Cisco Systems VPN Client
Encyclopedia
The Cisco Systems VPN Client enables computers to connect to a virtual private network
. The client makes remote resources of another network available in a secure way as if the user was connected directly to that "private" network.
VPN Client 5.0.07.0290 added support for 64-bit versions of Windows Vista and Windows 7.
VPN Client does not run on any Linux 64 bit dual core systems that have SMP turned on.
with type 7
, or stored as cleartext. A vulnerability has been identified, and those passwords can easily be decoded using software or online services. To workaround these issues, network administrators are advised to use the Mutual Group Authentication feature, or use unique passwords (that aren't related to other important network passwords).
Virtual private network
A virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
. The client makes remote resources of another network available in a secure way as if the user was connected directly to that "private" network.
Installation
The client is normally distributed with an executable installer and profile file(s), which contain all the necessary information to easily connect to a network. Cisco VPN Client Profile files have a security vulnerability which can potentially put the virtual private network at risk.Availability
The software is not free but is often installed on university and business computers in accordance with a site-license. As with most corporate licenses, administrators are allowed to freely distribute the software to users within their network.Compatibility
VPN Client 4.9.01.0230 Beta added support for Mac OS X 10.6. Stable version 4.9.01.0180 appears to lack that support; 4.9.00.0050 explicitly did not support versions of Mac OS X later than 10.5.VPN Client 5.0.07.0290 added support for 64-bit versions of Windows Vista and Windows 7.
VPN Client does not run on any Linux 64 bit dual core systems that have SMP turned on.
Security
The client uses profile files (*.pcf) that store VPN passwords either hashedCryptographic hash function
A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...
with type 7
Type 7
type 7 is a cryptographic hash function used to hash passwords in Cisco Systems VPN Client.-References:**...
, or stored as cleartext. A vulnerability has been identified, and those passwords can easily be decoded using software or online services. To workaround these issues, network administrators are advised to use the Mutual Group Authentication feature, or use unique passwords (that aren't related to other important network passwords).