wa_desert_rat Posted March 19, 2015 Report Share Posted March 19, 2015 This link details a security issue that inolves (as near as I can tell) commodity routers that use a built-in SSL key to secure their VPNs. Many routers today allow customers to create a VPN between various office spread around a geographical area. This lets employees in one office work off a file server at the home office in a transparent manner (the employee doesn't have to do anything extra... he/she simply logs in to the domain in the morning and starts work). However it appears that many commodity routers (netgear, etc.) may be using weak 512-bit keys instead of 2048-bit keys (and higher). The open-source "OpenVPN" makes you create a key when you configure the VPN and each key to each link is different. I always use a 2048-bit key but apparently commodity routers have a built-in key length of 512-bit. and every router uses the same key. Here is the link. http://www.itworld.com/article/2897775/researchers-find-same-rsa-encryption-key-used-28000-times.html?phint=newt%3Ditworld_today&phint=idg_eid%3Dafbdce93df1132e5de07d306edf23bac#tk.ITWNLE_nlt_best_2015-03-19 If you are using a "cloud" VPN or commodity routers for your VPN you should take a look at the system you're using. WDR 1993 Foretravel U225 with Pacbrake and 5.9 Cummins with Banks 1999 Jeep Wrangler, 4" lift and 33" tires Raspberry Pi Coach Computer Ham Radio Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.