hamachi

Description

Hamachi is a centrally-managed zero-configuration VPN freeware application capable of establishing direct links between computers that are behind NAT firewalls without requiring reconfiguration.

Characteristics

Category :
 networking
Evasive :
 yes
Risk :
Widely Used :
 yes
Standard Port :
 tcp/12975,10080 udp/17771
Has Known Vulnerabilities :
 yes
Capable of File Transfer :
 yes
Prone to Misuse :
 yes
Used by Malware :
 yes
Tunnels Other Application :
 yes
Excessive Bandwidth :
 no		  

Analysis

Hamachi VPN is a simple and innovative virtual private networking (VPN) application, frequently used for gaming and remote administration that allows a computer to establish a connection over the Internet to other computers as if they were physically connected together. Hamachi VPN consists of a centralized server cluster managed by LogMeIn and the Hamachi client software, which is installed on end-user computers.

The Hamachi client first authenticates to the LogMeIn server to setup a direct, encrypted connection between clients. The Hamachi client software works by adding a virtual network interface to the local host, which is used for intercepting outbound and injecting inbound VPN traffic. Outbound traffic sent by the local host to this interface is delivered to the client software, which encrypts, authenticates, and sends it to the destination VPN peer over a specially initiated UDP connection. The client exhibits evasive behavior by first detecting whether or not there is a firewall or NAT device en route to the Internet. Then when establishing tunnels between peers, Hamachi uses a server-assisted NAT-traversal technique, similar to UDP hole punching.

It used to be that setting up a VPN tunnel was extremely difficult, however with Hamachi VPN, a VPN tunnel can be established in less than 10 minutes. Hamachi VPN is challenging for most enterprise networks because of its ease of use, evasive behavior, and the lack of visibility and control over what is running inside the encrypted tunnels. In order to mitigate risks and enforce safe Internet usage policies, Enterprises should maintain visibility and control over applications like Hamachi VPN.