Wikipedia

Cisco Systems VPN Client

This is an old revision of this page, as edited by Ringbang (talk | contribs) at 00:34, 20 October 2011 (Security: password storage). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The Cisco Systems VPN Client enables computers to connect to a virtual private network. The client makes remote resources of another network available in a secure way as if the user was connected directly to that "private" network.

Cisco Systems VPN Client
Developer(s)Cisco Systems
Stable release
*Windows - 5.0.07.0440[1] / March 15, 2011 (2011-03-15)
  • Mac OS X - 4.9.01.0180[2] / February 5, 2009 (2009-02-05)
Preview release
4.9.01.0230 for Mac / July 27, 2010 (2010-07-27)
Operating systemWindows, Mac OS X 10.4 and 10.5, Solaris UltraSPARC, Linux (Intel)[3]
Size
  • x86 - 7.63 MB
  • x64 - 4.78 MB
Available inEnglish
TypeVPN software
LicenseProprietary
Websitecisco.com/en/US/products/sw/secursw/ps2308/

Installation

The client is normally distributed with an executable installer and profile file(s), which contain all the necessary information to easily connect to a network. Cisco VPN Client Profile files have a security vulnerability which can potentially put the virtual private network at risk. [citation needed]

Availability

The software is not free but is often installed on university and business computers in accordance with a site-license. As with most corporate licenses, administrators are allowed to freely distribute the software to users within their network.

Compatibility

VPN Client 4.9.01.0230 Beta added support for Mac OS X 10.6.[4] Stable version 4.9.01.0180 appears to lack that support; 4.9.00.0050 explicitly did not support versions of Mac OS X later than 10.5.[5]

VPN Client 5.0.07.0290 added support for 64-bit versions of Windows Vista and Windows 7.[6]

VPN Client does not run on any Linux 64 bit dual core systems that have SMP turned on. [citation needed]

Security

The client uses profile files (*.pcf) that store VPN passwords either hashed with type 7, or stored as cleartext. A vulnerability has been identified,[7] and those passwords can easily be decoded using software or online services.[8] To workaround these issues, network administrators are advised to use the Mutual Group Authentication feature, or use unique passwords (that aren't related to other important network passwords).[7]

References

  1. ^ VPN Client release notes
  2. ^ Cisco VPN Client v4.x … Mac OS
  3. ^ "VPN Client Homepage".
  4. ^ Release Notes for VPN Client, Release 4.9.01.0230 Beta for Mac OS X
  5. ^ Release Notes for VPN Client, Release 4.9.00.0050 for Mac OS X, Revised: May 21, 2010, OL-11179-04
  6. ^ Release Notes for Cisco VPN Client, Release 5.0.07.0290
  7. ^ a b "Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability".
  8. ^ "Cisco Systems VPN Client Group Password Decoder".
Retrieved from "https://en.wikipedia.org/w/index.php?title=Cisco_Systems_VPN_Client&oldid=456442574"