Anonymous vulnerability with PPTP-VPN and IPv6

Discussion in 'BlackHat Lounge' started by kmedone, Jun 21, 2010.

  1. kmedone

    kmedone Newbie

    Jan 31, 2008
    Likes Received:
    At a recent Telecomix Cipher conference it was revealed that a security flaw in PPTP-VPN allows third parties to find the true IP-address of someone connected through the VPN.

    The technical details of the vulnerability, explained in this talk reveal that the true IP-address of users using IPv6 can be easily traced. Even worse, it seems that the Swedish Anti-piracy Bureau may already be using this flaw to gather data on ?anonymous? BitTorrent users.

    The solution is to turn off IPv6.