Hi all, I have received a (maybe) "stupid" request from one of our customers. We have a pair of public OpenBSD firewalls (CARPed) that our development team use to access to several customers via VPN IPsec tunnels. But this morning we have received a request from one of these cutomers to access to our development servers using only one acl to permit their public IP address (without using VPN IPsec, or VPN SSL tunnels).
And my (OT) question: how easy is to do a MITM attack (DNS spoofing for example, or another type of attack that permits to fake source public ip address) in this scenario? Many thanks. -- Greetings, C. L. Martinez
