Penetration Testing mailing list archives
RE: [in] VPN protocols
From: "Curt Purdy" <purdy () tecman com>
Date: Wed, 22 Dec 2004 14:05:07 -0600
Dan Tesch wrote:
I am not very up on VPN protocols, I am testing a network that has an edge router which has several site-to-site VPN's set up and several clients connecting to it via MS PPTP client.
<snip> You did not mention the site-to-site vpn vendor, but sounds like ipsec to me. Your easiest shot at compromise is with PPTP. It was an insecure format from the beginning. It took cisco to show Microsoft how to do VPN. Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA Information Security Engineer DP Solutions ----------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity czar Richard Clarke
Current thread:
- VPN protocols Dan Tesch (Dec 22)
- RE: [in] VPN protocols Curt Purdy (Dec 22)
- <Possible follow-ups>
- RE: VPN protocols John Forristel (SunGard-Chico) (Dec 22)
- Re: VPN protocols Chris Kuethe (Dec 22)
- RE: VPN protocols Keith Pachulski (Dec 22)