Well, it seems to be bad idea to open the control web interface to the
internet...kinda like having your TSM Backup server web interface open
to the internet. Since Johnny Long's website
(http://johnny.ihackstuff.com/) is currently now, I can't give you the
extra search string needed to find Cisco VPN or TSM web interfaces on
Google, but they are there.
Why expose the service to the internet? Sure a exploit may not be out
now, but what would happen if a XSS or Directory attack came out for the
VPN web interface? How long would it take a person with a exploit to
find their box? One google search, a matter of seconds. If the interface
was only exposed to certain internal subnet, this future possible threat
would be greatly reduced.
I don't have Cisco VPN concentrator, so I am not sure what all you can
do the the config on it, but as a best practice method, I wouldn't
expose it to internet if I didn't have to.
-Todd
-----Original Message-----
From: kaps lock [mailto:kapsloc1978@yahoo.com]
Sent: Sunday, May 15, 2005 10:09 PM
To: pen-test@securityfocus.com
Subject: Cisco VPN Concentrator GUI
hi all,
i am pen-testing one of our clients and am seeing their web
interface to the vpn concentrator (cisco) available publicly
on the internet with the username /password page.
How could i explain somebody tht it can be exploited...am
sure this is not a good idea to hav ur vpn concnetrator
interface on the public internet..but i cant find any
vulenrabilites on the net ....to explain to the
person....only thing i can think of is brute forcing the
username pasword field...which is again a challenge for web
vpn..any ideas??
thanks
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection
around http://mail.yahoo.com
