Educause Security Discussion mailing list archives
Re: vpn split tunnel or no split tunnel
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Mon, 7 Feb 2011 17:04:20 -0500
On Mon, 07 Feb 2011 14:15:16 CST, "James R. Pardonek" said:
Depending on how it is configured, it is possible for a user to inadvertently route traffic between the user's ISP and the tunnel. So if the user's computer gets hacked, it is possible for a malicious hacker to gain access to your internal network via the split tunnel. For that reason, we do not allow split tunneling.
Of course, if the user's machine is that heavily compromised, the miscreant controlling the machine is able to set it to be split tunneling no matter what you thought you had configured. :)
Attachment:
_bin
Description:
Current thread:
- vpn split tunnel or no split tunnel Mark Monroe (Feb 07)
- Re: vpn split tunnel or no split tunnel Nick Kartsioukas (Feb 07)
- Re: vpn split tunnel or no split tunnel Julian Y. Koh (Feb 07)
- Re: vpn split tunnel or no split tunnel James R. Pardonek (Feb 07)
- Re: vpn split tunnel or no split tunnel Valdis Kletnieks (Feb 07)
- Re: vpn split tunnel or no split tunnel Nathaniel Hall (Feb 07)
- Re: vpn split tunnel or no split tunnel Chris Green (Feb 07)
- Re: vpn split tunnel or no split tunnel Nathaniel Hall (Feb 08)
- Re: vpn split tunnel or no split tunnel Dexter Caldwell (Feb 09)
- Re: vpn split tunnel or no split tunnel Nathaniel Hall (Feb 08)
- Re: vpn split tunnel or no split tunnel Greene, Chip (Feb 07)
- Re: vpn split tunnel or no split tunnel Allan Williams (Feb 07)
- Re: vpn split tunnel or no split tunnel Mark Monroe (Feb 07)
- Re: vpn split tunnel or no split tunnel Avdagic, Indir (Feb 07)
- Re: vpn split tunnel or no split tunnel Jesse Thompson (Feb 08)
- Re: vpn split tunnel or no split tunnel Jeff Kell (Feb 08)