Man In The Middle Attacks
17 August 2004, 01:33 PM
#2
Moderator
Join Date: Dec 1998
Location: Staffs
Posts: 23,573
Likes: 0
Received 0 Likes
on
0 Posts
Do you mean somebody who VPNs into your network is compromised and hence somebody on the Internet can then attack your network?
For example, whilst the VPN session is established, the client device can still access content on the Internet or other networks. I know this as Split Tunneling.
This is an easy option to configure on something like a SonicWall - simple drop down choice of allowing traffic to Any Destination, Secured Gateways or This Gateway only. On a Windows Server VPN, I'm not sure...
For example, whilst the VPN session is established, the client device can still access content on the Internet or other networks. I know this as Split Tunneling.
This is an easy option to configure on something like a SonicWall - simple drop down choice of allowing traffic to Any Destination, Secured Gateways or This Gateway only. On a Windows Server VPN, I'm not sure...
18 August 2004, 10:40 AM
#3
Scooby Regular
classic 'man in the middle' attacks ie pretending to be the terminating device to each VPN device would be virtually impossible using IPSec VPN.
If your talking about tromboning via an IPSec client then that's a different problem and is mitigated by using a good AV solution on the laptop to stop Trojans or viruses and use something like the Global Security Client from SonicWALL to push a policy to the laptop from the firewall.
If your talking about tromboning via an IPSec client then that's a different problem and is mitigated by using a good AV solution on the laptop to stop Trojans or viruses and use something like the Global Security Client from SonicWALL to push a policy to the laptop from the firewall.
Thread
Thread Starter
Forum
Replies
Last Post
MightyArsenal
Wheels, Tyres & Brakes
6
25 September 2015 08:31 PM
