Penetration Testing mailing list archives

Re: [PEN-TEST] VPN Detector

From: Emre Yildirim <emre.yildirim () US ARMY MIL>
Date: Thu, 22 Feb 2001 16:37:46 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On Thursday 22 February 2001 10:27 US Central Time, Ivan Buetler wrote:


How do you recognize VPN devices?


If this network is not switched, and if you have a box on that network, you
can just sniff traffic.  Key exchange is a very brief process; once the keys
are exchanged, the VPN is established and there is no need for further key
exchange.  Depending on the type of VPN (active or tunneling), you would be
able to recognize VPN devices by simply looking for packets which use
protocols 50 (ESP, for encapsulating the pay load) and 51 (AH, for
authentication of the header)

Regards

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (OSF1)
Comment: http://1086362465/emre-dsa.asc

iD8DBQE6lZS+UGchLJL+QvQRAwPJAKDXU6Oiaa4oMD4du2AW+KCFcHILCACdFetZ
NO9riAhsx1AQbeWHcVot68c=
=Q83B
-----END PGP SIGNATURE-----

Current thread:

[PEN-TEST] VPN Detector Ivan Buetler (Feb 22)
- Re: [PEN-TEST] VPN Detector Chris Winter (Feb 22)
- Re: [PEN-TEST] VPN Detector Emre Yildirim (Feb 22)