lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0406231048180.22638-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: CISCO Vpn

On Wed, 23 Jun 2004, Patrick Olsen wrote:

> I have been asked what the PROs and CONs of setting up a vpn would be. Im
> trying to find security pros and cons. Basically to find out if it is worth
> the risk. This individual would be using a desktop at home which we would be
> setting up for her.
>

The main problem with a vpn tunnel for workers from home is keeping them
from messing with the system and changing the defaults estblished, and
making sure the security policy on the machine remain as hig as the policy
for the corp network.  Things like having the AV sigs up to date, no split
tunneling such that the user can irc while tunneled back into work, etc.
The main risk is in providing nothing more then a secure tunel for all the
home users nasties to travel back into the corp network.  It's estimated
that at least 75% of vpn's in place for this kind of use are nothing more
then that.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ