[strongSwan] Strongswan responds to scan attack

Naveen Neelakanta naveen.b.neelakanta at gmail.com
Wed Dec 5 20:57:30 CET 2018


Thanks Tobias

The vulnerability is : ISAKMP endpoint allows short key lengths or insecure
encryption algorithms to be negotiated. This could allow remote attackers
to compromise the confidentiality and integrity of the data by decrypting
and modifying individual ESP and AH packets.

Thanks,
Naveen


On Wed, Dec 5, 2018 at 3:03 AM Tobias Brunner <tobias at strongswan.org> wrote:

> Hi Naveen,
>
> > Is there a configuration to avoid strongswan from responding
> > to unsolicited request from scans, even when strongswan is not
> > configured with an endpoint configuration,
>
> What kind of request is sent, what kind response?  And what exactly
> makes a request unsolicited?
>
> Anyway, there is the charon.initiator_only option to ignore any initial
> IKE messages.
>
> Regards,
> Tobias
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20181205/1c7ebeaa/attachment.html>


More information about the Users mailing list