Results 1 to 2 of 2

Thread: tools for MITM attacks on a VPN tunnels?

  1. #1
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    1

    Default tools for MITM attacks on a VPN tunnels?

    Hi i'm new here (and new to Back Track) so bare with me if i ask anythin stupid. I'm currently working on my dissertation for my final year of university and I've based it on the different types of hardware and software VPN solutions, the protocols they use and their security.

    I need to prove that there is encryption for the tunnelling protocols that i've employed for my various VPN configurations, and exploit any weaknesses if possible!
    However, I have no idea how to do this.

    So far i've only been able to prove the tunnel is encrypted by sticking Wireshark in the middle of the network and identifying the header types.
    My supervisor suggested I tried here to get some advice on which tools to use.

    So far I have 3 VPN's to test:

    - A server 2003 based remote-access VPN (2 servers: Domain server, VPN server, RADIUS (IAS) server) using L2TP/IPSec with certificates.

    -A client to site VPN using a Cisco 2620 router as the VPN server and a Windows XP client

    -Site-to-site VPN using numerous 3600 routers and a GRE tunnel (with IPSec). This is simulated on GNS3

    I am also studying Hamachi, so if anyone knows anyway I can test the security on the tunnel technology that it uses it would be great!

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by guitar_adam2000 View Post
    Hi i'm new here (and new to Back Track) so bare with me if i ask anythin stupid. I'm currently working on my dissertation for my final year of university and I've based it on the different types of hardware and software VPN solutions, the protocols they use and their security.

    I need to prove that there is encryption for the tunnelling protocols that i've employed for my various VPN configurations, and exploit any weaknesses if possible!
    However, I have no idea how to do this.

    So far i've only been able to prove the tunnel is encrypted by sticking Wireshark in the middle of the network and identifying the header types.
    My supervisor suggested I tried here to get some advice on which tools to use.

    So far I have 3 VPN's to test:

    - A server 2003 based remote-access VPN (2 servers: Domain server, VPN server, RADIUS (IAS) server) using L2TP/IPSec with certificates.

    -A client to site VPN using a Cisco 2620 router as the VPN server and a Windows XP client

    -Site-to-site VPN using numerous 3600 routers and a GRE tunnel (with IPSec). This is simulated on GNS3

    I am also studying Hamachi, so if anyone knows anyway I can test the security on the tunnel technology that it uses it would be great!
    FakeIKEd is one. Post back here with any tools you find if you discover others. Although I haven't looked into this in any great depth I do know that attempting MITM attacks isn't the preferred attack vector for decent VPNs, because the security of the good ones is actually pretty.... good. (Im not including SSL based VPNs in my set of "decent VPNs" by the way)

    Client side attacks are usually more effective, but if you discover effective methods to perform MITM please share.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •