Mobile VPN Vulnerabilities & Solutions

Presented at DEF CON 10 (2002), Aug. 3, 2002, 11 a.m. (50 minutes).

A real life solution to the mobile VPN problem will be presented. It uses OpenBSD on a laptop with a IPsec tunnel to a gateway. The real benefit to the audience is that potential security vulnerabilities will be discussed (e.g., sending IKE ID in the clear, allowing udp/500 to the gateway from all IP addresses, the use of Aggressive vs. ID Prot mode in Phase 1). In addition, potential solutions to those vulnerabilities will be presented.


Presenters:

  • Brett Eldridge - Netscreen http://pobox.com/~beldridg
    Brett recently joined NetScreen as the Director of Professional Services. Prior to NetScreen, he was a co-founder at OneSecure and before that a senior technical security consultant at HP Consulting. Brett has written numerous papers and presentations on security.

Links:

Similar Presentations: