When IPsec VPNs Come Under Attack - PowerPoint PPT Presentation

1 / 7
About This Presentation
Title:

When IPsec VPNs Come Under Attack

Description:

Enterprise AP uses Internet Key Exchange (IKE) to perform ... client/AP. Legitimate ... an ARP request, which the AP broadcasts. Malicious User. Legitimate User ... – PowerPoint PPT presentation

Number of Views:38
Avg rating:3.0/5.0
Slides: 8
Provided by: amym154
Category:
Tags: ap | attack | come | ipsec | under | vpns

less

Transcript and Presenter's Notes

Title: When IPsec VPNs Come Under Attack


1
When IPsec VPNsCome Under Attack
2
Man-in-the-Middle
Step 1 Enterprise AP uses Internet Key Exchange
(IKE) to perform XAUTH authentication with a
malicious user posing as a legitimate client.
Step 3 Malicious user forms a valid IPsec VPN
with the enterprise LAN and disconnects the
legitimate user.
VPN Concentrator
Legitimate User
Malicious User Hybrid client/AP
Step 2 Malicious user broadcasts as if he were
an AP, and uses IKE to perform XAUTH
authentication with a legitimate enterprise user
and performs RADIUS mutual authentication.
3
IP Spoofing
Malicious user steals an used IP address or
sends a DHCP request to the AP, then attacks a
legitimate user on the same subnet.
VPN Concentrator
Legitimate User
Malicious User
4
ARP Spoofing
Step 1 Legitimate user sends an ARP request,
which the AP broadcasts.
Step 2 Another legitimate user responds to the
ARP request.
Yes Im here! This is 10.1.1.1 and my MAC
address is 123456
VPN Concentrator
IPsec VPN
Hey 10.1.1.1, are you there?
Legitimate User
No, IM 10.1.1.1 and MY MAC address is
987654
Step 3 Malicious user eavesdrops on the ARP
request and responds after the legitimate user,
sending his malicious MAC address to the
originator of the request.
Step 4 Information for IP address 10.1.1.1 is
now being sent to malicious MAC address
987654.
Malicious User
5
MAC Duplicating
Malicious user sniffs the air for MAC addresses
of currently-associated legitimate users and then
uses that MAC address to attack other users
associated to the same AP.
VPN Concentrator
Legitimate User
Malicious User
6
Denial-of-Service
Malicious user floods the AP to deny service to
any legitimate user associated to that AP.
VPN Concentrator
Legitimate User
Malicious User
7
When Connections Stray
Malicious user hijacks legitimate users
connection outside of the IPsec tunnel to access
the Internet.
VPN Concentrator
Legitimate User
Malicious User
Write a Comment
User Comments (0)
About PowerShow.com