On 10/28/2013 06:17 PM, Tai Nguyen (tainguye) wrote:
Hi all,
Has anyone created rules to support AnyConnect VPN app yet? I see the
following rules in seandroid 4.2 branch
#
# 3rd party VPN clients that have seinfo=vpn in mac_permissions.xml
# This is a more secure alternative to
From: owner-seandroid-l...@tycho.nsa.gov
[mailto:owner-seandroid-l...@tycho.nsa.gov] On Behalf Of Tai Nguyen (tainguye)
Sent: Tuesday, October 29, 2013 8:53 AM
To: William Roberts
Cc: seandroid-list@tycho.nsa.gov
Subject: Re: Rules for AnyConnect VPN app
It seems like Android provides
@tycho.nsa.gov
Subject: RE: Rules for AnyConnect VPN app
From:
owner-seandroid-l...@tycho.nsa.govmailto:owner-seandroid-l...@tycho.nsa.gov
[mailto:owner-seandroid-l...@tycho.nsa.gov] On Behalf Of Tai Nguyen (tainguye)
Sent: Tuesday, October 29, 2013 8:53 AM
To: William Roberts
Cc: seandroid-list
If anyconnect is touching iptables directly then your running a rooted
version of the application. I would recommend you use one that makes use of
Android's VPNService. I would also discourage use of vpn_app, as that will
probably go away in the future. All 3rd party apps should run in untrusted,