vpn types, vulnerabilities & solutions

04/10/2023Research Methods 1 Presentation Poster

VPN Types, Vulnerabilities & Solutions

1

Why should organizations implement VPN Solution over WAN? And what are the

components, Types and suggested solutions for vulnerabilities in VPN?

By : Tareq Hanaysha

Master Information Systems Security Management

Concordia University College Of Alberta


Introduction and Objectives

2

VPN : Communicating using public network infrastructure while maintaining privacy and security through securing and encrypting all data being transferred while communicating .


Research Objectives

3

In this research we are trying to prove that:

VPN networks are not mature

yet and there are still updates and development needed can be done on

VPNs.

VPN networks are more secure

and reliable

than WAN networks


Why VPNs to Enterprises Organizations over WAN ???

4

Shared facilities may be cheaper—especially in capital expenditure than traditional routed networks over dedicated facilities.

Can rapidly link enterprise offices, as well as small-and-home-office and mobile workers.

Allow customization of security and quality of service as needed for specific applications.

Can scale to meet sudden demands, especially when provider-provisioned on shared infrastructure.

Can reduce operational expenditure by outsourcing support and facilities.


How does VPN work?

5

A remote computer with a VPN client software use the telecommunication infrastructure available ( WAN , phone , wireless network )

and a tunnel protocol that has other properties like encryption and authentication to securely access the internet and intranet through the corporate VPN server which is normally located at the perimeter network .


Types of Virtual Private Network

SITE-TO-SITE VPN SITE-TO-SITE VPN

6


Method

7

Risk analysis tools like NS auditor and Microsoft Risk Analyser will be used to conduct this research and collect numerical data, vulnerability scan will result in numbers and statistics, and it will be a quantitative research method the will be used to test this research hypothesis, all results will be collected and analysis, then compared to prove the fact the VPN are way more secure and better to use than WAN


Participants

8

The participants in the research will be me

using Personnel Computers with different operating systems like windows server 2008, windows vista, and LINUX installed on them, these operating systems will be equipped with an up to date virus and firewall software and will be patched and updated operating systems, then routers and VPN client software available to use on the systems too, all of this will be tested at my house, or at our class laboratory.


Design and Procedures

9

This study is designed to be done simply by

installing the necessary software equipped with the policies necessary for specific scans and analysis, screen shoots will be provided to show the procedure for conducting the research and after the scan is done on both network, results analysis will be done, and comparison for the results will be represented in a graph format. SPSS software might be used for statistical analysis and for graph representation.


Materials

10

Materials used in the research would consist of my laptop and other personal computers at home, D-link and Motorola router for connections to other networks, software like Nessus and Ns auditor and a board to write down some notes of the report results on it, RJ-45 M Ethernet cables and wireless technology will be used for connecting computers to the network, different tunnelling protocols that can be used to create VPN or VPN-like connections. The most common are:

Point to Point Tunnelling Protocol (PPTP).Layer 2 Tunnelling Protocol (L2TP). Internet Protocol Security (IPSec) tunnel mode. Secure Sockets Layer (SSL).


Results

11

VPN has addressed most of these attacks expect the listed below which we are concerned about so as to get VPN network more and more secure :

VPN FINGERPRINTINGMAN-IN-THE-MIDDLE ATTACKSDENIAL OF SERVICE ATTACKSOFFLINE PASSWORD CRACKING


Discussion

12

I will compare the results of my scans and risk assessment to what I expect and the questions of my argument, if the results and statistics prove the hypothesis, it would mean the use of VPN is preferable and is more secure and better over WAN, it will provide us with the benefits I mentioned before and it will support the idea that WAN has limitations for use , in further research I need to mention the limitation of both communication methods , and the and how to overcome these limitation , how to solve these attacks and problems I found in my initial scans and assessments .


References

13

http://www.highbeam.com/Database+and+Network+Journal/publications.aspx

SSL VPN : Understanding, evaluating and planning secure, web-based remote access Joseph Steinberg, Tim Speed

Firewall Policies and VPN Configurations: Henmi, Anne(ed.) ; Lucas, Mark; Singh, Abhishek; Cantrell, Chris

Know your network:, Network Security Assessment ;second edition by Chris McNab

http://www.usit.uio.no/it/hjemmekontor/english/vpn.html ; VPN - installation guides and downloads

http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/vpn.htm#wp1020549

http://en.wikipedia.org/wiki/Virtual_private_network http://articles.techrepublic.com.com/5100-6350_11-5902589.html http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213324,00.html http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml http://www.nta-monitor.com/posts/2005/01/VPN-Flaws-Whitepaper.pdf

vpn types, vulnerabilities & solutions

Technology