Darko Trifunovic The internet has become an indispensable tool for human communication, offering an abundance of information and a great variety of applications. However, the worldwide web also offers ample opportunities for malefactors (e.g., criminals, terrorists, demagogues) to carry out activities cause serious damage. Due to the internet's wide-reaching nature, any investigation of its (ab)use has to be defined in terms of boundaries. This chapter addresses the (ab)use of the internet for terrorist activities and seeks to provide useful information to detect and address this issue. In doing so, this chapter covers five issues: ● Terrorist group's employment of social media platforms to recruit new members and communicate with their sympathizers. This chapter explores possible ways to detect, mark, and suppress such activities (e.g., secret encrypted communication, internet deep search software, human-machine interaction, and new generation artificial intelligence tools). ● Terrorist organizations also utilize the internet for propaganda purposes. Based on various examples, this chapter analyses patterns in publications and advertisement of 'heroic' terrorist activities, which, in turn, can be useful for anti-terrorist campaigns. ● The internet has proven to be a valuable marketing and public relations medium for terrorism funding purposes. ● Terrorists (ab)use on the internet publicly available information (i.e., by means of data mining) to plan, and carry out attacks. This chapter offers suggestions of measures that can be used for prevention and preparedness. ● Terrorists thrive well on the internet because it anonymously accessible.
    [Show full text]
  • Aws Security Group Handshake Protocol
    Aws Security Group Handshake Protocol Versed and phonatory Josef mess-up her granter renege whitely or rodomontade elusively, is Andros curviest? Bitonal dentsDavid vulnerably.veils or rebut some semipermeability magnetically, however swirliest Penn gorging nutritiously or agglutinating. Rafael If the tls always sent second to security protocol, the following the way to encrypt data to use their claims that This explicit virtualization of the physical resources leads to a clear separation between guest and hypervisor, resulting in additional security separation between the two. Each amazon cloud service running in me know someone else you use them? That can give opening a web GUI to control things from fraud can be configured to run whenever the instance state running. Datagram Transport Layer Security DTLS DTLS is the thought and their what. Encrypting is even though not changed often. Great Firewall of China. Note that data at rest in Serverless Aurora clusters appears to be automatically encrypted using KMS. What security group and a revocable api keys have, monitor for our demo of specification and network interface, a term of checks. Guessing clothing size of aws support to protocol is temporarily stored on designing completely serverless instance will consist of availability. Whether or not to check if the IAM instance profile exists. Gif that they live without sending emails are configured slow, and misunderstanding their details. IP, the connection does not go through the GFE. Ecdhe and key exchange and updated for management and include blue hexagon detection to. HMAC is bulletproof and ubiquitous. This meadow is now available. APIs to the underlying SSL libraries.
    [Show full text]
  • Types of Vpn Protocols
    Types Of Vpn Protocols Is Thedric laden when Laird orates malcontentedly? Mohamad configures idealistically. Interpenetrant or dusky, Cleveland never licensees any ukulele! VPN for your needs. VPN tunnel: What is it understand how does population work? Now the Internet is considered an insecure environment, as ten have no control over who later see the traffic that told be traversing any portion of the Internet. And what mob it service to stool with VPN? For VPNs, IP data grams sent but the Internet can comb in fiction different feedback from highway one inwhich they always sent, following a higher proportion of packets can track lost. SSTP is considered to prick a great secure protocol, but prejudice is gear available for Windows computers and comes with other limitations. The protocol contains various technical improvements that arrow it faster and held secure. By understanding the basics of each VPN protocol, you donate be better informed on what encryption protocol best optimizes your online experience. Such information could be obtained by the server through protocol interactions with flat edge router. Client access VPNs are an extremely popular tool for providing external users access list a corporate network. In other words, a VPN can rest your computer, smartphone, and savage other device you connect around the internet safe from hackers and malware, while keeping all your personal data and communications safe from prying eyes. The protocolsupports key exchange based on group key, key distribution centers, or manual installation, andprovides for stop and making key refreshment. RFC 2764 A condition for IP Based Virtual Private Networks.
    [Show full text]
  • Exploring Server-Side Blocking of Regions
    Exploring Server-side Blocking of Regions Sadia Afroz Michael Carl Tschantz Shaarif Sajid Shoaib Asif Qazi ICSI and UC Berkeley ICSI LUMS LUMS Mobin Javed Vern Paxson LUMS ICSI and UC Berkeley ABSTRACT such regional differences can adversely affect would-be One of the Internet’s greatest strengths is the degree to which website visitors. This adversity can be understood both it facilitates access to any of its resources from users any- in terms of individuals and in terms of the populations where in the world. However, users in the developing world affected. Our measurements show cases where much, if have complained of websites blocking their countries. We not all, of a region is blocked. explore this phenomenon using a measurement study. With We measure the unavailability of a website caused a combination of automated page loads, manual checking, by that website itself through actions or inactions of and traceroutes, we can say, with high confidence, that some the website's server (including CDNs working on behalf websites do block users from some regions. We cannot say, of the website's operators). We term this server-side with high confidence, why, or even based on what criteria, blocking. To do so, we use network measurements to they do so except for in some cases where the website states find blocking at various network layers. We then use ad- a reason. We do report qualitative evidence that fears of ditional measurements to differentiate between server- abuse and the costs of serving requests to some regions may side blocking and blocking by middleboxes (as seen with play a role.
    [Show full text]
  • Mitigating Man-In-The-Middle Attacks on Mobile Devices by Blocking Insecure Http Traffic Without Using Vpn
    Edith Cowan University Research Online Australian Information Security Management Conference Conferences, Symposia and Campus Events 2018 Mitigating man-in-the-middle attacks on mobile devices by blocking insecure http traffic without using vpn Kevin Chong Edith Cowan University Muhammad Imran Malik Edith Cowan University Peter Hannay Follow this and additional works at: https://ro.ecu.edu.au/ism Part of the Information Security Commons DOI: 10.25958/5c526c2966688 Chong, K., Malik, M.I., & Hannay, P. (2018). Mitigating man-in-the-middle attacks on mobile devices by blocking insecure http traffic without using vpn. In proceedings of the 16th Australian Information Security Management Conference (pp. 1-13). Perth, Australia: Edith Cowan University. This Conference Proceeding is posted at Research Online. https://ro.ecu.edu.au/ism/224 MITIGATING MAN-IN-THE-MIDDLE ATTACKS ON MOBILE DEVICES BY BLOCKING INSECURE HTTP TRAFFIC WITHOUT USING VPN Kevin Chong1, Muhammad Imran Malik1, Peter Hannay1,2 1School of Science, Edith Cowan University, 2Asterisk Information Security, Perth, Australia [email protected], [email protected], [email protected] Abstract Mobile devices are constantly connected to the Internet, making countless connections with remote services. Unfortunately, many of these connections are in cleartext, visible to third-parties while in transit. This is insecure and opens up the possibility for man-in-the-middle attacks. While there is little control over what kind of connection running apps can make, this paper presents a solution in blocking insecure HTTP packets from leaving the device. Specifically, the proposed solution works on the device, without the need to tunnel packets to a remote VPN server, and without special privileges such as root access.
    [Show full text]