Common VPN Security Flaws

Short Description
This paper outlines some of the common VPN security flaws that NTA … In the three years since NTA Monitor started testing VPN security, they have …

Website: www.nta-monitor.com | Filesize: 425kb

Content
Common VPN Security Flaws
Roy Hills, NTA Monitor Ltd.
http://www.nta-monitor.com/
January 2005
Abstract
This paper outlines some of the common VPN security flaws that NTA
Monitor have found during the last three years while performing VPN security
tests. The paper concentrates on remote access VPN configurations
using the IPsec protocol, although some of the findings are also applicable
to site-to-site VPNs.
Some of the problems that have been seen, such as the username enumeration
issue, are new discoveries, while others are known limitations of
the protocols, which are exposed due to poor configuration.
The paper shows that VPNs are far from the impenetrable systems that
many people believe them to be, and that they can actually be the weak link
in an otherwise secure system.
1Contents
1 Introduction 3
2 VPNs are Attractive Targets 3
3 Common VPN Flaws 4
3.1 VPN Fingerprinting . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.2 Insecure Storage of Authentication Credentials by VPN Clients . . 4
3.3 Username Enumeration Vulnerabilities . . . . . . . . . . . . . . . 7
3.4 Offline Password Cracking . . . . . . . . . . . . . . . . . . . . . 10
3.5 Man-in-the-Middle Attacks . . . . . . . . . . . . . . . . . . . . . 12
3.6 Lack of Account Lockout . . . . . . . . . . . . . . . . . . . . . . 13
3.7 Poor Default Configurations . . . . . . . . . . . . . . . . . . . . 14
3.8 Poor Guidance and Documentation . . . . . . . . . . . ….