Security Incidents mailing list archives
Re: VPN hijacking
From: Neil Sequeira <neil () NCSCONSULTING COM>
Date: Wed, 25 Oct 2000 16:31:24 -0400
I've never heard of anybody actually pulling this off, but i'd be very interested in hearing of any such experiences. You should be able to reduce your exposure to this by disabling 'split tunelling' on the VPN switch - so once you start your VPN session, your normal IP stack gets 'turned off' and you can only be contacted through the VPN tunnel. If someone is already on the other side of the tunnel, there's probably not much to gain from hijacking your session ;) -neil "Wertheimer, Ishai" wrote:
Hi, Did any of you come across an incident of VPN hijacking? Theoretically, if I use an unprotected client to access the VPN, if someone hacks into my client PC, he can hijack the session. Did this ever happen ?
Current thread:
- VPN hijacking Wertheimer, Ishai (Oct 26)
- Re: VPN hijacking Michael H. Warfield (Oct 27)
- Re: VPN hijacking ejovi nuwere (Oct 27)
- Re: VPN hijacking John Duksta (Oct 27)
- Re: VPN hijacking Ryan Russell (Oct 27)
- Re: VPN hijacking Neil Sequeira (Oct 27)
- <Possible follow-ups>
- Re: VPN hijacking David Desvoigne (Oct 27)
- Re: VPN hijacking Laumann, Dave (Oct 28)