Seitenhistorie

With the attacks described, it is important to mention that they do not compromise the actual VPN tunnel. Data transmitted through the VPN tunnel is still secure.

Rather, attempts are Instead, an attempt is made to redirect divert data traffic intended for the VPN tunnel to another destination before the tunnel in order to then be able to read it in plain text or to operate as a so-called man-in-the-middle.

In the application scenarios usually used by our customers (secure VPN client access, e.g. from the home network to the company network), this can only succeed if an attacker has access not only to the local network in which the VPN client is currently located, but also to the (company) network to which the VPN tunnel connects.

Therefore, for example, VPN client connections that a company uses to provide its employees with secure access to the company network are less likely to be affected by attacks.

scenarios described, a rogue access point is used as the access medium, which suggests to a WLAN client that it is connecting to a known and trusted SSID. This goal is usually most easily achieved on public WLAN networks.

On the access point controlled by the attacker, the routing can now be changed by assigning IP addresses so that the data traffic is redirected accordinglyIn public (WLAN) networks and/or when using public VPN servers, however, these attack possibilities pose a certain danger, which is why the countermeasures described in this document should be implemented there in any case.