Re: How can I deny VPN access based on Virus DAT
- From: Mario Platt <mplatt@xxxxxxxxx>
- Date: Fri, 6 Jan 2006 10:03:44 +0000
For Cisco NAC, you establish the VPN, but if you don't have everything
in place (AV up-to-date, OS patched, see if corporate image (OS) has
been modified), you get imediately disconnected. I can't really tell
you what kind of variables it checks, but I've seen it work and it
does a great job. If anyone has NAC setup and could run sysinternals
tool on it,it would be nice. As for the other vendors of this kind of
solution, I know they exist but haven't actually see it working.
On 1/5/06, Ansgar -59cobalt- Wiechers <bugtraq@xxxxxxxxxxxxxxxx> wrote:
> On 2006-01-03 Nick Duda wrote:
> > Can anyone explain the different products and/or procedures in using a
> > VPN device for telecommuters with the ability to deny VPN access if
> > they dona?Tt have Antivirus or their Antivirus DAT's are not up to
> > date.
>
> How are you going to verify that without already establishing the VPN?
> Do you want to rely on the client telling you "yep, ev'rything's just
> fine"? Why would $MALWARE refrain from forging that claim?
>
> Regards
> Ansgar Wiechers
> --
> "All vulnerabilities deserve a public fear period prior to patches
> becoming available."
> --Jason Coombs on Bugtraq
>
> ---------------------------------------------------------------------------
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The Norwich University program offers unparalleled Infosec management
> education and the case study affords you unmatched consulting experience.
> Tailor your education to your own professional goals with degree
> customizations including Emergency Management, Business Continuity Planning,
> Computer Emergency Response Teams, and Digital Investigations.
>
> http://www.msia.norwich.edu/secfocus
> ----------------------------------------------------------------------------
>
>
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------
- References:
- How can I deny VPN access based on Virus DAT
- From: Nick Duda
- Re: How can I deny VPN access based on Virus DAT
- From: Ansgar -59cobalt- Wiechers
- How can I deny VPN access based on Virus DAT
- Prev by Date: RE: Two Factor authentication and changing passwords
- Next by Date: Re: Detecting vulnerabilities to write exploits
- Previous by thread: Re: How can I deny VPN access based on Virus DAT
- Next by thread: RE: How can I deny VPN access based on Virus DAT
- Index(es):
Relevant Pages
|
