Explore a comprehensive security analysis of VPN Always-On technology in this DEF CON 31 conference talk that examines both offensive and defensive aspects of this critical mobile endpoint security control. Dive deep into Windows API functionality and popular VPN software implementations to understand how this feature prevents data leaks and reduces attack surface for corporate devices on untrusted networks. Learn about various exfiltration methods ranging from complex techniques to surprisingly simple bypass tricks that exploit design flaws, implementation weaknesses, and configuration issues. Gain practical insights into hardening VPN Always-On deployments and implementing more robust security measures to better protect against threats from untrusted networks.
Defeating VPN Always-On: Security Control Analysis and Bypass Methods
Overview
Syllabus
DEF CON 31 - Defeating VPN Always On - Maxime Clementz
Taught by
DEFCONConference
Related Courses
-
Defeating VPN Always-On
-
Understanding Authentication Bypass Vulnerabilities in Industrial VPN Gateways
-
Taking Down Applications with Logic - DEF CON 31
-
Breaking into Secure Facilities with OSDP - Vulnerabilities and Exploitation Techniques
-
Leveraging Private APNs for Mobile Network Traffic Analysis and Security
-
Abusing Mixed Vendor Kerberos Stacks - Exploiting Windows AD and Linux Authentication
