Ack.
1. Yes IP spoofing will be a *huge* problem
2. Anyone between you and your company would be able to
sniff your traffic, including your plain-text
user name, password, commands, etc etc etc...
3. If someone knows a little about ICMP redirects,
someone doesn't even need to be right in between
your machine and your office to sniff your traffic.
To get a solution up and running fast, I'd pick SSH
with digital certificate based authentication
(as opposed to password based authentication).
This way you don't even have to worry about
someone pretending to be your office computer and
having you spilling your secrets (password) to him/her.
For SSH, you open ports 22 and 1022 to the server
(office computer).
Of course, this solution still allows your home
computer to be compromised, and have a trojan
waiting there for you to connect to your office,
and once you do.... Ehm.. :-)
Regards,
Mike
todd wrote:
>
> I would like to set up a route through a Cisco PIX so I can do work at
> home. I have a static IP at home and one at work is a possibility. This is
> something I admitedly do not know much about, but IP spoofing seems to be a
> possible security concern. Is this the case with PIX firewall 4.2.3? I am
> reading through the doc and haven't come across any mention of it yet. Any
> thing else I might want to be concerned about.
> What about setting up VNC to access work remotely? Any concerns other the
> same as telnet.
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
