[vpn] dangers of vpn to local network

Chad L Brewer clbrewer at us.ibm.com
Mon Feb 4 17:47:53 EST 2002


BTM,


Without more knowledge of the VPN product that you are dealing with, and


knowing the protocols and OS's on both sides I can not say for sure


what your exact exposure is.What I can tell you is that with a VPN you are


creating an extension from a remote network to your network. This could


make you more vulnerable to "insider attacks" which could use the


established session to access resources on your local network. Most VPN


hijacking methods


are still considered theoretical, but some have been proven. One way to


limit your exposure is to install a personal firewall product such


as Zonealarm to detect connections that are accessing resources outside of


the machine with the established tunnel.


C.L.B








                                                                                                                                      
                      btm                                                                                                             
                      <btm at pixi.com>           To:      vpn at securityfocus.com                                                         
                                               cc:                                                                                    
                      02/04/2002 04:56                  From:                                                                         
                      PM                              Subject:      [vpn] dangers of vpn to local network                             
                                                                                                                                      
                                                                                                                                      




If I have a network at home (behind a firewall) and someone gives me a vpn
client so that I can vpn to their network, what risks are posed to my
network at home?  If I connect with the vpn, can someone on the remote
network come through the vpn and access my machines (other than the one
with the vpn client)?  Thanks, Brian.


VPN is sponsored by SecurityFocus.com





VPN is sponsored by SecurityFocus.com





More information about the VPN mailing list