Penetration Testing mailing list archives
Re: OpenVPN traffic
From: David Howe <DaveHowe.Pentest () googlemail com>
Date: Thu, 17 Dec 2009 13:00:23 +0000
Jack Carrozzo wrote:
Some people use static keys (quite a few in my experience). In that case, if you can get the keyfile you're all set.
Sure. and in this test case I have access to the server pem files too, but its getting "inside the envelope" to see the otherwise unencrypted traffic inside the tunnel I am having problems with. There appear to be no analysis tools out there at all to look at the traffic - and I mean at all, not even a wireshark "this is an openvpn key packet" basic dissector. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Pentest Cisco Paulo Ribeiro (Dec 08)
- Re: Pentest Cisco Daniel Hood (Dec 08)
- OpenVPN traffic David Howe (Dec 15)
- Re: OpenVPN traffic lorddoskias (Dec 15)
- Re: OpenVPN traffic Chris Clymer (Dec 15)
- Re: OpenVPN traffic David Howe (Dec 15)
- Message not available
- Re: OpenVPN traffic David Howe (Dec 21)
- OpenVPN traffic David Howe (Dec 15)
- Re: Pentest Cisco Daniel Hood (Dec 08)