Even then though, you're not secure. If the box is compromised before you connect then even when the firewall is enforced, malicious activity could still take a place...the attacker would not be able to connect to the machine but could leave dastardly code behind to do his job for him.
I am working on this scenario now as well. I am attempting to come up with a best practice for cleaning a machine, installing a firewall, etc.... for any vpn client. Let me know how yours goes! -Patrick >>> "Gibb, Jake" 11/29/01 03:53PM >>> VPN could be considered a backdoor. If Joe User has a broadband connection at home with no firewall or local client firewall installed then when he/she connects to your VPN that is essentially a conduit for attackers to potentially compromise. This is an issue that I am dealing with now. Ciscos VPN client and Concentrator has a new feature that will push a policy on the client requiring they have a firewall installed like BlackIce etc.. If they don't it will enforce it's own basic firewall on the client while connected. I am working on the scripted install for my company now. -Jake -----Original Message----- From: SentinuS [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 29, 2001 2:37 PM To: [EMAIL PROTECTED] Subject: VPN is a Backdoor !!! [7:27725] Hi Guys; I wonder that VPN is a Backdoor? I really need answers. Please do it. thanks SentinuS Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27731&t=27725 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]