Modern Attacks on VPN and Firewalls

Table of Contents

Introduction3

Discussion4

Challenges to VPN and Firewalls5

Increased Network Complexity5

Increased Application and Attack Sophistication6

Viruses and Worms7

Spoofing of IP Address7

Fundamental Flaw in Firewall Middle-box Design8

VPN Cracking by Exploiting Microsoft Technologies9

“Smart” Threats to Firewall and VPN10

Conclusion10

References12

Modern Attacks on VPN and Firewalls

Introduction

The advancement in the different uses of the internet has created numerous opportunities. Companies are using web based applications to carry out internal and external business operations. This has created opportunities for the hackers and crackers also who have devised new techniques for accessing Virtual Private Networks (VPN) and compromising the firewalls to access the protected networks. The technologies which have been the backbone of the remarkable applications and networks are also becoming redundant due to the advancement in technology. The Transmission Control Protocol was initially developed for facilitating the communication between the computers. As the loopholes were discovered which compromised the security of the networks, numerous patches were developed and applied to strengthen the security. These patches such as the randomization of initial sequence numbers (ISN) of TCP on one hand protect the attacking packets in reaching the end computer; it also allows the attackers to identify the actual ISN which can grant them access through the firewall (Qian & Mao, 2012). Attackers are devising more effective worms to counter the latest security measures and enterprise networks are under the constant threat of attack. Dan Goodin (2012) explored a cloud based service which can decrypt the VPN traffic data in 12 hours, by exploiting the encryption methods of MS-ChapV2. The MS-Chap V2 is technology developed by Microsoft which is implemented in the login systems of numerous VPN and WPA2 networks. This paper will explore the modern attacks on network security.

Discussion

The firewalls and VPNs of enterprises have been exposed to attacks on regular bases and these attacks have been intensified due to the rapid innovation in technologies (Hucaby et al., 2012). Some threats are extensive and target a wide network of computers like the “conficker” worm (Porras, 2009), while some are targeted such as “GhostNet” actions (Nagaraja & Anderson, 2009). While the techniques of carrying out attacks on VPN and firewalls are numerous, most of these attacks are carried out by exploiting the vulnerabilities in the multimedia programs, document viewers and e-mail clients running on victims machines (Tuner et al., 2008). The new social media websites and phishing websites pretending to be them are also a great source of exploits leading to compromise of the enterprise VPN and firewalls. As the information extractions have new avenues, the obtained information is then used to access protected systems. The applications running on social media websites such as Facebook also have the access to the user contacts and can send messages which can contain worms and viruses.

Recently the nature and needs for the security of information has been evolved exponentially. Among the numerous factors which have caused these changes, one of the important trends which influenced this evolution was the change in the type of threats to the ...