RedWolf Enhances VPN Testing

September 14, 2015

RedWolf has found that most organizations work to protect popular DDoS targets like web sites and DNS servers but often overlook their VPN services. The business impact on a VPN service can be equal or greater than an impact to a web site. To this end RedWolf has invested in improving the platform’s ability to test various types of VPN’s.

The most popular VPN’s that RedWolf has seen in 2015 are IPSEC and PPTP with a minority of SSL VPN’s. Surprisingly not all cloud providers (e.g. Microsoft Azure and Amazon EC2) allow every VPN protocol on their networks. If you use Amazon for instance IPSEC is not supported. RedWolf supports IPSEC from IBM Softlayer Cloud. If you want to do IPSEC testing you need to let RedWolf know so we can turn your agents up in the right cloud provider.

As usual, RedWolf likes to test ‘soft’ and ‘hard’ techniques against every service and it’s the same with VPN’s.

The preferred methodology covers the following points:

  1. Low-rate VPN discovery (TCP and UDP)
  2. IKE/ISAKMP: Low-rate ISAKMP fingerprinting to identify type of VPN server
  3. IKE/ISAKMP: Aggressive IKE flooding (Oakley, SKEME)
  4. IPSEC: IPSEC Protocol encapsulated packet flood
  5. PPTP: Usual set of SYN, Hanging TCP, Bad Protocol
  6. PPTP: MS-CHAP-v1, MS-CHAP-v2, PEAP flooding
  7. GRE: RedWolf can create a variety of GRE protocol floods.

RedWolf is always improving its VPN support. If you have a VPN configuration not listed above and want to test it support can usually be added in a few weeks.

Meet RedWolf at RSA Conference 2019

Sharjil Khan, Principal Consultant at Redwolf Security Inc will be giving a presentation ‘How to Design and Operate a DDOS Testing Program’ on March 6th between 1:30pm and 4:30pm.

Click here to learn more