[Openswan Users] wrong gateway ip assigned
Paul Wouters
paul at xelerance.com
Tue May 10 14:01:50 CEST 2005
On Tue, 10 May 2005, Jacco de Leeuw wrote:
> This is the 'split tunnelling' I mentioned earlier.
>
> There is a security risk in this. The client can access the Internet while
> while connected to the VPN, but the reverse is also true. If the client
> is hacked, it can be a conduit for accessing the VPN.
I believe the additional risks are actually pretty minimal.
Most attacks are automated scripted worm/viri/trojans, and not specificly
targetted attacks. Wether the laptop is only connecting to the internet or only
throuh the VPN, or to both at the same time, is really the same thing. At some
point the laptop will get infected (through its internet connection), and at some
point it will have access to the VPN and start probing that range for infections.
Paul
More information about the Users
mailing list