Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


How to Secure an SSL VPN with One-Time Passcodes and Mutual Authentication

Jul 03, 2007, 09:00 (0 Talkback[s])

[ Thanks to Falko Timme for this link. ]

"SSL-based VPNs were designed to eliminate the need for complex configurations on the user's PC. Unfortunately, that was before the dangers of public WiFi networks and tougher regulatory requirements came into being. Thanks to WiFi, many attacks that were difficult are now quite simple. In particular, a man-in-the-middle attack can intercept SSL-encrypted traffic, rendering SSL-based VPNs useless - even if it's protected by a typical one-time password system. The man-in-the-middle can easily feed the one-time password into the SSL-based VPN within the alloted time.

"In order to thwart this attack, mutual authentication is required. Mutual authentication means that the user is validated to the site and the site is validated to the user..."

Complete Story

Related Stories: