Security Basics mailing list archives
RE: VPN's - Firewall's and Security
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 26 Aug 2003 09:38:36 -0700
Two-part answer: 1. The PIX 515 can have up to 6 interfaces; put the VPN server on a fourth interface as a second DMZ, so traffic from VPN clients must traverse the PIX to get anywhere else. [If you have the 515-ER, the software is limited to three interfaces. In that case, put the back end of the VPN server on your DMZ -- not as good, but probably good enough.] 2. You probably have to allow port 135 between VPN clients and the internal network, so this would not have done anything to keep blaster out. David Gillett
-----Original Message----- From: Christopher Joles [mailto:CJoles () proteabhs com] Sent: August 26, 2003 08:09 To: security-basics () securityfocus com Subject: VPN's - Firewall's and Security Good Day All! I'm looking for design advice. Currently, I have a network that is protected by a Cisco PIX 515 = firewall. We have it configured to protect our internal network along = with supplying access to our DMZ which holds our email and web servers. My concern arises from the spread of the blaster worm. Currently we = give a couple employees (the boss, the CFO and myself) VPN access from = home. In this scenario, the bosses home computer was compromised by the = blaster worm and luckily for me, he was on vacation in Germany at the = time. If he wasn't, he most assuridly would have made a VPN connection = and the lovely blaster worm would have gotten through our defenses. = Keep in mind, I had applied the MS patch to our servers and = workstations, however, it would have still gotten "inside". How can I = redesign my network to either firewall the VPN connections or at a = minimum filter them. Thanx for your opinions in advance! Christopher J. Joles Chief Information Officer PROTEA Behavioral Health Services 187 Exchange St. Bangor, ME 04401 Phone: (207)992-7010 Ext: 245 Fax:(207)992-7011 -------------------------------------------------------------- ------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com -------------------------------------------------------------- --------------
--------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- VPN's - Firewall's and Security Christopher Joles (Aug 26)
- RE: VPN's - Firewall's and Security David Gillett (Aug 26)
- RE: VPN's - Firewall's and Security Larry Thompson (Aug 27)
- <Possible follow-ups>
- RE: VPN's - Firewall's and Security Christopher Joles (Aug 26)
- RE: VPN's - Firewall's and Security Halverson, Chris (Aug 26)
- RE: VPN's - Firewall's and Security Halverson, Chris (Aug 26)
- RE: VPN's - Firewall's and Security Christopher Joles (Aug 26)
- RE: VPN's - Firewall's and Security David Gillett (Aug 26)
- Looking for security resources for SCO open server Ramneek Puri (Aug 27)
- RE: VPN's - Firewall's and Security HOULE, FRANCIS (Aug 27)
- RE: VPN's - Firewall's and Security David Gillett (Aug 26)