Common VPN Security Flaws

That’s the name of an interesting paper published on the website of NTA Monitor. From the abstract:

    This paper outlines some of the common VPN security flaws that NTA  
Monitor have found during the last three years while performing VPN se-  
curity tests. The paper concentrates on remote access VPN configurations  
using the IPsec protocol, although some of the findings are also applicable  
to site-to-site VPNs.  
    Some of the problems that have been seen, such as the username enu-  
meration issue, are new discoveries, while others are known limitations of  
the protocols, which are exposed due to poor configuration.  
    The paper shows that VPNs are far from the impenetrable systems that  
many people believe them to be, and that they can actually be the weak link  
in an otherwise secure system.  

You can also obtain ikde-scan, an IPsec VPN scanning, fingerprinting and testing tool, from their website.