I would like to know if OpenVPN (SSL VPN) can be intercepted by by proxy appliances like Cisco Ironport & Bluecoat amongest others? I raise this question because comapnies are now interecpting HTTPS trafiic using these appliances with fake certficates. This allows the decypting of HTTPS without the enduser aware that it is happening.
I have not been able to find any reference on the net to this my question. My question to the Security experts are is OpenVPN susceptable to interception since it also relies certficiates? If OpenVPN can be intercepted what are the technical details of how this is done.
I don't know OpenVPN personally, but any application that uses SSL should verify that the certificate presented by the peer is valid and belongs to the peer.
E.g. when the Cisco Anyconnect client receives a fake cert from a proxy then it will either (depending on version and settings)
- deny the connection and inform the user why, or
- inform the user of the certificate mismatch and offer options to cancel the connection or continue anyway.
So "decrypting of HTTPS without the enduser aware" can only happen if the application is not doing proper certificate validation, or if the user just clicks continue without realizing what he is doing (a very real threat nowadays, unfortunately).
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the SecureX regio...
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the Secur...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...