On 08/04/2014 16:04, Mike Tancsa wrote: > How does one attack the client ? In my case, the client only connects > to my servers ? I use a tls-auth key file as well. If I understand > correctly, the scenario would be the attacker would have to have the > tls-auth key file, and then do a man in the middle attack to pretend > its the server's IP, and then coax the client into allocating the 64k > block of memory as described in the above link ?
Correct. But man-in-the-middle can also be something like DNS poisoning. If you use TLS-auth, the attacker must have previously obtained the TLS-auth key. When the user base is large, it is not unlikely that one of the users was compromised and should be considered malicious. -Steffan
