well it's like i said before, if you're reffering to breaking the crypto then unless you are using wavesec it wont do it out of the box, it's just a proof of concept for that class of attacks, we quite intentionally didnt release anything to break widely used VPN solutions, just one based on the same technoledgy...
so in other words airjack will probably not break your VPN out of the box, it isnt ment to, what it is ment to do is to show you how easily someone else could (this code took only a few nights to write, imagine if your attacker has more than a few nights)...
so if you run kracker-jack and you dont see it break your VPN dont be luled into a false sense of security, if you are not using strong two way authentication and imploying some sort of monitoring then you are very much vulnerable to this sort of attack...
on the other hand, if you were reffering to the wlan-jack tool, then well, your network shouldnt be able to hold up at all if done correctly, if you are using leap and all cisco 350 hardware then ive found that deauth's to broadcast have little effect but deauths to specific stations/AP's work just the same..its a protocol flaw and unfortunatly one not easily fixed...the up side is that with proper monitoring it is something very easily detected and the attacker is nessisarily close (in the grand scheme of things)...
--Abaddon
Quote:
Originally posted by highfrequency
Great. Thanks very much. I'm interested in finding out how well a wireless VPN client behaves while subject to an Airjack type attack.
I'll let you know when I get it up and running in my lab next week.
Regards
|