If you're split tunneling, then yes there is a danger: http://www.isaserver.org/tutorials/2004fixipsectunnel.html
Jeff --- [EMAIL PROTECTED] wrote: > It's worth a try. I was following this thread with considerable > interest because > I couldn't log onto AIM either--until I tried when not running > through the > remote access VPN. If I'm just connected to the Internet but not > connected to > headquarters via our VPN, AIM lets me log on just fine. If I log into > AIM and > then activate the VPN, the AIM connection continues without a > problem. However, > if I activate the VPN and then try to log into AIM, I get nothing. > > Of course, this opens another question: is there a security risk in > connecting > to AIM first and then using the VPN? > > Andrew Conry-Murray > > > > > > > "Phillip R Cooper > > II" > > <[EMAIL PROTECTED] > To > h.com> <[EMAIL PROTECTED]>, > > > <[email protected]> > 03/16/2006 11:38 AM > cc > > > > Subject > RE: Possible AIM Hack? > > > > > > > > > > > > > > > > > > here's something that occurred to me- > > are you by chance VPN'd into a common network during all these > attempts? > Perhaps there's been a block instituted on whatever port AIM > communicates > on, and you've not been informed for whatever reason. > > I know this is VERY basic, and possibly will be thought to be my > attempt to > insult you. Not at all. With the alphabet soup after your name, it's > apparent you know much more than I. But I've a feeling this is going > to be > something incredibly simple that is being overlooked, as often > happens in > this industry. Hey, we've all been there- troubleshooting the network > and > finding out later after much agravation that we'd used the wrong > cable in > the first place. ;) > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 16, 2006 9:20 AM > To: [email protected] > Subject: Re: Possible AIM Hack? > > > > As far as the AIM server being temporarily down, as of 0900 EST (GMT > -5) 16 > MAR 06, it is > still not possible (at least for me) to create a new AIM user > account. I > would > encourage others to go to www.aim.com and attempt to create an AIM > identity > and > see if they get the same results. I have tried creating a new > account in at > least four different cities in the last week using different > hardware, ISPs, > etc. -- all with no effect. With every attempt I receive a pop up > java > script > window stating "The service you are attempting to use is temporarily > unavailable,error 20814" > > This message has been returned since last week -- if the > authentication > server is 'casters > up", then the system admins at AIM are operating under a very, very, > generous > Service Levels Agreement. My experience is that if you are down a > week, its > time to break out the disaster recovery plans. In fairness, however, > AIM is > a > free service. Free usually means you get what you pay for. Right > now I am > receiving from AOL exactly what I have been paying -- nothing. > > But in seriousness, a lot of people depend on AIM for social and even > business > interaction. It has, free or not, become a "critical application" to > a lot > of > people. I made a couple of attempts to contact AOL about the > problem, > without > result. > > In a larger context, if there is a problem at AOL with AIM, and it > has been > hacked, and it has been down over a week -- what of the data and > accounts of > the > gazillions of users who are regulars on AIM? Is that data safe? > Given the > recent stories about the spike in debit card fraud recently, and that > spike > has > been tenatively traced back to a possibility of a vendor that wat was > hacked > and lost > the data (stay tuned to this story as it develops), the circumstances > that > my > account "disappeared" and the fact that creating a new account is > disabled > is > troubling. > > > > -- > Rob Frazier, CISSP, ISSAP > www.xakephet.com > 325-695-7238 Lab > 817-271-7557 > > -------------- Original message ---------------------- > From: "Steven" <[EMAIL PROTECTED]> > > Well like I said it could be a number of things but if you cannot > logon > > anymore as I said then there's a good chance of a compromise. The > whole > > part about not being able to logon anymore would indicate a > persistent > > problem that is permanent and not some problem signing on for a few > minutes. > > That would mean you couldn't logon right after getting kicked off, > 10 mins > > later, 6 hours later, 5 days later, etc. Additionally, if some > server > that > > gives a yea/nay is on a coffe + donut break -- what would that have > to do > > with kicking you offline after already being authenticated? > > > > Let's see it's been at least a day. Can you logon now? If the > answer is > > yes.. chances are someone didn't steal your account. If the answer > is > no -- > > I'll go with you're compromised or you forgot your password. > Anyway > that's > > just one possible reason which defintely occurs quite frequently to > people > > with desirable screen names or that have pissed off someone. > > > > Steven > > > > ----- Original Message ----- > > From: <[EMAIL PROTECTED]> > > To: "Steven" <[EMAIL PROTECTED]> > > Cc: "Travis Haymore" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > > <[email protected]> > > Sent: Tuesday, March 14, 2006 8:02 PM > > Subject: Re: Possible AIM Hack? > > > > On Tue, 14 Mar 2006 16:12:50 EST, Steven said: > > > logged off and can no longer logon anymore -- then that is a > different > === message truncated ===
