In particular we are looking at Aggressive Mode usingPre-Shared Key (PSK) authentication. Here we are focusing onthe first phase, which uses two basic methods of key exchange Main Mode andAggressive Mode. IKE consistsof two phases, phase 1 establishes a secure communication channel and phase 2uses this channel to encrypt and transport the data. IKE is used to negotiate an agreed Security Association(SA) between two or more clients to establish an IPSEC VPN tunnel. Hopefully this series ofposts will clarify this process and demonstrate the risk this type of misconfigurationcan pose to a network.įirst a little background on IKE (Internet Key Exchange) andthe underlying issue. Fortunately, gaining access to the internal networkas a result of this vulnerability remains a fairly complex task. Alltoo often during pen tests I still find VPN endpoints configured to allow insecureAggressive Mode handshakes.
0 kommentar(er)
