Penetration Testing mailing list archives
Re: [PEN-TEST] VPN Detector
From: Emre Yildirim <emre.yildirim () US ARMY MIL>
Date: Thu, 22 Feb 2001 16:37:46 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 On Thursday 22 February 2001 10:27 US Central Time, Ivan Buetler wrote:
How do you recognize VPN devices?
If this network is not switched, and if you have a box on that network, you can just sniff traffic. Key exchange is a very brief process; once the keys are exchanged, the VPN is established and there is no need for further key exchange. Depending on the type of VPN (active or tunneling), you would be able to recognize VPN devices by simply looking for packets which use protocols 50 (ESP, for encapsulating the pay load) and 51 (AH, for authentication of the header) Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (OSF1) Comment: http://1086362465/emre-dsa.asc iD8DBQE6lZS+UGchLJL+QvQRAwPJAKDXU6Oiaa4oMD4du2AW+KCFcHILCACdFetZ NO9riAhsx1AQbeWHcVot68c= =Q83B -----END PGP SIGNATURE-----
Current thread:
- [PEN-TEST] VPN Detector Ivan Buetler (Feb 22)
- Re: [PEN-TEST] VPN Detector Chris Winter (Feb 22)
- Re: [PEN-TEST] VPN Detector Emre Yildirim (Feb 22)