why is a split tunnel relevant? I thought all VPNs are vulnerable unless they use a firewall like I do, or network namespaces.
At least the way I understand it, a normal VPN redirects your internet traffic to instead go through a virtual network interface, which then encrypts and sends your traffic through the VPN. This attack uses a malicious DHCP server to inject routes into your system, redirecting traffic to the attacker instead of towards the virtual network interface.
Hypothetically, what if everybody in the world were using mixnets to obfuscate destination/origin, and then mullvad's DAITA to obfuscate traffic timing and size. Would netflow analysis be able to defeat that?
It all depends on how much you trust the devices on your LAN. So your ISP can't do anything unless they own and control your router, since that is on your LAN. So one concern might be if you connect your PC to coffee shop wifi, since all other devices in the shop are on the same LAN, not to mention the coffee shop owns the wifi router and can also perform the attack. Another concern might be if a family member in your house has a device that got hacked, then all devices in your house are vulnerable.
how would you not use DHCP when connecting to coffee shop wifi?
I think you both are talking past each other. You said "But if nobody else is using those same endpoints." but @MigratingtoLemmy@lemmy.world said "There’s plenty of people who are going to be renting VPSes and will have their traffic originate from the same IP range as mine". Reading this thread, it seems like you both have different network setups in mind.
Do you know how to make it so all the host's traffic is sent through the VPN namespace? I couldn't figure out how to do this so I ended up just writing my own firewall. Network namespaces seems like a better solution.
I saw that but unfortunately it doesn't detail how to set it up persistently on every boot. And I also haven't seen anybody using this method, probably because of the lack of tooling around it. For example afaik the official Mullvad client on linux just uses a firewall.
How do you route all a host system's traffic through Gluetun? If you use routing tables, wouldn't it similarly be affected by TunnelVision? In which case you would still need a firewall on the host...
Also, the host system likely makes network requests right after boot, before a Gluetun container has time to start. How do you make sure those don't leak?
I am curious though, how you were able to route all host traffic through Gluetun. I know it can be used as a http/socks proxy, but I only know of ways to configure your browser to use that. What about other applications and system-level services? What about other kinds of traffic, like ssh?
Using untrusted networks is quite common, like coffee shop wifi or airport wifi.
what features are you talking about?
I'm no network security expert, so I mainly followed Mullvad VPN for my implementation. I looked at the nftables rules that official Mullvad linux client uses, and also their document here: https://github.com/mullvad/mullvadvpn-app/blob/main/docs/security.md.
Though if you have any alternatives for vanilla wireguard users like me, I'll gladly switch. I know somebody mentioned Gluetun but I thought that was for docker only. Do you know of any others?
Yeah TOR is an example of a mixnet. WHat I was talking about was a combination of your Scenario A and Scenario B, where you have a mixnet where everybody's traffic goes through multiple proxies, and many people are using each proxy, and you have padding and timing added to make sure traffic flows are consistent. As far as trusting nodes, you have to do that regardless of your set up. If you don't use any VPN, you have to trust your ISP. If you use a VPN like Mullvad, you have to trust Mullvad. If you use a mixnet, you have to trust that all your chosen proxies aren't colluding. So like you said, it's up to your own judgement and threat model.