Information Security Asked by Alehandro on October 28, 2021
If I am using one a VPN Service, but it allows up to lets say 8 devices to connect, are all the devices/users able to view traffic from other users/devices?
Or is each VPN connection creating its own tunnel, thus its basically saying that only 8 Tunnels can be made/created at once?
Also once connected to my VPN is it possible for someone to de-authenticate me, using my VPN also, if someone is messing around with a Wifi-Network? I mean in theory if you can think of something it can be done, but I am wondering if this is an issue that happens often?
Why I am asking is I am living in a house with multiple people, I notice they are having some fun upstairs sometimes, by trying to setup multiple hotspots with the same Wifi name, I am concerned if its possible that they can do session-hijacking even if I am on a VPN connection (as one time I noticed a message on a service I use that I never wrote, but when checking logs of sessions, the only sessions open are the ones I am aware of.) I know I had not written this message, thus I am interested in how it would be done if i was on my VPN. Although I notice they disconnect the wifi often sometimes having me reconnect to my VPN etc.
On my end I have setup my VPN to disconnect me from the internet, once my VPN connection drops, but I am wondering if reconnecting right away might cause another security issue (assuming vpn’s have handshakes also just like a wifi hotspot)?
Would it be safe to say I should invest in my own wireless router and setup a firewall? I wanted to originally use my Linux box with two wireless cards, setup a new wireless network with a firewall and then create a new Hotspot, thus protecting my devices a little bit more.
If I am using one a VPN Service, but it allows up to lets say 8 devices to connect, are all the devices/users able to view traffic from other users/devices?
That depends on VPN server settings, but usually yes. The connection between a client(s) and server are encrypted, but the subnet in which clients are usually not (but again, it depends on vpn server settings)
Or is each VPN connection creating its own tunnel, thus its basically saying that only 8 Tunnels can be made/created at once?
It depends on the type of VPN you are using (meaning the VPN server settings), but usually, VPN server creates a subnet(s) for a set number of clients, imagine it like a highway with several lines (allowed number of IPs) with the cars (clients) that cannot share the same lane, but can see each other, communicate and so on.
Also once connected to my VPN is it possible for someone to de-authenticate me, using my VPN also, if someone is messing around with a Wifi-Network?
I mean in theory if you can think of something it can be done, but I am wondering if this is an issue that happens often?
Not without knowing your credentials (accountpassword).
The way you are describing, it seems you have been a victim of an impersonation attack (assuming). Since you describe that a group of people were creating a wifi APs with the same name as your wifi AP, it seems they were trying to make to connect to the wrong one. If you did, then getting your credentials is an easy step.
Answered by Rashad Novruzov on October 28, 2021
TLDR: No
Long answer: Although you may be using the same credentials for each device, each device will have to set up and maintain a unique tunnel and will have a different IV for each tunnel. From server's point of view, you're simply accepting up to 8 different concurrent connections (IP:Port pairs) for the same identifier, be it an username or a certificate.
In case you're behind a NAT device, like your home router, every device will have it's own RFC1918 IP address. In this case even though the public IP address is the same from the server's point of view, it will distinguish between them by simply looking at their IP:port pair as everyone will be using a different port to communicate to the outside work, courtesy of NAT/PAT translation.
To sum it up: Even if you tried to intercept all traffic, you'll figure out that there's no no way to intercept of infer what's going inside each tunnel. (This is not particular true if the same IV is reused or due to implementation errors or known flaws but that's not the scope of this question.)
Answered by mjoao on October 28, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP