3. Security Analysis

3.2.1 Configuration Files

The configuration tool transfers the configuration data via SSL. Hence, eavesdropping of the connection and determination of the data is not possible. The analysis of the configuration files gives only information about the default settings of the firewall. The rules defined in the configuration file reveal no failures. The files are very well documented and do not show any logical mistake.

3.2.2 Bridge

The security module provides bridge functionality in order to ease installation and configuration. The bridge is in learning mode by default where it detects other network components. This is done in the same manner as a switch works with the ARP protocol. There is the possibility to switch off the learning mode and to set the MAC addresses manually. This is possible in the advanced mode only, though.

It is possible to imitate a protected node outside of the protected internal network with ARP spoofing in order to let the security module send unencrypted data. However, this attack only works if the firewall allows unprotected IP-communication between internal and external network (not default setting).

Although the bridge functionality using the learning mode eases the configuration of the VPN, this function is also the module’s largest weakness. Using ARP spoofing an attacker in the local network can imitate a protected network such that the security module sends unencrypted packets to the unprotected network, or he can do a man-in-the-middle-attack. This is a weakness in principle and not especially a weak point of the security module, in particular since the default- settings prevent this attack.

19-Aug-05

escrypt GmbH

16

Page 16
Image 16
Siemens Version: 1.2 manual Configuration Files, Bridge