[Openswan Users] IPSEC exploitation on the loose?

Paul Wouters paul at xelerance.com
Fri Jun 25 10:06:17 EDT 2010


On Fri, 25 Jun 2010, sertys at estates.bg wrote:

> I've been receiving isakmp handshakes from different hosts on a vpn
> machine of mine. I'm starting to worry.. What are they looking for? What
> are they trying to own? It can't be misrouted traffic, not can that be a
> dos/ddos, cuz it's not a production machine. Is there any openswan exploit
> i haven't heard of in the wild?

Not that we know about. I've seen some "isakmp probing" myself, but I don't
know whether its malicious or just misconfigurations/software bugs.

Paul


More information about the Users mailing list