VPN's (fwd)
MARC A KURTZ
marck at ESU.EDU
Tue Feb 22 15:30:18 EST 2000
Has anyone ever come up with a solution for this problem ( in particular
from windows to linux )?
i.e. How can we authenticate that the data going over the encrypted tunnel
is legitimate?
----- Original Message -----
From: "Ryan Russell" <ryan at SECURITYFOCUS.COM>
To: <VPN at SECURITYFOCUS.COM>
Sent: Tuesday, February 22, 2000 2:48 PM
Subject: Re: VPN's (fwd)
> On Tue, 22 Feb 2000, Andrew Paul wrote:
>
> > You might check with the various VPN vendors. They should be able to
set up
> > a "route table" when the client software is enabled that states all
traffic
> > should go through the encrypted tunnel. I believe this can be set up on
the
> > VPNet VSU systems. They have a WIN95/98 and NT 4.0 client. It also may
be
> > a possibility in the Nortel Contivity product line.
> >
>
> That may not be sufficient. The attacker can still get packets to your
> VPN client. Even if the replies go back home, the attacker may still get
> them, depending on the firewall back home. I may cases, they'll get them
> with a translated source address, whcih for clever attackers won't slow
> them down at all, and may allow them to continue their connection just
> fine.
>
> Ryan
>
> VPN is sponsored by SecurityFocus.COM
>
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list