Over a three-year period of testing VPNs, NTA Monitor has discovered that 90% of remote access VPN systems have exploitable vulnerabilities. The tests were mainly carried out for large organisations, including financial institutions that had their own in-house security teams. The common belief is that VPN systems are invulnerable, when in fact they are frequently the weak link in an otherwise secure system.
This paper discusses how it is possible to determine which implementation of a UDP service is being used from the retransmission backoff pattern. It uses IKE (Internet Key Exchange) as an example UDP service which can be identified in this way, although the technique may also be applicable to other UDP services. The paper also describes an example program called "ike-scan" which is able to discover and identify IPsec VPN systems running IKE. This program is publicly available under the GNU Public License (GPL).
I wish to highlight the outstanding work that your consultant undertook whilst doing the ICT Health Check for the Council.
Particularly notable was the level of technical knowledge displayed by NTA’s consultants, and we were also impressed that they were willing to share this knowledge with the network team.
We have found NTA to be an excellent supplier, offering a very good service at a competitive price. A key differentiator is that they are happy to answer any questions...
I have found NTA to be an approachable knowledgeable partner, and have no hesitation in recommending their services.
The quality of both the initial work and follow-up advice and guidance was excellent, and NTA provided full lifecycle support to the development and delivery of our Online Services portfolio.
On one occasion our third-party did not believe the vulnerability was an issue - having had their software tested by another well-known security testing company - and NTA Monitor were...
NTA Monitor are very supportive, especially regarding general questions about Information Security issues such as hacking and vulnerabilities.