1 / 11

VPN AND SECURITY FLAWS

VPN AND SECURITY FLAWS. Rajesh Perumal Clemson University. VPN – AN ATTRACTIVE TARGET. Carry Sensitive information Remote access VPNs exposes entire internal network Intrusion Detection Systems cannot Monitor VPN Traffic

jodie
Download Presentation

VPN AND SECURITY FLAWS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VPN AND SECURITY FLAWS Rajesh Perumal Clemson University

  2. VPN – AN ATTRACTIVE TARGET • Carry Sensitive information • Remote access VPNs exposes entire internal network • Intrusion Detection Systems cannot Monitor VPN Traffic • Increase in security in Internet servers makes VPN a tempting Target.

  3. VPN FLAWS • Insecure storage of Authentication credentials by VPN Clients • Username Enumeration Vulnerabilities • Offline Password Cracking • Man in the Middle Attacks • Lack of Account Lockout • Poor Default Configurations • Poor Guidance and Documentation

  4. Insecure storage of Authentication credentials by VPN Clients • Storing the username unencrypted in a file or the registry • Storing password in scrambled form or obfuscated form • Physical memory dumps can reveal plain text passwords • Caching credentials

  5. Username Enumeration Vulnerabilities • IKE Aggressive Mode with PSK will prompt or give clue the hacker, the login name is incorrect. So the hacker can deduce the correct user names.

  6. Offline Password Cracking • Easy to obtain Hash function. • Responder hash is obtained • Dictionary attack on the password will reveal in feasible amount.

  7. Man in the Middle Attacks • By installing a packet sniffing system between the VPN client and server , we can sniff clear text user names and the password can be cracked by the 1st and 2nd packets of the IKE Aggressive mode exchange. • The sniffing system (SS), acts as a server for the client and as a client for the server. SS can get passwords, user names and ISAKMP message from the client and issue its own ISAKMP message. Similarly the sniffer can send its own ISAKMP message, since the user name and password is known.

  8. Poor Guidance and Documentation • End user is not provided with proper documentation and is not well informed to take proper decisions. • User goes with default settings, default encryption.

  9. CONCLUSION • Remote access VPN systems , 90% have had significant security issues. • Cryptographic Techniques adopted are strong but vulnerabilities are due to poor configuration. • Well accepted security practices are not adopted. • Info leaking about valid usernames is prevented in OS but not in VPN. • Users make Default configuration on the basis of ease of use rather than security. Eg. IKE Aggressive mode with PSK authentication • Users do not know the intensity of bad Configuration options. • Proper testing is needed. Tools like “ike – scan” should help testing the VPN.

More Related