So about VPNs...

4 posts / 0 new
Last post
Grim G Grim G's picture
So about VPNs...

I have 2 questions.

1) Can PANs be VPNs? It makes sense to me, and it would mean that cyber warfare would be even harder as everyone on the field can use it.

2) How exactly would you hack into a VPN? It says that VPNs can be locked behind and encryption key, so wouldn't it be impossible without a quantum computer?

NotActuallyTim NotActuallyTim's picture
YAY COMPUTERS!

1) Yes! Any network can also be a VPN (technically it's running a VPN on the physical network and only accepting messages from the VPN).

2) Hacking a VPN without the key is lot like breaking into house without a key. If the encryption is weak (the door/walls) bust on through on brute force. Otherwise, look for unanticipated weaknesses, like the user loaning the encryption to another, less savvy user (Steal a spare key), or finding a networked object mysteriously excluded from the VPN (an open window).

Maudova Maudova's picture
Yes and Lots of Ways

Grim G wrote:
I have 2 questions.

1) Can PANs be VPNs? It makes sense to me, and it would mean that cyber warfare would be even harder as everyone on the field can use it.

2) How exactly would you hack into a VPN? It says that VPNs can be locked behind and encryption key, so wouldn't it be impossible without a quantum computer?

1. Sure, you could run a PAN on an encrypted overlay, so all of your personal traffic is encapsulated within an application layer traffic management network. We do it now with multi site networks over the WAN when traffic leaves the private network into the public. The same concept could be used for a PAN. Now unless your external information sources are participating in the same encryption protocols you'll have to either push your traffic out transparently or establish another VPN for your external traffic. I would imagine TacNets are encrypted this way between team members.

2. So I can't say present day methodology would work to break into a VPN, but I imagine a "quantum" computer could try a brute force attack, it would most like DOS the target in the process and he very obvious if attempting to do it hastily. Better ways might be getting a node inside the PAN to capture the key essentially a physical access attack, you could also try social engineering (to insert malware to open a hole in the VPN), or using weakness in the program to break in using exploit software. There are many ways to bypass a VPN, you just have to be creative.

~Alpha Fork Initialized.
P.S. I often post from my phone as I travel extensively for work. Please forgive typos and grammar issues.

lets adapt lets adapt's picture
Need to circumvent a VPN?

Need to circumvent a VPN? Compromise the endpoint(s).