The VPN clients Steganos Online Shield VPN and OkayFreedom VPN can recognize DNS hijacking network attacks, and will warn VPN users of them. There are no data leaks via IPv6 when Steganos VPN products are used. This was announced by the Berlin-based IT security specialist Steganos Software after reports of security gaps in 14 VPN services gave rise to uncertainty.

IPv6-IPv4_von Thierry Ehrmann CC-BY-20
IPv6-IPv4_von Thierry Ehrmann CC-BY-20

“Neither Steganos Online Shield VPN, nor OkayFreedom VPN allow an unprotected IPv6 connection. Both applications immediately recognize DNS hijacking. Steganos customers can rest assured that our solutions are securely protecting them from hackers and data thieves,” said Gabriel F. Yoran, Managing Director of Steganos.

Doubts arose about the security of VPN clients when a number of relevant IT media cited a technical article which had been published in April 2015 by a joint research team from the universities of Rome and London. Within the scope of their project, the researchers had investigated the effect of IPv6 issues on VPN clients, and discovered shortcomings in all of the services they tested.

Up to now, IPv6 had played hardly any role in the daily practice of VPN users. Problems only arise when users have no detailed knowledge of whether they are using IPv6 when they’re online. This is the case in public hotspots for example.

“Here at Steganos, we don’t want our VPN users to have to worry about whether they’re using IPv4 or IPv6 on the Internet. That’s why, for the present, we decided to disallow IPv6 for the duration of any VPN connectivity. We’re already working on developing a sustainable solution which would allow IPv6 without compromising the security of the VPN connection.

 DNS hijacking is another attack scenario described by the researchers, which is unrelated to IPv6. If a hacker is able to trick the router and switch his own DNS server into the local network, he can not only see what pages the user is loading, but also mine and log data out of the actual VPN tunnel.

Steganos VPN products are capable of immediately identifying such DNS hijackings. The software enforces a specific DNS server for duration of the VPN connection and can therefore recognize whether there is another device on the local network within the same IP range of the Steganos DNS server.  If so, it assumes the local network is compromised. Steganos VPN products then disallow the VPN connection and warn the user.