RE: Remote Access for Home Computers

• Previous message: Kirk Brady: "RE: IE issues"
• In reply to: nick_hunt_at_mascohq.com: "Remote Access for Home Computers"
• Next in thread: Sap .: "Re: Remote Access for Home Computers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <nick_hunt@mascohq.com>
Date: Wed, 24 Aug 2005 20:49:25 -0400

I'm sure you are not the only one having these concerns about home users.
Look for an SSL solution the will scan the endpoint prior to allowing the
user to type in his/her username and password. This will prevent
information disclosure to keystroke loggers etc. If the user has anything
malicious running on their home pc, you can prevent their access.

-----Original Message-----
From: nick_hunt@mascohq.com [mailto:nick_hunt@mascohq.com]
Sent: Tuesday, August 23, 2005 9:19 PM
To: security-basics@securityfocus.com
Subject: Remote Access for Home Computers

Hello all

I have been getting asked a lot lately about the possibility of letting
users access corporate resources with their home computers via SSL VPN that
has NAC features on it. I keep on fighting it, mostly because I think it
will cause a lot of support calls, but more importantly because I am afraid
of the possible vulnerabilities of allowing un-managed machines access to
our network. I was wondering if anyone knew of any statistics or good
articles on the letting users access corporate data with their home
machines.

The security implications that I am most worried about is:
1) worm propagation: afraid infected machine will allow a worm onto our
network. Even though the SSL vpn does a check to see if AV is running and
def's are up to date, and also does not give an IP on our network, there is
the possibility of users uploading infected files to websites or network
shares.
2) user copying confidential information to their home machines and then
that information getting comprimised. SSL vpn has the funtionality to block
copying of files down to the local machine but misconfigurations or
vulnerabilities in the VPN could allow for these controls to be subverted.
3) Machine that is infected with some type of bot getting on the VPN and
launching a denial of service attack against internal servers.

If anyone can give me more possible attacks, and more importantly any
statistics on other companies that have done this and had problems would
help me with taking this argument to my management.

Thanks for the help
Nick

• Previous message: Kirk Brady: "RE: IE issues"
• In reply to: nick_hunt_at_mascohq.com: "Remote Access for Home Computers"
• Next in thread: Sap .: "Re: Remote Access for Home Computers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]