vpn types, vulnerabilities & solutions
TRANSCRIPT
VPN Types, Vulnerabilities &
Solutions
2/20/2014Research Methods 1 Presentation Poster1
Why should organizations implement VPN Solution
over WAN? And what are the components, Types
and suggested solutions for vulnerabilities in VPN?
By : Tareq Hanaysha
Master Information Systems Security Management
Concordia University College Of Alberta
Introduction and Objectives
2/20/2014Research Methods 1 Presentation Poster2
VPN : Communicating using public network
infrastructure while maintaining privacy and
security through securing and encrypting all data
being transferred while communicating .
Research Objectives
2/20/2014Research Methods 1 Presentation Poster3
In this research we are trying to prove that:
VPN networks are not mature yet and there are still updates and development needed
can be done on VPNs.
VPN networks are more secure and reliable than WAN
networks
Why VPNs to Enterprises
Organizations over WAN ???
2/20/2014Research Methods 1 Presentation Poster4
Shared facilities may be cheaper—especially in capital expenditure than traditional routed networks over dedicated facilities.
Can rapidly link enterprise offices, as well as small-and-home-office and mobile workers.
Allow customization of security and quality of service as needed for specific applications.
Can scale to meet sudden demands, especially when provider-provisioned on shared infrastructure.
Can reduce operational expenditure by outsourcing support and facilities.
How does VPN work?
2/20/2014Research Methods 1 Presentation Poster5
A remote computer with a VPN client software use the telecommunication infrastructure available ( WAN , phone , wireless network )
and a tunnel protocol that has other properties like encryption and authentication to securely access the internet and intranet through the corporate VPN server which is normally located at the perimeter network .
Types of Virtual Private Network
SITE-TO-SITE VPN SITE-TO-SITE VPN
2/20/2014Research Methods 1 Presentation Poster6
Method
2/20/2014Research Methods 1 Presentation Poster7
Risk analysis tools like NS auditor and Microsoft
Risk Analyser will be used to conduct this
research and collect numerical data, vulnerability
scan will result in numbers and statistics, and it
will be a quantitative research method the will be
used to test this research hypothesis, all results
will be collected and analysis, then compared to
prove the fact the VPN are way more secure and
better to use than WAN
Participants
2/20/2014Research Methods 1 Presentation Poster8
The participants in the research will be me using
Personnel Computers with different operating
systems like windows server 2008, windows vista,
and LINUX installed on them, these operating
systems will be equipped with an up to date virus
and firewall software and will be patched and
updated operating systems, then routers and
VPN client software available to use on the
systems too, all of this will be tested at my house,
or at our class laboratory.
Design and Procedures
2/20/2014Research Methods 1 Presentation Poster9
This study is designed to be done simply by
installing the necessary software equipped with
the policies necessary for specific scans and
analysis, screen shoots will be provided to show
the procedure for conducting the research and
after the scan is done on both network, results
analysis will be done, and comparison for the
results will be represented in a graph format.
SPSS software might be used for statistical
analysis and for graph representation.
Materials
2/20/2014Research Methods 1 Presentation Poster10
Materials used in the research would consist of my laptop and other personal computers at home, D-link and Motorola router for connections to other networks, software like Nessus and Ns auditor and a board to write down some notes of the report results on it, RJ-45 M Ethernet cables and wireless technology will be used for connecting computers to the network, different tunnelling protocols that can be used to create VPN or VPN-like connections. The most common are:
Point to Point Tunnelling Protocol (PPTP).
Layer 2 Tunnelling Protocol (L2TP).
Internet Protocol Security (IPSec) tunnel mode.
Secure Sockets Layer (SSL).
Results
2/20/2014Research Methods 1 Presentation Poster11
VPN has addressed most of these attacks expect
the listed below which we are concerned about so
as to get VPN network more and more secure :
VPN FINGERPRINTING
MAN-IN-THE-MIDDLE ATTACKS
DENIAL OF SERVICE ATTACKS
OFFLINE PASSWORD CRACKING
Discussion
2/20/2014Research Methods 1 Presentation Poster12
I will compare the results of my scans and risk
assessment to what I expect and the questions of my
argument, if the results and statistics prove the
hypothesis, it would mean the use of VPN is
preferable and is more secure and better over WAN, it
will provide us with the benefits I mentioned before
and it will support the idea that WAN has limitations
for use , in further research I need to mention the
limitation of both communication methods , and the
and how to overcome these limitation , how to solve
these attacks and problems I found in my initial scans
and assessments .
References
2/20/2014Research Methods 1 Presentation Poster13
http://www.highbeam.com/Database+and+Network+Journal/publications.aspx
SSL VPN : Understanding, evaluating and planning secure, web-based remote access Joseph Steinberg, Tim Speed
Firewall Policies and VPN Configurations: Henmi, Anne(ed.) ; Lucas, Mark; Singh, Abhishek; Cantrell, Chris
Know your network:, Network Security Assessment ;second edition by Chris McNab
http://www.usit.uio.no/it/hjemmekontor/english/vpn.html ; VPN - installation guides and downloads
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/vpn.htm#wp1020549
http://en.wikipedia.org/wiki/Virtual_private_network
http://articles.techrepublic.com.com/5100-6350_11-5902589.html
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213324,00.html
http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml
http://www.nta-monitor.com/posts/2005/01/VPN-Flaws-Whitepaper.pdf