vpn types, vulnerabilities & solutions
DESCRIPTION
Why should organizations implement VPN Solution over WAN? And what are the components, Types and suggested solutions for vulnerabilities in VPN?TRANSCRIPT
04/10/2023Research Methods 1 Presentation Poster
VPN Types, Vulnerabilities & Solutions
1
Why should organizations implement VPN Solution over WAN? And what are the
components, Types and suggested solutions for vulnerabilities in VPN?
By : Tareq Hanaysha
Master Information Systems Security Management
Concordia University College Of Alberta
04/10/2023Research Methods 1 Presentation Poster
Introduction and Objectives
2
VPN : Communicating using public network infrastructure while maintaining privacy and security through securing and encrypting all data being transferred while communicating .
04/10/2023Research Methods 1 Presentation Poster
Research Objectives
3
In this research we are trying to prove that:
VPN networks are not mature
yet and there are still updates and development needed can be done on
VPNs.
VPN networks are more secure
and reliable
than WAN networks
04/10/2023Research Methods 1 Presentation Poster
Why VPNs to Enterprises Organizations over WAN ???
4
Shared facilities may be cheaper—especially in capital expenditure than traditional routed networks over dedicated facilities.
Can rapidly link enterprise offices, as well as small-and-home-office and mobile workers.
Allow customization of security and quality of service as needed for specific applications.
Can scale to meet sudden demands, especially when provider-provisioned on shared infrastructure.
Can reduce operational expenditure by outsourcing support and facilities.
04/10/2023Research Methods 1 Presentation Poster
How does VPN work?
5
A remote computer with a VPN client software use the telecommunication infrastructure available ( WAN , phone , wireless network )
and a tunnel protocol that has other properties like encryption and authentication to securely access the internet and intranet through the corporate VPN server which is normally located at the perimeter network .
04/10/2023Research Methods 1 Presentation Poster
Types of Virtual Private Network
SITE-TO-SITE VPN SITE-TO-SITE VPN
6
04/10/2023Research Methods 1 Presentation Poster
Method
7
Risk analysis tools like NS auditor and Microsoft Risk Analyser will be used to conduct this research and collect numerical data, vulnerability scan will result in numbers and statistics, and it will be a quantitative research method the will be used to test this research hypothesis, all results will be collected and analysis, then compared to prove the fact the VPN are way more secure and better to use than WAN
04/10/2023Research Methods 1 Presentation Poster
Participants
8
The participants in the research will be me
using Personnel Computers with different operating systems like windows server 2008, windows vista, and LINUX installed on them, these operating systems will be equipped with an up to date virus and firewall software and will be patched and updated operating systems, then routers and VPN client software available to use on the systems too, all of this will be tested at my house, or at our class laboratory.
04/10/2023Research Methods 1 Presentation Poster
Design and Procedures
9
This study is designed to be done simply by
installing the necessary software equipped with the policies necessary for specific scans and analysis, screen shoots will be provided to show the procedure for conducting the research and after the scan is done on both network, results analysis will be done, and comparison for the results will be represented in a graph format. SPSS software might be used for statistical analysis and for graph representation.
04/10/2023Research Methods 1 Presentation Poster
Materials
10
Materials used in the research would consist of my laptop and other personal computers at home, D-link and Motorola router for connections to other networks, software like Nessus and Ns auditor and a board to write down some notes of the report results on it, RJ-45 M Ethernet cables and wireless technology will be used for connecting computers to the network, different tunnelling protocols that can be used to create VPN or VPN-like connections. The most common are:
Point to Point Tunnelling Protocol (PPTP).Layer 2 Tunnelling Protocol (L2TP). Internet Protocol Security (IPSec) tunnel mode. Secure Sockets Layer (SSL).
04/10/2023Research Methods 1 Presentation Poster
Results
11
VPN has addressed most of these attacks expect the listed below which we are concerned about so as to get VPN network more and more secure :
VPN FINGERPRINTINGMAN-IN-THE-MIDDLE ATTACKSDENIAL OF SERVICE ATTACKSOFFLINE PASSWORD CRACKING
04/10/2023Research Methods 1 Presentation Poster
Discussion
12
I will compare the results of my scans and risk assessment to what I expect and the questions of my argument, if the results and statistics prove the hypothesis, it would mean the use of VPN is preferable and is more secure and better over WAN, it will provide us with the benefits I mentioned before and it will support the idea that WAN has limitations for use , in further research I need to mention the limitation of both communication methods , and the and how to overcome these limitation , how to solve these attacks and problems I found in my initial scans and assessments .
04/10/2023Research Methods 1 Presentation Poster
References
13
http://www.highbeam.com/Database+and+Network+Journal/publications.aspx
SSL VPN : Understanding, evaluating and planning secure, web-based remote access Joseph Steinberg, Tim Speed
Firewall Policies and VPN Configurations: Henmi, Anne(ed.) ; Lucas, Mark; Singh, Abhishek; Cantrell, Chris
Know your network:, Network Security Assessment ;second edition by Chris McNab
http://www.usit.uio.no/it/hjemmekontor/english/vpn.html ; VPN - installation guides and downloads
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/vpn.htm#wp1020549
http://en.wikipedia.org/wiki/Virtual_private_network http://articles.techrepublic.com.com/5100-6350_11-5902589.html http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213324,00.html http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml http://www.nta-monitor.com/posts/2005/01/VPN-Flaws-Whitepaper.pdf