Take a look at a presentation that was done at Black Hat this summer. The presenters performed a MiM on a VPN connection.
http://802.11ninja.net/bh2002.ppt The attack worked because of issues with the VPN implementation as Bernard points out. On Wednesday, Oct 9, 2002, at 09:04 US/Eastern, Bernard Aboba wrote: >> Thanks to all for the replies on this one, especially the outline >> below. >> A bit of additional info - I do use VPN's for connection security, >> so I'm >> not really worried about MITM attacks via rogue AP's. > > Why not? Before relying on VPNs for wireless security, I'd advise you > to > do a careful review of your IPsec/IKE implementation. > > A rogue AP can do a lot of damage to a VPN implementation -- like > injecting disassociation and deauthenticate frames at will. In > addition, > many IPsec implementations rely on group pre-shared keys (that's > required by IKE Main Mode when the client has a dynamic IP address). > That > means that there is effectively no IKE authentication between client > and > server -- and some implementations don't even authenticate the VPN > server > to the client after the IPsec SA is set up, they just use CHAP. > > Since a group secret isn't a secret at all, this allows any authorized > user to set up a rogue VPN server. And if the installation does > something > really foolish, like deriving the group pre-shared key from a > password, then the group > pre-shared key can be cracked by an outsider, because IKE Main Mode is > vulnerable to offline dictionary attack. > > Ironically, IKE Aggressive Mode does a better job in the dynamic client > case, since you can have individual pre-shared keys for each client, > although the identity exchange is exposed on the wire. However, many > VPN > clients don't support Aggressive Mode, so you may be out of luck. > > The bottom line is that IPsec/IKE VPNs are no panacea when dealing with > clients that have a dynamic IP address. Most of these issues don't > arise with > point-to-point implementations, since in that case, both ends of the > VPN > connection typically have a fixed IP address, and so IKE Main Mode > allows > for individual pre-shared keys (and identity protection). > > > -- > general wireless list, a bawug thing <http://www.bawug.org/> > [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless -- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
