Microsoft pptp vpn vulnerabilities Exploits in Action

© SANS Institute 2000 - 200

Download 2 Mb.

Pdf ko'rish

bet	7/144
Sana	16.01.2022
Hajmi	2 Mb.
	#372744

1 2 3 4 5 6 7 8 9 10 ... 144

Bog'liq
microsoft-pptp-vpn-vulnerabilities-exploits-action 337

© SANS Institute 2000 - 200
5
, Author retains full rights.

Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46

Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46

© SANS Institute 2000 - 200
5
Author retains full rights.
5
infrastructure (routers, servers, software, etc.) and basically “tunnel” or “piggy-
back” their private network inside the public network traffic, and realize a
considerable savings in resources and costs compared to dedicated
connections.
A VPN solution is also able to provide more flexible options to remote
workers instead of only dial-up speeds and choices, they can connect from
anywhere in the world for just the cost of their Internet connection, at whatever
speed their ISP services may provide.
There have been many VPN technologies developed in recent years, and
many more on the way. They vary widely from simple, to very difficult to setup
and administrate, from free to very expensive, from light security to much heavier
protection, from software based to dedicated hardware solutions, and even
some managed services providers (for example
www.devtodev.com
or
www.iss.net
) now entering into the market to increase the VPN choices
available.
Most VPNs operate using various forms of “tunneling” combined with
many choices for encryption and authentication.
In this document “tunneling” is over IP based networks, though other
technologies exist as well (such as ATM based). This document will focus on
technologies that deliver VPN solutions over IP based networks, and refer to
them generically as “public” or “Internet” based networks, and only delve into the
specific “carrier” protocol when appropriate (IPX, ATM, and other protocols are
also used, but as IP has become quite dominant, many are now focused on IP).
This document will only cover IPv4 not IPv6. Use of MS PPTP over 802.11b
wireless technologies will also be briefly covered.
The data of the “private network” is carried or “tunneled” inside the public
network packet, this also allows other protocols, even normally “non-routable”
protocols to become usable across widely dispersed locations. For example,
Microsoft’s legacy NetBEUI protocol can be carried inside such a tunnel, and
thus a remote user is able to act as part of the remote LAN or two small LANS,
in two very different locations, would actually be able to “see” each other, and
work together, over many hops of routers, and still function, with a protocol that
normally would not route across the Internet, although there are many
consequences in trying to stretch such a protocol beyond it’s intended use.
Tunneling in and of itself is not sufficient security. For example, let’s use
IP as the carrier public protocol, carrying IPX inside as the private protocol.
Anyone sniffing the “public” network’s packets could easily extract the clear text
information of the IPX packets carried within the IP packets. This means that
sufficient encryption of the carried IPX packets is necessary to protect their data.
These two technologies suffice to provide a basic VPN, but will be weak if
a third part is missing or lax (as we will show in various examples throughout
this document). This third part would be anything related to authentication, traffic
control, and related technologies. If there aren't sufficient authentication
technologies in place then it is quite simple for an intruder to intercept various
VPN connections and “hijack” them with many “man/monkey in the middle
attacks” and easily capture all data going back and forth between the VPN
0

Download 2 Mb.

Do'stlaringiz bilan baham:

1 2 3 4 5 6 7 8 9 10 ... 144