Penetration Testing mailing list archives
Re: pen test VPN
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Mon, 25 Feb 2002 19:51:59 -0500 (EST)
On Sun, 24 Feb 2002, Carl Bysen wrote:
what can be done to pen test a VPN setup? Which tools are available, additionally does it make sense to pen-test a VPN setup (traffic is encrypted)?
shoten and a colleague of his did a discussion at defcon 01 where they talked about a buffer overflow in a VPN daemon (they didn't identify which one, but they gave enough info to those who know how their VPN system works to know they're vulnerable). basic buffer overflow in the authentication. also, i have written some libnet 1.1 code for esp and ah packet creation. between the two basic premises -- DoS/buffer overflow/etc and traffic injection/insertion -- you should be able to have some fun with a VPN tunnel. ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- pen test VPN Carl Bysen (Feb 25)
- Re: pen test VPN Jose Nazario (Feb 26)
- Re: pen test VPN Mark Rowe (Feb 27)
- <Possible follow-ups>
- pen test VPN cdowns (Feb 25)
- RE: pen test VPN DABDELMO (Feb 25)
- RE: pen test VPN Eric Hines (Feb 26)
- RE: pen test VPN Aleksander P. Czarnowski (Feb 26)