icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Cisco VPN Concentrator Administrative Interface Detection

Low

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote Cisco server is acting as a PPTP VPN server. Further, the server has enabled web administration over unencrypted HTTP. The VPN Concentrator handles user accounts and other confidential data. An attacker with the ability to sniff the network would be able to gather confidential data that would be useful in future attacks.

Solution

Use Access Control Lists (ACLs) to block access from untrusted machines. In addition, force the communication over an SSL connection.