by Keith J. Jones, PhD | Apr 20, 2021 | community, Protocol Analyzer, Spicy
Introduction I previously blogged about the Zeek OpenVPN Binpac and Spicy protocol analyzers, but that is only one quarter of the popular VPN protocols I see on networks I monitor. The four main VPN protocols, in increasing complexity, I’ve seen on networks I...
by Keith J. Jones, PhD | Mar 16, 2021 | OpenVPN, Protocol Analyzer
By Keith J. Jones, Corelight Sr. Security Researcher Introduction and Background Many modern VPN providers use the OpenVPN protocol in their clients and servers. Threat actors are also known to use OpenVPN. Zeek is unable to natively detect and parse the OpenVPN...