* Wireguard and vulnerability scanning
@ 2019-03-11 13:10 Alex Rodriguez
0 siblings, 0 replies; only message in thread
From: Alex Rodriguez @ 2019-03-11 13:10 UTC (permalink / raw)
To: wireguard
[-- Attachment #1.1: Type: text/plain, Size: 2672 bytes --]
Hi wireguard team and list,
I wanted to reach out and ask a question about using wireguard for vulnerability scanning through a host onto a network. Similar to this: https://www.kali.org/tutorials/wireguard-on-kali/
I am still new to wireguard in general, but I have heard about a lot of good things about it from a few of my linux podcasts, and I wanted to implement it to solve a problem that I had attempted to solve before but couldn't reliable do it since the other vpn solutions are so slow and could drop packets from latency.
I setup wireguard similar to how the offensive security article describes (above), and everything appeared to be working. I could ping the hosts on the different network and I could nmap them while getting accurate information. Then I went to go use a vulnerability scanning tool (Nessus), and I noticed that it didn't really pick up anything on the other side of tunnel. I was doing some tcpdumps on the interfaces and from what I could tell, all the udp traffic would make it over fine but none of the tcp requests would get sent to the other side (through the tunnel) properly. The wireguard server side (where I started the scan from), would try to send it but the host we were scanning through (client of the vpn) wouldn't ever receive any of the syn packets.
So there were a few things that we thought might be wrong and I wanted to email you all and see what you thought.
1) nessus isn't sending packets right with whatever they are doing while scanning, and so I am in communication with Tenable (people who own nessus) to see if that is the issue.
2) there were a few tcp option that were missing from the nessus packets that nmap had, and one of the consistent was the timestamp option. We talked to them about that, and they have a reason why they don't send it, but would wireguard discard a packet if it doesn't have a timestamp tcp option?
3) Lastly I saw a ratelimiter.c and saw there was a packet_per_seconds variable defined. So could that be throttling the connections that Nessus is trying to send? If so, if I adjust that and recompile will that break things? For this to work Nessus will send lots of packets at a time.
Those were just a few things that I thought could be affecting it, but I could also be completely wrong. I look forward to the discussion, and let me know if there is anything I can do to help. Thank you so much for this project it really awesome!!
Sincerely,
Alex Rodriguez
--
Alex Rodriguez
Developer
Secure Ideas, LLC - Professionally Evil ®
https://www.secureideas.com/ [https://www.secureideas.com/]
Cell: 980-277-2746 / Office: 866-404-7837 x741
[-- Attachment #1.2: Type: text/html, Size: 4654 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2019-03-20 22:18 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-11 13:10 Wireguard and vulnerability scanning Alex Rodriguez
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.