Hi Eric, Thanks for the response. I think I'm like Alex, I don't quite understand what you mean when you say "Then the entire Internet gets access to the other side of your VPN without having to compromise your system." Could you explain that a little bit? Thank you.
It's fairly straightforward. Let's say you've got a machine on the internet with nothing between you and the 'net. You're running with a public IP(I'm gonna use a private, so just pretend) of 172.16.8.1 on your machine, and you're connected to a VPN. Routing is also turned on on this particular machine.
I'm a bit rusty on my Linux routing statements, but on a Cisco, the way you'd do it is:
ip route 0.0.0.0 0.0.0.0 172.16.8.1 ip route 172.16.8.1 255.255.255.255 192.168.1.1
Where the 192.168 address is the far side of your WAN connection. This provides a route to your machine, and tells the cisco to send ALL traffic to your machine for routing. After that it's a fairly straightforward issue to run an ICMP scan with a relatively low timeout setting on the 10/8, 172.16/12, and 192.168/16 IP blocks until you find a valid IP, then work on that area of the block and play with someone's corporate LAN.
So yeah, this can be a really, REALLY big security hole.
Just one thing; if you can browse while connected to a VPN, make CERTAIN that you're not browsing THROUGH the VPN before you go getting all panicky. It's certainly a strong likelihood, and AFAIK there's relatively little chance of the hole you're referring to from happening. (IOW, browsing on your public connection while connected via VPN.)
George Metz
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
