Unix-like systems Susceptible to Vpn Inferring and Hijacking Attacks ByBill Toulas-December 7, 2019.1254 Linux Unix and Android are susceptible to clever Vpn hijacking attacks. Scientists have proved the issue with multiple operating systems and Vpn solutions. The assault is not easy to perform so there is no chance of seeing this going mainstream before anybody applies corrections. Three researchers from Breakpointing Bad and the University of New Mexico have discovered a weakness that occurs in operating systems such as Android and macOs close to Linux and Unix. With the “Cve-2019-14899” tracking code, the error lies in the code of the routing table and the Tcp code in those systems. The vulnerability allows an attacker to conduct traffic analysis by cleverly using encrypted Dns queries in combination with error messages that lead to open Tcp contact information being sniffed out. The attack was found a long time ago but it was now publicly disclosed by the researchers, and after they gave the vendors some time to plug the holes. The attack and design of the special packages required to allow the infiltrator to look inside others ‘ Vpn tunnel are very clever with some researchers finding the method impressive. That said, the chances of this bursting into major exploitation are, right now, very small. Nonetheless those who deploy Vpn connections in highly critical environments should ensure that the following suggested mitigations are applied: a.) transform reverse path filtering to “on” and in strict mode b.) allow bogon filtering to conceal Ip address c.) encrypt packet size and timing by padding or other means. However, it is important to note that these mitigations are not entirely effective against the full range of potential exploitation of the Cve-2019-14899, but they are still valuable measures. OpenVpn Access Server Product Manager Johan Draaisma has made the following statement: “It doesn’t seem to be a fault in the OpenVpn program but a flaw in the operating system configuration itself. The problem is more how the operating system deals with this type of attack in general than with something going wrong in the Vpn connection itself. “