I believe it is more a hacking techniques question then of CCIE Security ;) As long as you have your IPSec tunnel setup with the strongest security, i.e. AES256, SHA2, PFS, replay detection then it is very unfeasible to hack into the tunnel. You would need to guess the IKE proposals, get the hash that peers exchange during the main mode (I assume you use site-to-site tunnel with a main mode, not the aggressive mode when the hash is not encrypted) Even if you are able to break IKE SA secret key and then copy all IPSec protected data you wouldn't be able to derive the key from the IKE SA secret because IPSec SA key is not derived from any other keys if PFS is enabled. But this is theory and practice that we learn from Cisco. Who knows, may be with the rate the calculation power grows there's already a method and a tool to hack IPSec tunnels.
Eugene From: [email protected] [mailto:[email protected]] On Behalf Of Kash iqbal Sent: Monday, May 14, 2012 3:42 AM To: [email protected]; [email protected]; [email protected]; CCIE Partener; CCIE iraninan Blog CCIE RS Subject: [OSL | CCIE_Security] IPSEC or HTTPS tunnel breach Importance: High Hi every one a quick question to clearify my concept . IF i have a IPSEC of HTTP tuneel between point A to B A --> My network -- > B Is there any possible attack that hacker split the tunnel half way through and access my network . or another way to put it , any data inside the IPSEC tunnel can break the tunnel half way through and access the network on whihc it is on ? Regards Kash
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
