Explore the intricacies of VPN behavior and network packet dynamics in this 36-minute conference talk from BSidesLV 2014. Delve into the world of OpenVPN, packet loss, and network algorithms as speakers Anna Shubina and Sergey Bratus reveal surprising insights about VPN reactions to packet loss. Learn about router packet timings, kernel behaviors, and the interplay between Nagle's algorithm and delayed ACKs. Examine experimental results from 100-packet timings for OpenVPN UDP with intentional packet dropping, and discover how IPSec fingerprints and Netcat's stealthy nature factor into the equation. Investigate the impact of chaining mode, queue management, and attempt to profile VPN behaviors. Gain non-intuitive takeaways that challenge conventional understanding of VPN operations and network security.
Overview
Syllabus
Intro
OpenVPN, each 5th packet
Once upon a time...
Behind the scenes...
Packet timings: routers
PortBunny: kernels
Nagle's algorithm vs delayed ACK
Just your normal VPN...
Experiment
100-packet timings for OpenVPN UDP, each 5th packet dropped
IPSec fingerprints
Netcat is sneaky
What about chaining mode?
It's all about queues
What is going on?
Profiling attempt
Non-intuitive take-away?
