Hello all,
Has anyone done a technical pen-test on a SSL VPN concentrator recently?
If yes, what tools did you use and what facets of the device did you
look at? I am speaking of testing above and beyond such tools as
vulnerability assessment tools such as Nessus. For example, analyzing
the client-side applets, browser cache files, cookie hijacking,
weaknesses in authentication, etc.
I am not really interested in the policy and practices side of things in
this case, such as when and where to use the SSL VPN (e.g. not in a
Starbucks or Kinkos), logging out, etc.
FWIW, there is a pretty good basic whitepaper by Joseph Steinberg of
Whale Communications on this topic at
http://www.sans.org/rr/wp/SSL_VPN.pdf, but I was hoping for more along
the line of success stories along the lines of "I found this using this"
or device-specific problems that are not addressed by current code
releases.
Thanks,
Mark Lachniet
---------------------------------------------------------------------------
----------------------------------------------------------------------------
Received on Dec 01 2003
Intro
