RE: Security from VPN connections
From: Blom, Casper A SITI-ITDPET (Casper.Blom_at_Shell.com)
Date: 08/27/03
- Previous message: Tomasz Barbaszewski: "Re: Terminal Services over VPN"
- Next in thread: Anstett, Brad: "RE: Security from VPN connections"
- Maybe reply: Anstett, Brad: "RE: Security from VPN connections"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 27 Aug 2003 11:44:29 +0200 To: "Christopher Joles" <CJoles@proteabhs.com>, <Security-basics@securityfocus.com>
I would consider the following securityfocus article describing tarpits:
http://www.securityfocus.com/infocus/1723
I find it a very good starting point to gain time to better get countermeasures in with such attacks.
Casper Blom
Network security
SSCplus
-----Original Message-----
From: Christopher Joles [mailto:CJoles@proteabhs.com]
Sent: Tuesday, August 26, 2003 5:57 PM
To: Security-basics@securityfocus.com
Cc: Firewalls@securityfocus.com
Subject: Security from VPN connections
Good Day All!
I'm looking for design advice.
Currently, I have a network that is protected by a Cisco PIX 515 =
firewall. We have it configured to protect our internal network along =
with supplying access to our DMZ which holds our email and web servers.
My concern arises from the spread of the blaster worm. Currently we =
give a couple employees (the boss, the CFO and myself) VPN access from =
home. In this scenario, the bosses home computer was compromised by the
= blaster worm and luckily for me, he was on vacation in Germany at the
= time. If he wasn't, he most assuridly would have made a VPN
connection = and the lovely blaster worm would have gotten through our
defenses. = Keep in mind, I had applied the MS patch to our servers and
= workstations, however, it would have still gotten "inside". How can I
= redesign my network to either firewall the VPN connections or at a =
minimum filter them.
Thanx for your opinions in advance!
Christopher J. Joles
Chief Information Officer
PROTEA Behavioral Health Services
187 Exchange St.
Bangor, ME 04401
Phone: (207)992-7010 Ext: 245 Fax:(207)992-7011
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event. Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------
- Previous message: Tomasz Barbaszewski: "Re: Terminal Services over VPN"
- Next in thread: Anstett, Brad: "RE: Security from VPN connections"
- Maybe reply: Anstett, Brad: "RE: Security from VPN connections"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
