Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: "MS Blast" Win2000 Patch Download

From: "Jeremiah Cornelius" <jeremiah () nur net>
Date: Thu, 14 Aug 2003 16:49:36 -0700
Word UP!

We have people surfing the Internet and then connecting via VPN to our

LAN.

The only solution as far is virusscanner and a electronic software
distribution.
That is what I think



Well,

Laptops should have a stck on them, that forces a RADIUS/CHAP or xEAP
authentication to access the local network when they are brought onto a
local LAN.  Client VPN and dial-up users should also go through this
method.  Once authenticated, these connections should be diverted to a VLAN
created just for these client machines.  This VLAN would be screened from
the regular user segment (which should itself be screened from production
servers and development/test).  Access to resources here would occur through
proxies, and possibly remote terminal services.

Yeah, right.  I lnow...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: