0

Let's assume that I'm on someone others network where DNS etc is configured through DHCP.

So when I want to connect to the VPN service the DNS servers on the network that I am connected to return a local IP instead of the real one for my VPN service.

The MItM VPN service just happily accepts all credentials and forwards them to the real service.

I think that my connection is safe, but the MItM service have all traffic without encryption.

Is the above possible or does the authentication mechanism in VPN make sure that both parties are who they say that they are?

jgauffin
  • 101
  • 2

1 Answers1

1

There are several kinds of VPN. But if the VPN in question does not use server authentication in some way (i.e. server certificate, shared secret...) or if the client improperly validates the server than this kind of MITM is possible. This is similar to HTTPS with a client not validating the servers certificate properly.

Edit: Actually, I think your question is already answered in Are VPNS vulnerable to active man in the middle attacks. Thus please study the answers there.

Community
  • 1
Steffen Ullrich
  • 190,458
  • 29
  • 381
  • 434
  • I'm using windows 10 and have just configured host and credentials for the VPN. The VPN type is "automatic". – jgauffin Dec 13 '16 at 07:14
  • 1
    @jgauffin: automatic does not specify the type of VPN used but only that the system tries to detect it itself. Thus you would need to find out what kind of VPN you are actually using. – Steffen Ullrich Dec 13 '16 at 07:18