The authors also have recommendations for VPN servers and service providers. They suggest that VPN providers randomize source port selection, prevent clients from using the VPN server’s listening port as a source port, and limit concurrent VPN connections. From a user perspective, they should connect to private VPN servers to which only they have access, or use a non-vulnerable encryption protocol.