ºÝºÝߣ

ºÝºÝߣShare a Scribd company logo

Another proposal

?Download as DOCX, PDF?
?
King Portipher
King Portipher

This document discusses VPN security concerns and policy enforcement. It provides an overview of VPNs and how they allow secure tunnels for transmitting information over insecure networks. However, VPNs can be attractive targets if compromised as they provide full access to internal networks. The document outlines objectives to expose security vulnerabilities in VPNs and enforce policies to address them. It proposes researching attacks and policies through document reviews and analyzing IDS evasion techniques that hackers use when gaining VPN access.

Convert to study materialsBETA

Transform any presentation into ready-made study material¡ªselect from outputs like summaries, definitions, and practice questions.

1 of 3
Downloaded 23 times
VPN SECURITY CONCERNS AND POLICY ENFORCEMENT ABSTRACT VPN (Virtual Private Network) provides a way of protecting information being transmitted over the internet, by allowing users to establish a virtual private ¡°tunnel¡± to securely enter an internal network, accessing resources, data and communication via an insecure network such as the internet. VPNs carry sensitive information over an insecure network.The users generally trust the VPN to keep the information secure, which is understandable because that is what the VPN is designed to do. Because of this trust, the users will transfer sensitive data without using additional encryption, and use protocols that transmit authentication credentials in the clear. This project provides a general overview of VPN and core VPN technologies. We discuss the potential security risks as well as the security considerations that need to be taken into account when implementing a virtual private network. We will do documents review and take core research activities about some of the attacks and security policies that need to be enforced regarding to VPN implementation. BACKGROUND Remote Access VPNs often allow full access to the internal network. Many organizations con?gure their remote access VPNs to allow full access to the internal network for VPN users. This means that if the VPN is compromised, then the attacker gets full access to the internal network too. Also upon some research which was taken in the context of this project, we found out that, VPN traf?c is often invisible to IDS(Intrusion Detection System) monitoring.If the IDS probe is outside the VPN server, as is often the case, then the IDS cannot see the traf?c within the VPN tunnel because it is encrypted. Therefore if a hacker gains access to the VPN, he can attack the internal systems without being picked up by the IDS We discuss the potential security risks as well as the security considerations that need to be taken into account when implementing a virtual private network. 1
PROBLEM STATEMENT VPNs are Attractive Targets VPNs are Attractive Targets in the sense that once VPN is established, it allows full access to the internal network. Many companies and organizations configure their VPNs to allow full access to the internal network for VPN users. Therefore if the VPN is compromised, then the attacker gets full access to the internal network and its resources. There are lots of security flaws in the VPN, but here is the case where people build much trust in the VPN technology without considering these security flaws. OBJECTIVES ? To expose the security vulnerabilities associated in deploying a virtual private network ? Security considerations to take when implementing VPN¡¯s. ? To enforce security policies on VPN implementation. JUSTIFICATION VPN provides secured connection for remote areas and devices, therefore it is vital for every student of interest to investigate and explore to get the understanding of the concept. By accomplishing the set up objectives of this project, it will contribute to the needs of the community in the context of establishing connections to their organizations in remote areas. Much knowledge on security in this context will be acquired as we dive deep into the security flaws and the security policy enforcement in VPN implementation and usage. SCOPE Virtual private network provide users with good and secured services. In this project, we emphasize on the security threat vulnerabilities in VPN and proceed by providing security measures that needs to be taken when implementing VPN in an organization. This project accentuate the security aspect of VPN, thus it covers only the security flaws and security policy enforcement in VPNs. 2
METHODOLOGY Relevant information needed to get the project done will be obtained through investigations, documents review, research analysis and use of diagram representations. SCHEDULE The project is intended to achieve the setup objectives which are: exposing the security flaws in VPNs and the security measures needed to be taken in VPN implementation. The project is scheduled to start when approved by the Head of Department (Computer Science Department). REFERENCES R. Hills, ¡°NTA Monitor UDP Backoff Pattern Fingerprinting White Paper¡±, http://www.nta-monitor .com/ike-scan/whitepaper .pdf, January 2003. R. Hills, ¡°Firewall-1 Vendor ID Fingerprinting¡±, http://www.nta- monitor .com/news/checkpoint2004/index.htm,May 2004. 3

More Related Content

Another proposal

  • 1. VPN SECURITY CONCERNS AND POLICY ENFORCEMENT ABSTRACT VPN (Virtual Private Network) provides a way of protecting information being transmitted over the internet, by allowing users to establish a virtual private ¡°tunnel¡± to securely enter an internal network, accessing resources, data and communication via an insecure network such as the internet. VPNs carry sensitive information over an insecure network.The users generally trust the VPN to keep the information secure, which is understandable because that is what the VPN is designed to do. Because of this trust, the users will transfer sensitive data without using additional encryption, and use protocols that transmit authentication credentials in the clear. This project provides a general overview of VPN and core VPN technologies. We discuss the potential security risks as well as the security considerations that need to be taken into account when implementing a virtual private network. We will do documents review and take core research activities about some of the attacks and security policies that need to be enforced regarding to VPN implementation. BACKGROUND Remote Access VPNs often allow full access to the internal network. Many organizations con?gure their remote access VPNs to allow full access to the internal network for VPN users. This means that if the VPN is compromised, then the attacker gets full access to the internal network too. Also upon some research which was taken in the context of this project, we found out that, VPN traf?c is often invisible to IDS(Intrusion Detection System) monitoring.If the IDS probe is outside the VPN server, as is often the case, then the IDS cannot see the traf?c within the VPN tunnel because it is encrypted. Therefore if a hacker gains access to the VPN, he can attack the internal systems without being picked up by the IDS We discuss the potential security risks as well as the security considerations that need to be taken into account when implementing a virtual private network. 1
  • 2. PROBLEM STATEMENT VPNs are Attractive Targets VPNs are Attractive Targets in the sense that once VPN is established, it allows full access to the internal network. Many companies and organizations configure their VPNs to allow full access to the internal network for VPN users. Therefore if the VPN is compromised, then the attacker gets full access to the internal network and its resources. There are lots of security flaws in the VPN, but here is the case where people build much trust in the VPN technology without considering these security flaws. OBJECTIVES ? To expose the security vulnerabilities associated in deploying a virtual private network ? Security considerations to take when implementing VPN¡¯s. ? To enforce security policies on VPN implementation. JUSTIFICATION VPN provides secured connection for remote areas and devices, therefore it is vital for every student of interest to investigate and explore to get the understanding of the concept. By accomplishing the set up objectives of this project, it will contribute to the needs of the community in the context of establishing connections to their organizations in remote areas. Much knowledge on security in this context will be acquired as we dive deep into the security flaws and the security policy enforcement in VPN implementation and usage. SCOPE Virtual private network provide users with good and secured services. In this project, we emphasize on the security threat vulnerabilities in VPN and proceed by providing security measures that needs to be taken when implementing VPN in an organization. This project accentuate the security aspect of VPN, thus it covers only the security flaws and security policy enforcement in VPNs. 2
  • 3. METHODOLOGY Relevant information needed to get the project done will be obtained through investigations, documents review, research analysis and use of diagram representations. SCHEDULE The project is intended to achieve the setup objectives which are: exposing the security flaws in VPNs and the security measures needed to be taken in VPN implementation. The project is scheduled to start when approved by the Head of Department (Computer Science Department). REFERENCES R. Hills, ¡°NTA Monitor UDP Backoff Pattern Fingerprinting White Paper¡±, http://www.nta-monitor .com/ike-scan/whitepaper .pdf, January 2003. R. Hills, ¡°Firewall-1 Vendor ID Fingerprinting¡±, http://www.nta- monitor .com/news/checkpoint2004/index.htm,May 2004. 3