Security Incidents mailing list archives
Re: VPN hijacking
From: David Desvoigne <david.desvoigne () HIGHMARK COM>
Date: Wed, 25 Oct 2000 15:41:55 -0400
I've done some testing of the Altiga/Cisco VPN client, in our configuration we do not allow split tunnels. when the VPN client is activated it no longer accepts connections destined to the original IP address of the client. Our concern was more of a what to do when the client system is not connected to the VPN. the masking of the client IP address no longer exists so no the client can easily be compromised as well as the integrity of and data received from the client. To help combat this we wrote a policy requiring personal firewall software/hardware and local disk/file encryption for and client system connecting to the VPN. David A. desVoigne Sr. Data Security Analyst Corporate Information Security Highmark Inc. 1800 Center Street Camp Hill, PA 17089-0089 david.desvoigne () highmark com "Wertheimer, Ishai" <iwertheimer@KPMG.C To: INCIDENTS () SECURITYFOCUS COM OM> cc: Sent by: Incidents Subject: VPN hijacking Mailing List <INCIDENTS@SECURITY FOCUS.COM> 10/25/2000 05:27 AM Please respond to "Wertheimer, Ishai" Hi, Did any of you come across an incident of VPN hijacking? Theoretically, if I use an unprotected client to access the VPN, if someone hacks into my client PC, he can hijack the session. Did this ever happen ? Thanks, Ishai Wertheimer ***************************************************************************** The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. *****************************************************************************
Current thread:
- VPN hijacking Wertheimer, Ishai (Oct 26)
- Re: VPN hijacking Michael H. Warfield (Oct 27)
- Re: VPN hijacking ejovi nuwere (Oct 27)
- Re: VPN hijacking John Duksta (Oct 27)
- Re: VPN hijacking Ryan Russell (Oct 27)
- Re: VPN hijacking Neil Sequeira (Oct 27)
- <Possible follow-ups>
- Re: VPN hijacking David Desvoigne (Oct 27)
- Re: VPN hijacking Laumann, Dave (Oct 28)