Notifications

Clear all

VPN handshake hacking

General (Technical, Procedural, Software, Hardware etc.)

Last Post by TinyBrain 7 years ago

5 Posts

3 Users

0 Likes

557 Views

RSS

RolfGutmann

(@rolfgutmann)

Posts: 1185

Noble Member

Topic starter

For collaboration with partners we actually develop a new Isolated Secure Network ISN based on highest VPN encryption (tunnel and content). But the tunnel setup is vulnerable at its handshake.

How can we protect against handshake setup hacking?

Posted : 03/07/2017 1:08 pm

TinyBrain

(@tinybrain)

Posts: 354

Reputable Member

Your company may consider OpenVPN as the best solution on the market, see an assessment here

https://ostif.org/wp-content/uploads/2017/05/OpenVPN1.2final.pdf

Posted : 03/07/2017 2:09 pm

MDCR

(@mdcr)

Posts: 376

Reputable Member

Here is another assessment
https://www.cvedetails.com/vulnerability-list/vendor_id-3278/Openvpn.html

Posted : 03/07/2017 2:44 pm

RolfGutmann

(@rolfgutmann)

Posts: 1185

Noble Member

Topic starter

Thank you both.

So, wich VPN is today's most secure?
Have to mention that our budget within LEO is actually for the past years, very limited, we cannot invest in highest secure TPM modules etc.. We also cannot control BGP routing of our CSP.

From my point of view the weakest point is the handshake.

How to secure the handshake?

(We already considered to run it by directional RF-links air-interfaces, but costly, very)

Posted : 03/07/2017 3:17 pm

TinyBrain

(@tinybrain)

Posts: 354

Reputable Member

Security is not for free…

If you consider OpenVPN, read this

http//eprint.iacr.org/2016/798.pdf

Posted : 03/07/2017 5:28 pm

8 Forums
15.5 K Topics
92 K Posts
5 Online
40 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed