All the latest UK technology news, reviews and analysis

Nine out of 10 VPNs 'not secure'

by Iain Thomson

More from this author

01 Feb 2005

Be the first to comment

  • Tweet this

A three-year research project by security firm NTA Monitor has concluded that nine out of 10 virtual private networks have exploitable vulnerabilities.

Most of the companies that had their VPNs tested as part of the project thought that they were invulnerable to hackers, but researchers found the same types of flaw repeated across the whole product range.

Further reading

The report stated that, in some cases, VPNs were actually the weakest security link in an organisation.

"VPNs are not the invulnerable systems that they are often believed to be," said Roy Hills, technical director at NTA Monitor and author of the report.

"They can actually be the weak link in a secure system. Some of these problems are new discoveries, while others are known limitations of the protocols which are exposed due to poor configuration."

The most widespread flaw involved the hacking of user names. Many VPNs give away useful information to someone guessing user names and, although NTA Monitor has warned these companies of this weakness, many have yet to fix the problem.

Other vulnerabilities centre around password cracking. The survey found that a text-based password could be broken in 16 minutes using a brute force attack, while a password containing a mixture of words and letters took two days.

VPNs are also a very tempting target for hackers. As they are considered to be secure, the most valuable data is often found by cracking such security measures.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

A Microsoft logo

Microsoft posts critical Internet Explorer patch with February fixes

Related white papers

Related articles

Related jobs

Today's top stories

Google logo

Google’s Motorola acquisition cleared by European and US competition authorities

Asus Transformer Prime vs Apple iPad 2

Apple iPad 2 vs Asus Transformer Prime head-to-head review

Apple logo

Apple commissions independent inspection of Foxconn iPhone and iPad factories

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Project Manager (BI)

Project Manager (BI) 6 Months Contract – to...

Desktop Support Manager

Desktop Support Manager 3 month contract - to start...

Programme Manager / 45k ++ Benefits / London

/ Programme Manager / 45k / Significant benefits / London...

Automation Test Manager Selenium London 75k

Automation Test Manager Selenium London 75k Automation...

To send to more than one email address, simply separate each address with a comma.