← Back to context

Comment by oskarpearson

12 years ago

It seems that this is likely to impact OpenVPN too, since it uses TLS - https://openvpn.net/index.php/open-source/337-why-openvpn-us...

Using a tls-auth key may help mitigate this (especially if you use UDP) since it should stop anything reaching the TLS handshake layer. https://openvpn.net/index.php/open-source/documentation/howt...

1 comment

oskarpearson

Reply
Karunamon  12 years ago

Testing my externally-accessible OpenVPN server revealed that it is indeed vulnerable. I just powered the box off, going to be a long day at work before I can get home and fix it :/