Security Basics mailing list archives
RE: VPN's - Firewall's and Security
From: "Halverson, Chris" <chris.halverson () encana com>
Date: Tue, 26 Aug 2003 10:33:22 -0600
Maybe restrict the acces to the essential services for the VPN Clients using the same Technique. Whether it is file sharing enabled ports or if you want OWA then just port 80. Security is only as good as what the users are willing to put up with. If the risks are known and followed, that combat's most of the problems that will arise. Chris -----Original Message----- From: Christopher Joles [mailto:CJoles () proteabhs com] Sent: Tuesday, August 26, 2003 10:29 AM To: Halverson, Chris; security-basics () securityfocus com Subject: RE: VPN's - Firewall's and Security Chris I'm relatively sure that I can apply an access list to the VPN network (it gets a different subnet when connected which differs from our internal network). As I think about it, the VPN network (as currently configured) can only talk to the internal network, It cant talk to the DMZ, nor can it talk to any of my remote satellite locations that connect via VPN links. Would putting my servers on a separate subnet help? I'm just sitting here, thinking that my current configuration works for today, but I'm not so sure for tomorrow or the next day. There must be some way to block / firewall even my VPN connections to limit their internal access and thus allow connectivity to only what they need. Maybe ACL's is what I need to be looking at? Christopher J. Joles Chief Information Officer -----Original Message----- From: Halverson, Chris [mailto:chris.halverson () encana com] Sent: Tuesday, August 26, 2003 12:19 PM To: Christopher Joles; security-basics () securityfocus com Subject: RE: VPN's - Firewall's and Security Would it be possible to block within an access list the tcp port 135 for VPN Access? I haven't configured the PIX devices, so I am not sure if you can do it... chris -----Original Message----- From: Christopher Joles [mailto:CJoles () proteabhs com] Sent: Tuesday, August 26, 2003 9:09 AM To: security-basics () securityfocus com Subject: VPN's - Firewall's and Security Good Day All! I'm looking for design advice. Currently, I have a network that is protected by a Cisco PIX 515 = firewall. We have it configured to protect our internal network along = with supplying access to our DMZ which holds our email and web servers. My concern arises from the spread of the blaster worm. Currently we = give a couple employees (the boss, the CFO and myself) VPN access from = home. In this scenario, the bosses home computer was compromised by the = blaster worm and luckily for me, he was on vacation in Germany at the = time. If he wasn't, he most assuridly would have made a VPN connection = and the lovely blaster worm would have gotten through our defenses. = Keep in mind, I had applied the MS patch to our servers and = workstations, however, it would have still gotten "inside". How can I = redesign my network to either firewall the VPN connections or at a = minimum filter them. Thanx for your opinions in advance! Christopher J. Joles Chief Information Officer PROTEA Behavioral Health Services 187 Exchange St. Bangor, ME 04401 Phone: (207)992-7010 Ext: 245 Fax:(207)992-7011 ------------------------------------------------------------------------ --- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- VPN's - Firewall's and Security Christopher Joles (Aug 26)
- RE: VPN's - Firewall's and Security David Gillett (Aug 26)
- RE: VPN's - Firewall's and Security Larry Thompson (Aug 27)
- <Possible follow-ups>
- RE: VPN's - Firewall's and Security Christopher Joles (Aug 26)
- RE: VPN's - Firewall's and Security Halverson, Chris (Aug 26)
- RE: VPN's - Firewall's and Security Halverson, Chris (Aug 26)
- RE: VPN's - Firewall's and Security Christopher Joles (Aug 26)
- RE: VPN's - Firewall's and Security David Gillett (Aug 26)
- Looking for security resources for SCO open server Ramneek Puri (Aug 27)
- RE: VPN's - Firewall's and Security HOULE, FRANCIS (Aug 27)
- RE: VPN's - Firewall's and Security David Gillett (Aug 26)