Pen testing SSL VPN appliances?

From: Lachniet, Mark (mlachniet@sequoianet.com)
Date: Mon Dec 01 2003 - 15:53:23 EST

• Next message: Anders Thulin: "Re: Features of a vulnerability scanner"
• Previous message: Kohlenberg, Toby: "RE: Features of a vulnerability scanner"
• Next in thread: Palumbo, Dave: "RE: Pen testing SSL VPN appliances?"
• Maybe reply: Palumbo, Dave: "RE: Pen testing SSL VPN appliances?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello all,

Has anyone done a technical pen-test on a SSL VPN concentrator recently?
If yes, what tools did you use and what facets of the device did you
look at? I am speaking of testing above and beyond such tools as
vulnerability assessment tools such as Nessus. For example, analyzing
the client-side applets, browser cache files, cookie hijacking,
weaknesses in authentication, etc.

I am not really interested in the policy and practices side of things in
this case, such as when and where to use the SSL VPN (e.g. not in a
Starbucks or Kinkos), logging out, etc.

FWIW, there is a pretty good basic whitepaper by Joseph Steinberg of
Whale Communications on this topic at
http://www.sans.org/rr/wp/SSL_VPN.pdf, but I was hoping for more along
the line of success stories along the lines of "I found this using this"
or device-specific problems that are not addressed by current code
releases.

Thanks,

Mark Lachniet

---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Next message: Anders Thulin: "Re: Features of a vulnerability scanner"
• Previous message: Kohlenberg, Toby: "RE: Features of a vulnerability scanner"
• Next in thread: Palumbo, Dave: "RE: Pen testing SSL VPN appliances?"
• Maybe reply: Palumbo, Dave: "RE: Pen testing SSL VPN appliances?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:43 EDT