Can a VPN protect a vulnerable system from targeted attacks within the host network (the one you are tunneling through)?

I don't have a laptop available, or I would test this myself, but I'm curious if a VPN can protect you from targeted attacks from the network you are tunneling through.

Say I have a windows laptop with RDP enabled and connect to a public wifi. Can someone on that hotspot's network, if that network's firewall allows inter-device communication, detect my laptop and start brute-forcing the RDP connection (for example) while I am connected to the VPN? I expect they can in the case of a split tunnel VPN, but is that true full tunnel VPN?

What would be some mitigations in this case? One mitigation I can think of is the private/public/domain classification in the windows firewall. Mark that public wifi as "public" and disable RDP in the firewall for public networks (if it's not already, though I think it should be). Better yet, set up explicit rules that allow only IPs or ranges you are in control, and use only non-standard private ranges in the networks you control (avoid 192.168.0.x or 192.168.1.x or the like which come pre-packaged with most network gear, or at least consumer grade stuff).

What other risks are there when connecting to a random wifi network other than the ones the VPN vendors advertise? Frankly, I think some of them have already been mitigated by HTTPS, which in the vast majority of cases is good enough, and you shouldn't use unencrypted HTTP in the first place.

Touch here for the full post on Network Security Noblemen tumblr

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s