VPN Hacking

• Microsoft PPTP: originally had a weak encryption function, algorithm (RSA), the TCP port (1723) used for connection control was vulnerable to DoS attacks, only the data was encrypted. NT: Service Pack 4 closed these vulnerabilities, Win 9x clients should be upgraded to DUN 1.3 to use these improvements.

  • Win 2k, XP, 7: came with IPSec support as we saw previously. See VPN with Single Sign On in Windows 7.

• IPSec: very difficult to understand, even by experts.

  • Hackers do not seem to have figured it out yet, what is good.
  • Schneier and Ferguson (renowned experts) conclusion: IPSec is too complex to be secure, but it is better than any other security protocol in existence.
  • Different implementations: VPN requires the use of VPN gateways in the server side. Read this article to see a comparison of these types.

• VOIP hacking: sniffing and enumeration. New tools potential.

Previous slide

Next slide

Back to first slide

View graphic version