Skip to main content

Security flaw makes PPTP VPN useless for hiding IP on BitTorrent

With mounting pressure from anti-piracy outfits on governments to implement stricter copyright laws and record labels suing people left and right, millions of file-sharers have decided to protect their privacy by going anonymous. In Sweden alone an estimated 500,000 Internet subscribers are hiding their identities. Many of these use PPTP-based VPNs such as The Pirate Bay’s Ipredator or Relakks.

It is a known fact that PPTP based VPN connections are less secure than OpenVPN based ones, yet millions of users are opting for the former because of easy availability. At a recent Telecomix Cipher conference it was revealed that a security flaw in PPTP-VPN allows third parties to find the true IP-address of someone connected through the VPN.

The security risk is caused by a lethal combination of IPv6 and PPTP-based VPN services. IPv6 is the Internet protocol that will succeed IPv4. The protocol is promoted by Windows 7 and Vista, among others, and most people are using it without even realizing it as it’s enabled by default.

The technical details of the vulnerability, explained in this talk (see below) reveal that the true IP-address of users using IPv6 can be easily traced. Even worse, it seems that the Swedish Anti-piracy Bureau may already be using this flaw to gather data on ‘anonymous’ BitTorrent users. [via Torrent Freak]

Talk starts at 2:17:30, BitTorrent part at 2:30:00

The vulnerability is not limited to BitTorrent users. Anybody who is using such VPN are exposing their real identify to every connection.

To remove the threat Windows Vista and 7 users are advised to turn of IPv6 by following these steps:

Open Control Panel and click on Network and Internet and then click “View network status and tasks”.


On the left sidebar click Change Adapter settings to view the icons of your various connection.


Right click on the connection shortcut you use and choose Properties. Then click on the Tab Networking and uncheck the box “Internet Protocol Version 6 (TCP/IPv6)”



  1. So, what's the exploit, then? The two things I would think being a problem are the local-link address that is generated based on the NIC's MAC addy (and thus exposing a MAC address that might be traced to an individual PC) or the other "auto" IPv6 address with the 2002::/8 prefix. This last one includes your full IPv4 addy, though if you're behind NAT, it will only expose your internal IP (say, or something useless like that).

    Of course, if your ISP is already using IPv6, well... yes, your true, ISP-traceable addy is available. I suppose that disabling IPv6 on the PPTP interface would be easier, that should block the leak. IPv6 will begin dominating the internet sooner than later, as IPv4 exhaustion is estimated to happen in *less than 12 months* from now.

  2. The comment by Anonymous 2010.08.17 is the first intelligent thing I've seen published about this "terrible security flaw in PPTP"

    Amusingly, it's now the end of 2012 and almost everybody is still using IPv4.

    I think, as the other writer, that disabling IPv6 on your vpn adapter is the easiest way to go. By the time IPv6 is really necessary your PPTP service should have an IPv6 server.

    Anyway, PPTP properly configured does not have a gigantic security flaw. It is perfectly safe for run-of-mill security. There seems to be a lot of paranoia out there.


Post a Comment

Popular posts from this blog

How to Record CPU and Memory Usage Over Time in Windows?

Whenever the computer is lagging or some application is taking too long to respond, we usually fire up task manager and look under the Performance tab or under Processes to check on processor utilization or the amount of free memory available. The task manager is ideal for real-time analysis of CPU and memory utilization. It even displays a short history of CPU utilization in the form of a graph. You get a small time-window, about 30 seconds or so, depending on how large the viewing area is.

How to Schedule Changes to Your Facebook Page Cover Photo

Facebook’s current layout, the so called Timeline, features a prominent, large cover photo that some people are using in a lot of different creative ways. Timeline is also available for Facebook Pages that people can use to promote their website or business or event. Although you can change the cover photo as often as you like, it’s meant to be static – something which you design and leave it for at least a few weeks or months like a redesigned website. However, there are times when you may want to change the cover photo frequently and periodically to match event dates or some special promotion that you are running or plan to run. So, here is how you can do that.

69 alternatives to the default Facebook profile picture

If you have changed the default Facebook profile picture and uploaded your own, it’s fine. But if not, then why not replace that boring picture of the guy with a wisp of hair sticking out of his head with something different and funny?