In light of the recent TunnelVision vulnerability I wanted to share a simple firewall that I wrote for wireguard VPNs.

https://codeberg.org/xabadak/wg-lockdown

If you use a fancy official VPN client from Mullvad, PIA, etc, you won’t need this since most clients already have a kill switch built in (also called Lockdown Mode in Mullvad). This is if you use a barebones wireguard VPN like me, or if your VPN client has a poorly-designed kill switch (like NordVPN, more info here).

A firewall should mitigate the vulnerability, though it does create a side-channel that can be exploited in extremely unlikely circumstances, so a better solution would be to use network namespaces (more info here). Unfortunately I’m a noob and I couldn’t find any scripts or tools to do it that way.

  • DarthYoshiBoy
    link
    fedilink
    4
    edit-2
    7 months ago

    If you use a fancy official VPN client from Mullvad, PIA, etc, you won’t need this since most clients already have a kill switch built in (also called Lockdown Mode in Mullvad).

    According to the researchers

    The result of this is the user transmits packets that are never encrypted by a VPN, and an attacker can snoop their traffic. We are using the term decloaking to refer to this effect. Importantly, the VPN control channel is maintained so features such as kill switches are never tripped, and users continue to show as connected to a VPN in all the cases we’ve observed.

    Killswitches are insufficient protection since the TunnelVision attack never disables the VPN tunnel. The TunnelVision attackers are instructing your physical layer connection to route everything through a node of their choosing rather than killing your VPN connection, and since the VPN connection never drops, a killswitch will never engage. The VPN stays up, thinking it is doing a good job, but in the meantime your network interface has been instructed to route no traffic through the VPN and instead route everything to the location of the attacker’s choosing. I have heard that a couple of VPNs think their clients are not vulnerable here, but I haven’t seen independent conclusive proof one way or the other yet.

    I suspect that your “Solution” also fails to mitigate the issues in TunnelVision because it allows LAN access to the physical interface. In a TunnelVision attack the hostile has to be on your LAN (or rather the same LAN you are on since I suspect that “The coffee shop wi-fi” is the more likely network for an attack like this) already, so if they’re going to tell your interface to route traffic somewhere else, in all likelihood that somewhere else will already be in the same LAN you are and their exfiltration will be allowed under your configuration.

    • @xabadakOP
      link
      1
      edit-2
      7 months ago

      Actually my firewall is persistent, just like many of the other good VPN clients, so “kill switch” is a bit of a misnomer. Which is why I called it wg-lockdown, named after Mullvad’s lockdown mode. Persistent firewalls are effective, they just add a very tiny side-channel, as discussed in the link in my post. I just used the terms “kill switch” in my post because that’s what many other people use.

      Though the point about the LAN is a good point, I didn’t consider that. I added LAN access because without it, the firewall was interfering with the networking of my docker container and virtual machines, which use local subnets. Even the official Mullvad client has issues with this. What do you recommend in this case? Manually whitelist the local subnets used by docker and my other virtual networks?

      Edit: actually upon reading Mullvad’s statement on TunnelVision, I realized that my firewall is still effective because it only allows traffic directed to LAN IP’s to bypass the VPN. So regular internet traffic will be blocked if the attacker tries to redirect it to the LAN. I’m glad I used Mullvad as a reference implementation 😅

  • Kairos
    link
    fedilink
    2
    edit-2
    7 months ago

    The vulnerability doesn’t work on Linux

    • @AnEilifintChorcra@sopuli.xyz
      link
      fedilink
      137 months ago

      Unfortunately Linux is affected https://github.com/leviathansecurity/TunnelVision

      TunnelVision appears to work on any operating system that has a DHCP client that implements support for DHCP option 121. Most modern operating systems support this such as Linux, Windows, iOS and MacOS. Notably, Android does not appear to have support for option 121 and remains unaffected.

      A fix is available on Linux when configuring the VPN users host to utilize network namespaces.

      I read the Arstechnica article too where they say Linux isn’t affected then link to the researchers video where they show Linux being affected…

      • Kairos
        link
        fedilink
        17 months ago

        Oh. It doesn’t work with WireGuard then. It probably works with garbage. Thank you.

        • @metiulekm@sh.itjust.works
          link
          fedilink
          English
          117 months ago

          I am afraid you are still a bit misled; WireGuard is exactly what they use for the demo video. In general the underlying protocol does not matter, since the vulnerability is about telling the system to direct the packages to the attacker, completely bypassing the VPN.

          • @taladar@sh.itjust.works
            link
            fedilink
            -117 months ago

            That “vulnerability” seems more like a case of “people who use hostile networks have not considered which features that work as designed should be disabled in their use case”.

              • @taladar@sh.itjust.works
                link
                fedilink
                -37 months ago

                It does matter if people now advocate to routinely disable useful features by default because they are a problem for their particular use case.

                • @xabadakOP
                  link
                  27 months ago

                  what features are you talking about?

            • @xabadakOP
              link
              37 months ago

              Using untrusted networks is quite common, like coffee shop wifi or airport wifi.

    • @delirious_owl@discuss.online
      link
      fedilink
      2
      edit-2
      7 months ago

      You’re still right in 99% of all use cases.

      Nobody operates VPNs for privacy in split tunnel. So everyone running Linux that would be concerned about this is unaffected.

      • @xabadakOP
        link
        17 months ago

        I thought TunnelVision applies to all VPN users that don’t use firewall / network namespaces

        • @progandy@feddit.de
          link
          fedilink
          1
          edit-2
          6 months ago

          A separate routing table that takes precedence over the one modified by DHCP should works as well I think. Oh, and of course you have to use a vpn that forces its own nameserver or set one manually to prevent redirections.

          • @xabadakOP
            link
            17 months ago

            why is a split tunnel relevant? I thought all VPNs are vulnerable unless they use a firewall like I do, or network namespaces.

            At least the way I understand it, a normal VPN redirects your internet traffic to instead go through a virtual network interface, which then encrypts and sends your traffic through the VPN. This attack uses a malicious DHCP server to inject routes into your system, redirecting traffic to the attacker instead of towards the virtual network interface.