Seitenhistorie

With the attacks described, it is important to mention that they do not compromise the actual VPN tunnel. Data transmitted through the VPN tunnel is still secure.

Rather, attempts are made to redirect data traffic intended for the VPN tunnel to another destination before the tunnel in order to then be able to read it in plain text.

In the application scenarios usually used by our customers (secure VPN client access, e.g. from the home network to the company network), this can only succeed if an attacker has access not only To do this, a potential attacker must have access to the local network in which the VPN client is currently located, but also to the (company) network to which the VPN tunnel connects.

Therefore, for example, VPN client connections that a company uses to provide its employees with secure access to the company network are less likely to be affected by attacks.

located. In the scenarios described, a rogue access point is used, which suggests to a WLAN client that it is connecting to a trusted SSID in the local network.

On the access point controlled by the attacker, he can now take appropriate measures to redirect the data trafficIn public (WLAN) networks and/or when using public VPN servers, however, these attack possibilities pose a certain danger, which is why the countermeasures described in this document should be implemented there in any case.