nanog mailing list archives
Re: Level3 routing issues?
From: "David Howe" <DaveHowe () gmx co uk>
Date: Tue, 28 Jan 2003 11:32:40 -0000
at Monday, January 27, 2003 7:50 PM, alex () yuriev com <alex () yuriev com> was seen to say:
This is not correct. VPN simply extends security policy to a different location. A VPN user must make sure that local security policy prevents other traffic from entering VPN connection.
This is nice in theory, but in practice is simply not true. even assuming that the most restrictive settings are used (user may not install software by admin setting, has no local administration on his machine, IP traffic other than via the VPN is exclusive to the vpn client) it is *still* possible that the machine could be compromised by (say) an email virus who then bypasses security by any one of a dozen routes.
Current thread:
- Re: Level3 routing issues?, (continued)
- Re: Level3 routing issues? Valdis . Kletnieks (Jan 27)
- Re: Level3 routing issues? alex (Jan 27)
- Re: Level3 routing issues? Valdis . Kletnieks (Jan 27)
- Re: Level3 routing issues? alex (Jan 27)
- Re: Level3 routing issues? Simon Lockhart (Jan 27)
- Re: Level3 routing issues? alex (Jan 27)
- Re: Level3 routing issues? Simon Lockhart (Jan 27)
- Re: Level3 routing issues? alex (Jan 27)
- Re: Level3 routing issues? Valdis . Kletnieks (Jan 27)
- Re: Level3 routing issues? alex (Jan 27)
- Re: Level3 routing issues? David Howe (Jan 28)
- VPN clients and security models alex (Jan 28)
- Re: VPN clients and security models Valdis . Kletnieks (Jan 28)
- Re: VPN clients and security models David Howe (Jan 28)
- Re: Level3 routing issues? Iljitsch van Beijnum (Jan 26)
- Re: Level3 routing issues? Robert A. Hayden (Jan 25)
- Re: Level3 routing issues? Jack Bates (Jan 25)
- Re: Level3 routing issues? Daniel Senie (Jan 25)
- Re: Level3 routing issues? Jared Mauch (Jan 25)
- Re: Level3 routing issues? Avleen Vig (Jan 25)
- Re: Level3 routing issues? Jack Bates (Jan 25)