PaulDotCom mailing list archives
SSL VPN attacks?
From: Russell.Butturini at Healthways.com (Butturini, Russell)
Date: Mon, 1 Feb 2010 07:48:16 -0600
I have tested SSLStrip against ASA 5520s and 40s running version 8.0(2) and 8.0(4) of the code releases, and while it worked against the authentication page, the AnyConnect client bugged out and crashed when I started actively sending traffic across the established tunnel. I think speed, cost and management is what drives people away from the IPSec VPN. Not to mention that it is a bit more secure (It's not terribly hard to recover the group password in about 3 seconds from an Cisco VPN client profile file). The SSL VPN client is WAAYYYY faster than the IPSec client and much more stable, plus you don't have to wrap its ugly drivers around your NIC. However, the biggest concern I would have is depending on how many SSL clients you are moving towards is that I have seen the ASAs start to really bog down with a large number of SSL VPN clients unless they have the crypto accelerator modules installed in them. Management is a lot easier too with no software installation or configuration of the client profile. Mick, There are also some other rumors around the AnyConnect client I can discuss off list. ________________________________ From: pauldotcom-bounces at mail.pauldotcom.com on behalf of Michael Douglas Sent: Sun 1/31/2010 1:49 PM To: PaulDotCom Security Weekly Mailing List Subject: [Pauldotcom] SSL VPN attacks? Do any of the ssl strip type attacks work against SSL VPNs? Specifically the Cisco variant? I have a side client who's all but ready to ditch IPSec and that's got me a bit concerned. I've tried noodling around on google/bing to see what I can find, and my search-fu is weak today. Any tips are welcomed. Thanks & have a nice day! - Mick _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com <http://pauldotcom.com/> ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/ms-tnef Size: 4922 bytes Desc: not available Url : http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100201/dcdbd6f3/attachment.bin
Current thread:
- SSL VPN attacks? Michael Douglas (Jan 31)
- SSL VPN attacks? Jack Daniel (Jan 31)
- SSL VPN attacks? Butturini, Russell (Feb 01)