IPSec MitM

[toomanysecrets <toomsec () gmail com>]

Hi,
I´m currently looking into IPSec/IKE security assessments. The environment
I´m testing on is using certificate based authentication.
I wonder if there are tools available to handle MitM attacks e.g. to test
if an IPSec client would accept a certificate with a "subjectAltName"
different to the operator FQDN or what happens if the EKU check on the
client is being disabled etc..

The only MitM attack tools I came across so far when it comes to IKE, are
FakeIKEd (http://www.roe.ch/FakeIKEd), for handling VPN PSK+XAUTH based
authentication, the ike-scan suite, ikeprober etc... but no tools to
support certificate based attacks.  The traffic redirection itself is not
the issue (DNS spoofing / ARP poisoning...)

Any ideas or experiences?

Thanks!

toomanysecrets

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com