On Jun 6, 2007, at 4:06 AM, Steven wrote:
I have setup various VPN links using a variety of routers and
configurations, and always been under the assumption that they are
fairly
well secured if setup correctly. Now I understand that the level of
security will differ depending on your particular setup. However I
guy I
know who runs a rather large ISP claims that under the current SA
infrastructure VPN's are simply not secure at all.
Does anybody have any thoughts on this, am I blissfully unaware, is
there
some truth behind this?
I think that people saying it is secure and people saying it isn't
secure are talking about different things.
Most VPN set-ups do what they are supposed to do "securely". But
often what they are supposed to do is "insecure". What I mean by
the latter is that they often allow unsecured home machines which
may be compromised in many different ways join a "secure" remote
internal network.
That is, people typically use VPNs to allow external machines (or
networks) to join a local network. That's what they do. But
allowing that can be very insecure. Basically it is important to by
distrustful of hosts on the VPN.
Again, I'm just guessing at what might be behind the seemingly
contradictory claims that you've heard.
Cheers,
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"