VPN's (fwd)
Ryan Russell
ryan at SECURITYFOCUS.COM
Tue Feb 22 14:48:25 EST 2000
On Tue, 22 Feb 2000, Andrew Paul wrote:
> You might check with the various VPN vendors. They should be able to set up
> a "route table" when the client software is enabled that states all traffic
> should go through the encrypted tunnel. I believe this can be set up on the
> VPNet VSU systems. They have a WIN95/98 and NT 4.0 client. It also may be
> a possibility in the Nortel Contivity product line.
>
That may not be sufficient. The attacker can still get packets to your
VPN client. Even if the replies go back home, the attacker may still get
them, depending on the firewall back home. I may cases, they'll get them
with a translated source address, whcih for clever attackers won't slow
them down at all, and may allow them to continue their connection just
fine.
Ryan
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list