Re: pen test VPN
From: Jose Nazario (jose@biocserver.BIOC.cwru.edu)Date: 02/26/02
- Previous message: Aleksander P. Czarnowski: "RE: pen test VPN"
- In reply to: Carl Bysen: "pen test VPN"
- Next in thread: Mark Rowe: "Re: pen test VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 25 Feb 2002 19:51:59 -0500 (EST) From: Jose Nazario <jose@biocserver.BIOC.cwru.edu> To: Carl Bysen <crbyme@writeme.com>
On Sun, 24 Feb 2002, Carl Bysen wrote:
> what can be done to pen test a VPN setup? Which tools are available,
> additionally does it make sense to pen-test a VPN setup (traffic is
> encrypted)?
shoten and a colleague of his did a discussion at defcon 01 where they
talked about a buffer overflow in a VPN daemon (they didn't identify which
one, but they gave enough info to those who know how their VPN system
works to know they're vulnerable). basic buffer overflow in the
authentication.
also, i have written some libnet 1.1 code for esp and ah packet creation.
between the two basic premises -- DoS/buffer overflow/etc and traffic
injection/insertion -- you should be able to have some fun with a VPN
tunnel.
____________________________
jose nazario jose@cwru.edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Aleksander P. Czarnowski: "RE: pen test VPN"
- In reply to: Carl Bysen: "pen test VPN"
- Next in thread: Mark Rowe: "Re: pen test VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
