For posterity and in case it helps anyone else in the future: I opened a ticket for this issue on the VirtualBox bugtracker (https://www.virtualbox.org/ticket/14055) which was closed as a probable duplicate of https://www.virtualbox.org/ticket/13475 which itself was just marked fixed in the next release.
I will attempt to replicate my problems in the new release of VirtualBox and report back if I still encounter problems. Thanks, Jeff On Thu, Apr 23, 2015 at 3:18 AM, Steffan Karger <stef...@karger.me> wrote: > > On 23-04-15 08:58, Gert Doering wrote: >> On Wed, Apr 22, 2015 at 05:25:54PM -0700, blz wrote: >>>> The server will just update its "what IP/port is the client on?" table >>>> entry, without restarting anything. >>> >>> What I'm wondering is how secure that is, such as how easily one could >>> fake such a reconnect to get in on someone else's session, where they >>> wouldn't even need a key? I hope this is just good ol' fashion paranoia >>> on my part, but it would be nice to know. Thanks. >> >> The server updates its table entry only if the packet's HMAC validates, >> read "the client knows the key material for that particular session". > > It is even better: the server checks both the HMAC /and/ replay > protection before updating its table entry. This means that an attacker > also can't use older, previously valid, packets to mount a > denial-of-service attack. > > -Steffan > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
