Forwarded from Pegasus NSO & other spyware
"Haunted by Legacy: Discovering and Exploiting Vulnerable #Tunnelling Hosts", 2025.
#Hosts #Vulnerability
This paper is the first to systematically analyse the securityof tunnelling hosts on the IPv4 and IPv6 Internet. Our large-scale Internet-wide scans identified over 4 million hosts that
accept unencrypted tunnelling packets from any source.
This is concerning because vulnerable hosts can be abused asone-way proxies, and many of these hosts also allow an ad-versary to spoof a packetβs source address, enabling variouskinds of known and novel attacks.
Moreover, we also demon-strated that these vulnerable hosts enable novel DoS attacks,such as our TuTL and Ping-Pong attacks. The TuTL attack
is especially concerning since it can be abused to perform DoS attacks against any third-party host on the Internet.
Our measurements also show that many Autonomous Systems,more than four thousand in total, do not (properly) imple-ment source address filtering, thereby allowing the spoofing
of source IP addresses.#Hosts #Vulnerability