[Openswan Users] Security attacks

Goffe, Don Donald.Goffe at GTECH.COM
Fri May 11 11:54:07 EDT 2012

We recently did a security audit against the latest .38 release. The only thing that failed the Ernest && Young test was that they were able to insert a MIM agent and grab one of our transactions which was encrypted with AES_128 DH5. We use NETKEY and PSK. While they couldn't decrypt the transaction they were able to flood the concentrator with enough transactions that eventually due to over load some of those old transaction did manage to show up on our inside network and began to consume bandwidth.

So my question is (Paul or Tuomo) do you think that a change to RSA keys will prevent this brute force MIM attack? 

CONFIDENTIALITY NOTICE: The information contained in this email message is intended only for use of the intended recipient. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately delete it from your system and notify the sender by replying to this email.  Thank you.

More information about the Users mailing list