OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: pen test (pentestlistHOTMAIL.COM)
Date: Thu Mar 29 2001 - 07:10:01 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    heres what I saw sometime ago.

    When I connect to the vpn my Aol instant messenger will sign off and then
    sign back on, same thing happens when I logout of the vpn. This shows that
    my traffic is routing through the vpn. If uncheck "use remote defualt
    gateway" then this does not happen so the traffic is going out like normal.
    BUT if I dont use the companies gateway I have to use a host file to resolve
    anything so its more of a pain than anything. Your computer will still
    respond to scans, ping and whatever since the vpn connection is on top of
    your normal connection. Your ip from your isp is still valid. You
    essentially have 2 ips not a real and a virtual. Hey you can be found twice
    by attackers.

    >From: Jason Lewis <jlewisJASONLEWIS.NET>
    >Reply-To: jlewisjasonlewis.net
    >To: FOCUS-MSSECURITYFOCUS.COM
    >Subject: Re: [FOCUS-MS] VPN endpoint security
    >Date: Tue, 27 Mar 2001 19:32:10 -0500
    >
    >Maybe I wasn't clear. My machine acts like it is on the network where the
    >VPN server is. Traceroute works like I am sitting next to the server.
    >
    >My question was related to the IP that my ISP gives me. Is that IP still
    >responding to port scans, attacks, whatever.
    >
    >When I connect to the VPN server, it assigns me an IP for the network the
    >VPN server is connected to.
    >
    >jas
    >http://www.rivalpath.com
    >
    >
    >
    >-----Original Message-----
    >From: Byron Kennedy [mailto:byronmarkettools.com]
    >Sent: Tuesday, March 27, 2001 7:18 PM
    >To: 'jlewisjasonlewis.net'; FOCUS-MSSECURITYFOCUS.COM
    >Subject: RE: VPN endpoint security
    >
    >
    >i think running a simple traceroute would also confirm this for you.
    >
    >-----Original Message-----
    >From: Jason Lewis [mailto:jlewisJASONLEWIS.NET]
    >Sent: Tuesday, March 27, 2001 2:18 PM
    >To: FOCUS-MSSECURITYFOCUS.COM
    >Subject: Re: VPN endpoint security
    >
    >
    >This brings up something I have been thinking about but haven't tested.
    >
    >It appears that when I connect my Win2K Pro laptop to my Win2K server via
    >VPN, all my traffic is routed through the VPN. Does this mean that my
    >machine no longer responds to requests via the IP that I am assigned when I
    >get on the internet? All my traffic is routed over the IP that the VPN
    >server has given me.
    >
    >Maybe I need to go port scan my machine......
    >
    >To answer the original question, I have been recommending ZoneAlarm.
    >
    >jas
    >http://www.rivalpath.com
    >
    >
    >-----Original Message-----
    >From: Focus on Microsoft Mailing List
    >[mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of Richard Bartlett
    >Sent: Tuesday, March 27, 2001 2:23 AM
    >To: FOCUS-MSSECURITYFOCUS.COM
    >Subject: Re: VPN endpoint security
    >
    >
    >Byron,
    >
    >For protecting VPN users using Windows 2000/NT4 I recommend using Network
    >ICE ICEpac Security Suite. This gives you a central console that manages
    >all our VPN or remote users who are running BlackICE Agents, and they don't
    >even know it's there (or they don't have to). It's fairly easy to setup
    >and
    >can be combined with BlackICE Sentry to watch your entire subnet.
    >
    >Hearily recommend it.
    >
    >Richard Bartlett
    >Hacker Immunity Ltd
    >
    >-----Original Message-----
    >From: Focus on Microsoft Mailing List
    >[mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of Byron Kennedy
    >Sent: 26 March 2001 21:09
    >To: FOCUS-MSSECURITYFOCUS.COM
    >Subject: VPN endpoint security
    >
    >
    >Just curious what others are doing out there to secure corporate IPSec VPN
    >endpints (dial-up, brodband,etc)? Looking for an easy to administer
    >solution for wintel clients using primarily win2000 and nt4.0? Concerns
    >are
    >policy administration and ease of use. What about ZoneAlarm Pro? other?
    >
    >Thx!Byron
    >
    >
    >
    >Byron Kennedy
    >Markettools, Inc.
    >*******************************************
    >www.markettools.com
    >www.ztelligence.com
    >www.zoomerang.com
    >MarketTools is the premier applications services provider of Web-based
    >corporate solutions including market research and feedback services. The
    >company helps businesses of all sizes gather the critical information they
    >need to make key business decisions. MarketTools' research and feedback
    >applications are the first phase of its global relationship intelligence
    >network that will link companies with their customers, employees, vendors
    >and shareholders. MarketTools is a privately held company headquartered in
    >Mill Valley, CA.

    _________________________________________________________________
    Get your FREE download of MSN Explorer at http://explorer.msn.com