RE: Cisco VPN Concentrator GUI

• Previous message: Beauford, Jason: "RE: Port 9090 WServer??"
• Maybe in reply to: kaps lock: "Cisco VPN Concentrator GUI"
• Next in thread: kaps lock: "RE: Cisco VPN Concentrator GUI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 17 May 2005 13:29:48 -0400
To: <pen-test@securityfocus.com>

Agreed with James.
Also it could just be the browser login interface for Cisco 3002 HW
Client authentication.

-----Original Message-----
From: James Williams [mailto:jwilliams@mail.wtamu.edu]
Sent: Monday, May 16, 2005 10:21 AM
To: kaps lock; pen-test@securityfocus.com
Subject: RE: Cisco VPN Concentrator GUI

Are you sure that it's not the SSL VPN Interface for remote access? By
default the administration interface is only accessible from the inside
interface, which means that it wouldn't be publicly available to the
Internet unless somebody purposely made it available.

James Williams, GISF
Network Systems Technician

-----Original Message-----
From: kaps lock [mailto:kapsloc1978@yahoo.com]
Sent: Sunday, May 15, 2005 10:09 PM
To: pen-test@securityfocus.com
Subject: Cisco VPN Concentrator GUI

hi all,
i am pen-testing one of our clients and am seeing
their web interface to the vpn concentrator (cisco)
available publicly on the internet with the username
/password page.
How could i explain somebody tht it can be
exploited...am sure this is not a good idea to hav ur
vpn concnetrator interface on the public internet..but
i cant find any vulenrabilites on the net ....to
explain to the person....only thing i can think of is
brute forcing the username pasword field...which is
again a challenge for web vpn..any ideas??
thanks

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

• Previous message: Beauford, Jason: "RE: Port 9090 WServer??"
• Maybe in reply to: kaps lock: "Cisco VPN Concentrator GUI"
• Next in thread: kaps lock: "RE: Cisco VPN Concentrator GUI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: VPN concentrator placement ... We used a port on our Pix 515 to plug the public port of the ... The VPN Concentrator Is not a firewall and has lots of Holes out of the box ... I am doing a new install of a Cisco VPN concentrator on our existing network ... (Security-Basics) IAS 2003 for Cisco VPN Authorization (MS A.D. Group Lookup) ... we are using Cisco VPN concentrator and Cisco ... How can we use IAS 2003 to do just this job of a group lookup in the ... Since Cisco VPN concentrator performs Authentication ... (microsoft.public.internet.radius) DNS resolution problem with cisco vpn concentrator ... I have found that our Cisco VPN concentrator is now unable to ... access mapped drives by UNC; I just receive an access denied error. ... I have confirmed with Cisco that the VPN settings are ... from the VPN concentrator by name and IP address. ... (microsoft.public.windows.server.networking) Re: Discussion on where RADIUS server should be ... >> Personally I would keep the Cisco VPN concentrator. ... (microsoft.public.security)