Your Search Results

Use this resource - and many more! - in your textbook!

AcademicPub holds over eight million pieces of educational content for you to mix-and-match your way.

Experience the freedom of customizing your course pack with AcademicPub!
Not an educator but still interested in using this content? No problem! Visit our provider's page to contact the publisher and get permission directly.

Tackling security vulnerabilities in VPN-based wireless deployments

By: Kappes, M.; Ganu, S.; Fazal, L.; Krishnan, P.; Krishnakumar, A.S.;

2004 / IEEE / 0-7803-8533-0


This item was taken from the IEEE Conference ' Tackling security vulnerabilities in VPN-based wireless deployments ' Current ""best practice"" recommendations for enterprise wireless deployments suggest the use of VPNs from a wireless client for both authentication and privacy. In this paper, we demonstrate a security issue with such deployments, which we refer to as the hidden wireless router vulnerability. This vulnerability is inherent in the VPN-based wireless LAN architecture, and leads to unsuspecting clients becoming conduits for an attack, exploiting features readily available in popular operating systems like Windows and Linux. We describe the attack scenario, and possible solutions for both detecting and locating such hidden wireless routers. Our solutions include a range of possibilities stretching from purely passive to active probing methods, and access point-based solutions. We describe our techniques and results of our implementation and experiments.