Penetration Testing mailing list archives
Re: Security and VPN
From: Sat Jagat Singh <flyingdervish () yahoo com>
Date: Fri, 22 Jun 2007 13:30:58 -0700 (PDT)
Many good points have been made on this question. One more to consider is that many organizations have a policy of not allowing any network access from employee owned computing devices. Obviously the effect being that you would need to issue laptops to anyone requiring VPN access. The upside being that you then control the configuration, you can have your management interfaces on it, set to check in with your servers for configuration updates, and concerns over the insecurity of somebody's home system are a bit smaller. If you do go this route, I would suggest to disable password caching and have the users log onto the units with a local account. Otherwise, a hash of your (and possibly the domain admin account) password is floating around out there at large for cracking since you will have logged onto the unit to do configuration --- Sohail Sarwar <ssarwar () ecredit com> wrote:
Hi there, I just wanted to put this out there. How secure is VPN. Meaning, if my users take home the client and install it on their desktop at home, and connect to the corporate network and production network, wheat are we really looking at. Are they secure or not. Two factor authentication would only help the authentication purpose and to protect the user name and password ? How about restricting them to access, and how about worrying about their home computer that can be effected. Has anyone been through this. Any one give home users a list of requirements that they must have before vpn can be offered to them ? Should there be some type of desktop policy installed on their home computer, just to protect the company network ? Any help and guidance would be great Regards, Sohail
------------------------------------------------------------------------
This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020
------------------------------------------------------------------------
____________________________________________________________________________________ Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games. http://sims.yahoo.com/ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Re: Security and VPN, (continued)
- Re: Security and VPN Ben Nell (Jun 20)
- RE: Security and VPN Russell Butturini (Jun 21)
- Re: Security and VPN Kurt Buff (Jun 22)
- Re: Security and VPN Matthew Leeds (Jun 19)
- Re: Security and VPN Robert Hagen (Jun 19)
- Re: Security and VPN Thor (Hammer of God) (Jun 19)
- RE: Security and VPN Stong, Ian C CTR DISA GIG-CS (Jun 19)
- RE: Security and VPN Shenk, Jerry A (Jun 19)
- RE: Security and VPN Jessie Ling XX (MC/EPA) (Jun 19)
- RE: Security and VPN Petreski, Samuel (Jun 19)
- Re: Security and VPN Sat Jagat Singh (Jun 22)