On Sun, 24 Feb 2002, Carl Bysen wrote:
> what can be done to pen test a VPN setup? Which tools are available,
> additionally does it make sense to pen-test a VPN setup (traffic is
> encrypted)?
shoten and a colleague of his did a discussion at defcon 01 where they
talked about a buffer overflow in a VPN daemon (they didn't identify which
one, but they gave enough info to those who know how their VPN system
works to know they're vulnerable). basic buffer overflow in the
authentication.
also, i have written some libnet 1.1 code for esp and ah packet creation.
between the two basic premises -- DoS/buffer overflow/etc and traffic
injection/insertion -- you should be able to have some fun with a VPN
tunnel.
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
