Penetration Testing: RE: [in] VPN protocols

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

RE: [in] VPN protocols

From: "Curt Purdy" <purdy () tecman com>
Date: Wed, 22 Dec 2004 14:05:07 -0600

Dan Tesch wrote:

I am not very up on VPN protocols, I am testing a network 
that has an edge router which has several site-to-site VPN's 
set up and several clients connecting to it via MS PPTP client.

<snip> 

You did not mention the site-to-site vpn vendor, but sounds like ipsec to
me.  Your easiest shot at compromise is with PPTP.  It was an insecure
format from the beginning.  It took cisco to show Microsoft how to do VPN.

Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA
Information Security Engineer 
DP Solutions

-----------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

By Date By Thread

Current thread:

VPN protocols Dan Tesch (Dec 22)
- RE: [in] VPN protocols Curt Purdy (Dec 22)
- <Possible follow-ups>
- RE: VPN protocols John Forristel (SunGard-Chico) (Dec 22)
  - Re: VPN protocols Chris Kuethe (Dec 22)
- RE: VPN protocols Keith Pachulski (Dec 22)