New blog post on how Slack’s TURN server allowed relaying of TCP connections and UDP packets to internal Slack network and meta-data services on AWS. https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/ … .. enjoy!
-
-
Fun! And because various folks have asked me over the course of today: Tailscale's not vulnerable to this. Our STUN servers only understand the basic "what's my IP" binding request, and DERP (our relay proto) requires both endpoints to explicitly opt into receiving traffic.
-
DERP works by connecting to it and (a) saying "hi I'm <pubkey>" and then sending "please send <bytes> to <pubkey2>". If <pubkey2> is also connected to this same server, the bytes are relayed.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.