Penetration Testing mailing list archives
VPN MITM-Attack
From: phrazer <mr.phrazer () gmail com>
Date: Fri, 25 Mar 2011 21:06:25 +0100
Hi guys, lets discuss the following situation: I have like many others VPN access, lets say for example OpenVPN. We all are connected in the range 10.0.x.x/23, the gateway is 10.0.0.1. The first point, lets suppose, I have to all other clients within the VPN access as if we would be in a LAN. For example, if they have port 139 open, I can access their network sharings. The question is, would it be possible to perform a successful MITM attack? I think arp spoofing is not possible because adressing in the VPN performs without the MAC address. But I think attacks like DHCP or ICMP redirect spoofing are possible. What do you think? And if, why or why not? Do you have experience with this? Regards phrazer
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- VPN MITM-Attack phrazer (Mar 26)