Security Basics mailing list archives
RE: DMZ and VPN
From: "John Tolmachoff" <sflist-secbasic () reliance net>
Date: Tue, 18 Feb 2003 09:29:45 -0800
How do you solve that one?
By using a firewall in addition to RRAS. RRAS only determines what packet goes where. You still need to filter and check those packets. This is one of my complaints of allowing RRAS to create an VPN endpoint. It can give someone a false sense of security. If the RRAS server becomes compromised, so is the VPN traffic as well as the network behind the VPN endpoint. IMO, using RRAS as a VPN endpoint should not be used in conjunction with a DMZ zone, only behind a firewall. John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com
Current thread:
- DMZ and VPN Security Manager (Feb 18)
- RE: DMZ and VPN John Tolmachoff (Feb 18)
- Re: DMZ and VPN Alberto Cozer (Feb 18)
- RE: DMZ and VPN David Gillett (Feb 19)
- <Possible follow-ups>
- Re: DMZ and VPN abretten (Feb 18)
- Re: DMZ and VPN Chris Travers (Feb 19)
- RE: DMZ and VPN Fields, James (Feb 18)