Sign in / up

Reply to post: VPN endpoints...

US-Cert alert! Thanks to a massive bug, VPN now stands for 'Vigorously Pwned Nodes'

john.jones.name
Reply Icon
Flame

VPN endpoints...

a lot of TLS VPN's don't even check a certificate is correct they simply check its valid...

that combined with no DNSSEC for hosting domain means if a user connects on a compromised network they can spoof the name and certificate...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon