On Monday 13 May 2013 03:13:27 Adam Carter wrote: > > You can read a comparison between the *Swans here, but things have moved > > on since; e.g. StrongSwan supports IKEv1 in Aggressive Mode, > > Aggressive mode with pre-shared keys is vulnerable to offline dictionary > attack so you might as well use main mode. If for some reason you have to > use aggressive mode use a long randomly generated PSK.
Indeed it is vulnerable, because the hash of the PSK is sent out in the initial handshake. This can be captured by eavesdropping and cracked by brute force off line. As suggested long keys help, especially if they are changed often. It is best, however, to not use a PSK at all and instead set up SSL certificates for VPN gateway and client machines authentication and RSA encryption. This makes it easy to revoke a single SSL certificate if a client is compromised, instead of having to change PSKs for any number of machines that are using the VPN network. -- Regards, Mick
smime.p7s
Description: S/MIME cryptographic signature
