Search the Community
Showing results for tags 'HTTP'.
Found 3 results
-
Source: https://www.bleepingcomputer.com/news/security/voracle-attack-can-recover-http-data-from-vpn-connections/ Hello everyone, I've recently read that article above about this new attack called VORACLE that can possibly allow an attacker to recover data from HTTP traffic sent through a VPN. I've searched these forums for anything mentioning voracle but no results so I'm starting this topic out of interest and concern, and some questions for AirVPN staff. Is AirVPN completely protected from this new attack? Or is this something that AirVPN needs to *address and what can/will be done, if not why? What can AirVPN users do against this if anything or what are the exact steps to configure inside Eddie if anything? (*With the above quote in-mind does AirVPN need to do the same for its service?) Appreciate any replies and interest in the matter. Thanks.
-
Hi all, I'm hoping for an answer on this, i'll show you the setup first then the question. Here's the setup: Linux server running web server and using AirVPN(Eddie) port forwarding a HTTP port 80 web page with chat function----(no HTTPS) I I I Connected to Internet I I Serving the webpage using AirVPN Exit IP and Forwarded Port I I Windows 10 client connecting to AirVPN Exit IP and Port via web browser and then using the web chat service in http not in https. The Windows 10 client is not running a VPN or any special software. The Question: Is the connection between the client and the AirVPN exit node encrypted even though the client doesnt have VPN software installed? I know that that might sound silly but I would have thought the answer would have been no, so to check this I MITM my WiFi connection but could only see QUIC, TCP, UDP and HTTP coming from the client in Wireshark. The QUIC UDP were encrypted payloads and I searched the HTTP packets data for the plain text messages I was sending in the chat page but couldn't find it, in fact none of the packets were readable other than the source and destination parts. So to recap: Is the clients connection to the AirVPN Exit nodes IP and PORT encrypted? and if so how when im not running a vpn? is it the session to the airvpn exit node? can the data be read in plain text the same way it would on a normal LAN if i was doing packet capture on the HTTP? Please discuss
-
Hallo, I've read about the kickasstorrents admin getting busted for stupid reasons and it got me thinking. How do I specify everyday sites like https://amazon.com to NOT to use VPN tunnel. So using same IP or number of IPs through AIRVPN will not become a problem. And VPN is also useless since those sites have got your personal information. ways to use it like I see it: - network lock / adresses allowed (then https://amazon.com would be allowed by disconnect.) - bothersome - routes (don't know how to use it) So, like you see I don't know much Other solutions I can think of: - "misuse" tor browser for everyday sites (but then how does it stand to AIRVPN over TOR solution?) I am rather a noob and not really out for a "tinkering" solution. Maybe it is that obvious that I dont see it? Specifying web adresses espeacially such as amazon or youtube are probably problematic since they "outsource" their traffic through other domains. Those did not get me very far https://airvpn.org/faq/software_advanced/ https://airvpn.org/software/ Am I blowing some things out proportion, do not understand some things I saying? Possible. Tell me. Thanks for you help.