Overview
Explore dynamic routing within IPsec VPNs in this 58-minute Black Hat USA 2002 conference talk presented by Paul Knight. Delve into key topics including remote access, IPSec security associations, security policy databases, and packet topologies. Examine VPN tunnel functionality, remote access issues, and the implications of split tunneling. Analyze branch-to-branch VPN configurations and dynamic routing challenges. Gain insights into potential attacks and defensive strategies for securing VPN infrastructures. Conclude with a comprehensive summary of best practices for implementing and maintaining secure, dynamically-routed IPsec VPNs.
Syllabus
Introduction
Topology
Remote Access
IPSec Security Association
Security Association Database
Security Policy Database
Packets
Topologies
Dynamic Routing
VPN Tunnel
Basic Functionality
Remote Access Issues
Tunneling
Split Tunneling Attacks
Split Tunneling Defense
Branch to Branch VPN
Dynamic Routing Issues
Protections
Summary
Thanks
Taught by
Black Hat