I have like many others VPN access, lets say for example OpenVPN. We all
are connected in the range 10.0.x.x/23, the gateway is 10.0.0.1.
The first point, lets suppose, I have to all other clients within the
VPN access as if we would be in a LAN. For example, if they have port
139 open, I can access their network sharings.
The question is, would it be possible to perform a successful MITM
attack? I think arp spoofing is not possible because adressing in the
VPN performs without the MAC address. But I think attacks like DHCP or
ICMP redirect spoofing are possible.
What do you think? And if, why or why not? Do you have experience with this?
lets discuss the following situation:
I have like many others VPN access, lets say for example OpenVPN. We all
are connected in the range 10.0.x.x/23, the gateway is 10.0.0.1.
The first point, lets suppose, I have to all other clients within the
VPN access as if we would be in a LAN. For example, if they have port
139 open, I can access their network sharings.
The question is, would it be possible to perform a successful MITM
attack? I think arp spoofing is not possible because adressing in the
VPN performs without the MAC address. But I think attacks like DHCP or
ICMP redirect spoofing are possible.
What do you think? And if, why or why not? Do you have experience with this?
Regards
phrazer
-----BEGIN PGP SIGNATURE-----
iQIcBAEBAgAGBQJNjPXBAAoJEE07W1RHghzJhsIP/1KTJG70bsBWHLJ3ue2ebr3i
wWxhc70zfSfnkNGVx+RFEuaVtvQfN624h11zj75DqY0ZesXPKMHqq4C/I6VrIcQw
k6bISUDPIUwDCSXNY2zauETkTsyfvviBDzhdLYjywhoG8Qc0QgsKZF5L5ehfkQz0
58kQ7eGVPAIVgkAd3YRvISd5QSF5PF+8GkndKx7n9HuGMyvhheXMzM/jiwWnb8lW
lsotnE5ZuCgIFzgibK5Jgfj7bouQD9Bs7I2Vcte7rC8MHrqQooJEgE6giFf5Rdt6
4S0Cw9AfinweCm0Z9E33hYXd/X0YEzTRqPjg4sM1YbTmypcx9/YtW8dwCBSZY+rv
K/Et/kTDHZOJNwH0UYOk2hOuQMisopRjSZ2WfKKUD0Skp3yGO1j2QyUplKKSFQ6p
9gJbqfUNP5/mDtLTRxv63B5At2bR8UG96l/Q07sLFJFsnd5fVpdbscf/ti8Ccz1J
T7UMcD4fz/C42P9fbZ+RX8oTM+6NTHFABu9MHhkDhN5jmw/bNS52UKuFBcxtj3Zh
Hklm1lIum1aFAdgWbww/PLQcTpNacKz17LpgNcGTAt3mIW5bs+zEaicHlSmv6SaL
ffbreJdkmtrEBIesrTtQOEd+HT/gTZlqEWuG0dP0KEh3t8q//bDKAZZXNbwjr4C7
K8oc9STlxDdUtXeHuOvr
=UjN7
-----END PGP SIGNATURE-----
[ reply ]