Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Cisco VPN Concentrator Administrative Interface Detection



The remote host passes information across the network in an insecure manner.


The remote Cisco server is acting as a PPTP VPN server. Further, the server has enabled web administration over unencrypted HTTP. The VPN Concentrator handles user accounts and other confidential data. An attacker with the ability to sniff the network would be able to gather confidential data that would be useful in future attacks.


Use Access Control Lists (ACLs) to block access from untrusted machines. In addition, force the communication over an SSL connection.