Joe, Joe,
That is a *old* report, last updated in September 2006. None of the Clean Access 4.x.x versions are listed. Cisco responded to this, as listed in the "References" link. Since versions 4.x.x have been out for almost a year and a half, this report may be discarded unless it is updated to be currently relevant. Bruce Osborne -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[EMAIL PROTECTED] On Behalf Of Joe Feise Sent: Wednesday, April 16, 2008 12:24 PM To: [email protected] Subject: Re: [CLEANACCESS] Dirty access agent Baynes, Faith wrote on 04/16/08 08:59: > One of my more adventurous, but thankfully well behaved, students told > me about it some time ago.... He also scripted a workaround to the mac > agent because the previous iteration of that was so crummy. It is > definitely KNOWN in the more geeky student community that dirty access > agent exists... Due to a fundamental design flaw of CCA, it is not possible to prevent such bypass: http://www.securityfocus.com/bid/19726/info http://www.securityfocus.com/bid/19726/discuss Even a Nessus scan won't help if the person puts a cheap Linux-based router in front of the Windows box. Disclosure: I am co-author of the security advisory. -Joe
