[CVALE] Non Linux Simple VPN Questions
Pete Zaitcev
zaitcev at redhat.com
Mon Apr 14 12:05:10 PDT 2008
On Mon, 14 Apr 2008 11:41:03 -0700, Terry <terry at zinnianet.net> wrote:
> Several years ago I supported a network where CISCO VPN client
> software was used. I remember it not permitting the client to
> access other Internet sites once the VPN was in use.
I can talk about it more, but fundamentally it's not adding much
to your security, because the client is still connected to
the net and exchanges IP traffic with the concentrator.
The break-in happens when client is off VPN, then zombie kit
either ensures communication with its C&C server around the
VPN, or runs autonomously, or communicates over VPN and its
Internet access, or any number of things. The bottom line is,
stop worrying about this. Instead, place firewall against VPN
users and be ready to drop and blacklist them at first sign of
trouble.
-- Pete
More information about the cvale
mailing list