1 |
On Monday 13 May 2013 03:13:27 Adam Carter wrote: |
2 |
> > You can read a comparison between the *Swans here, but things have moved |
3 |
> > on since; e.g. StrongSwan supports IKEv1 in Aggressive Mode, |
4 |
> |
5 |
> Aggressive mode with pre-shared keys is vulnerable to offline dictionary |
6 |
> attack so you might as well use main mode. If for some reason you have to |
7 |
> use aggressive mode use a long randomly generated PSK. |
8 |
|
9 |
Indeed it is vulnerable, because the hash of the PSK is sent out in the |
10 |
initial handshake. This can be captured by eavesdropping and cracked by brute |
11 |
force off line. As suggested long keys help, especially if they are changed |
12 |
often. |
13 |
|
14 |
It is best, however, to not use a PSK at all and instead set up SSL |
15 |
certificates for VPN gateway and client machines authentication and RSA |
16 |
encryption. This makes it easy to revoke a single SSL certificate if a client |
17 |
is compromised, instead of having to change PSKs for any number of machines |
18 |
that are using the VPN network. |
19 |
-- |
20 |
Regards, |
21 |
Mick |