VPN handshake hacki...
 
Notifications
Clear all

VPN handshake hacking  

  RSS
RolfGutmann
(@rolfgutmann)
Community Legend

For collaboration with partners we actually develop a new Isolated Secure Network ISN based on highest VPN encryption (tunnel and content). But the tunnel setup is vulnerable at its handshake.

How can we protect against handshake setup hacking?

Quote
Posted : 03/07/2017 1:08 pm
TinyBrain
(@tinybrain)
Active Member

Your company may consider OpenVPN as the best solution on the market, see an assessment here

https://ostif.org/wp-content/uploads/2017/05/OpenVPN1.2final.pdf

ReplyQuote
Posted : 03/07/2017 2:09 pm
MDCR
 MDCR
(@mdcr)
Active Member

Here is another assessment
https://www.cvedetails.com/vulnerability-list/vendor_id-3278/Openvpn.html

ReplyQuote
Posted : 03/07/2017 2:44 pm
RolfGutmann
(@rolfgutmann)
Community Legend

Thank you both.

So, wich VPN is today's most secure?
Have to mention that our budget within LEO is actually for the past years, very limited, we cannot invest in highest secure TPM modules etc.. We also cannot control BGP routing of our CSP.

From my point of view the weakest point is the handshake.

How to secure the handshake?

(We already considered to run it by directional RF-links air-interfaces, but costly, very)

ReplyQuote
Posted : 03/07/2017 3:17 pm
TinyBrain
(@tinybrain)
Active Member

Security is not for freeā€¦

If you consider OpenVPN, read this

http//eprint.iacr.org/2016/798.pdf

ReplyQuote
Posted : 03/07/2017 5:28 pm
Share: