Hi, I´m currently looking into IPSec/IKE security assessments. The environment I´m testing on is using certificate based authentication. I wonder if there are tools available to handle MitM attacks e.g. to test if an IPSec client would accept a certificate with a "subjectAltName" different to the operator FQDN or what happens if the EKU check on the client is being disabled etc..
The only MitM attack tools I came across so far when it comes to IKE, are FakeIKEd (http://www.roe.ch/FakeIKEd), for handling VPN PSK+XAUTH based authentication, the ike-scan suite, ikeprober etc... but no tools to support certificate based attacks. The traffic redirection itself is not the issue (DNS spoofing / ARP poisoning...) Any ideas or experiences? Thanks! toomanysecrets
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
