Georgi Stoychev 0 Posted May 16 Share Posted May 16 Hello, In relation to CVE-2024-3661, we would like to know if it's possible to somehow block DHCP packets, which contain option 121 on the endpoints, through ESET Protect's Firewall? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted May 16 Administrators Share Posted May 16 No. You can specify the following options in firewall rules: Link to comment Share on other sites More sharing options...
Solution itman 1,743 Posted May 16 Solution Share Posted May 16 (edited) 9 hours ago, Georgi Stoychev said: In relation to CVE-2024-3661, Quote The most effective fixes are to run the VPN inside of a virtual machine whose network adapter isn’t in bridged mode or to connect the VPN to the Internet through the Wi-Fi network of a cellular device. The research, from Leviathan Security researchers Lizzie Moratti and Dani Cronce, is available here. https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/ -EDIT- As far as the Wi-Fi option goes, it has a vulnerability that allows for VPN connection hijacking: https://thehackernews.com/2024/05/new-wi-fi-vulnerability-enabling.html Edited May 16 by itman Link to comment Share on other sites More sharing options...
Recommended Posts