Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
COMPSEC
2006
2006
Uncovering identities: A study into VPN tunnel fingerprinting
Operating System fingerprinting is a reconnaissance method which can be used by attackers or forensic investigators. It identifies a system's identity by observing its responses to targeted probes, or by listening on a network and passively observing its network `etiquette'. The increased deployment of encrypted tunnels and Virtual Private Networks (VPNs) calls for the formulation of new fingerprinting techniques, and poses the question: "How much information can be gleaned from encrypted tunnels?" This paper investigates IPSec VPN tunnel-establishment and tear-down on three IPSec implementations: Microsoft Windows 2003, Sun Solaris 9 x86, and racoon on Linux 2.6 kernel. By analysing each platform's Internet Key Exchange (IKE) messages, which negotiate the IPSec tunnel, we identify a number of discriminants, and show that each of these platforms can be uniquely identified by them. We also show that the nature of some encrypted traffic can be determined, thus g...
Real-time Traffic| Added | 11 Dec 2010 |
| Updated | 11 Dec 2010 |
| Type | Journal |
| Year | 2006 |
| Where | COMPSEC |
| Authors | Vafa D. Izadinia, Derrick G. Kourie, Jan H. P. Eloff |
Comments (0)
Researcher Info
|
