Hi guys/girls, wanted to discuss this glaring security feature missing from SoftEther.
Would your development team please consider adding it to the next release of SoftEther>.?.?
just as an example, when using the SoftEther program to connect to vpngate servers, users doing so are already doing so to protect their identity..... but say in the middle of transferring confidential packets across the vpn, the vpn drops the connection for some unknown reason,,,, and all of the sudden your computer falls back to using the network connection without the vpn, as the vpn is still trying to auto reconnect to the vpn server.
Well those packets, while trying to reconnect, are sent in the clear and totally interceptable by a third party, which is the last thing you want happening to users expecting privacy.
Picture this, a snooping third party is eavesdropping and sees the connection is transferring packets via a vpn,,, they want to disable it, so they interrupt the internet connection long enough for the SoftEther to detect its lost stable connection to the vpn server, SoftEther disconnects and starts to try reconnecting, that's the window of opportunity the eavesdropper needed because the pc downloading something is still downloading in the clear temporarily as SoftEther is disconnected, and the eavesdropper now has ip addresses and traffic records logs of what the SoftEther user was doing. (very bad)
You need to implement a kill switch feature into softether so a user can select an option, so that when turned on, ALL traffic packets (except SoftEther communicating to establish a connection) inbound or outbound are blocked from occurring when there's not a valid/stable secure vpn connection active??
That would be the way to go, so if any SoftEther user were using a vpn, and lose connection, no traffic is allowed in or out until SoftEther reestablishes a secure connection to the vpn again. :-)
Thanks for your help, and consideration of adding this very much needed security feature!! :-)
Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
2 posts • Page 1 of 1