Is this totally un-secure?
From: Paul Kavanagh (pkavanagh_at_ntlworld.com)
Date: 01/31/04
- Next message: Lanwench [MVP - Exchange]: "Re: Prevent copying files from CDROM"
- Previous message: kurttrail: "Re: MicroMonopoly aids Terrorism?"
- Next in thread: S. Pidgorny
: "Re: Is this totally un-secure?" - Reply: S. Pidgorny
: "Re: Is this totally un-secure?" - Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 31 Jan 2004 00:57:50 -0000
Today I setup my 1st VPN server using SBS2000 on a fixed IP ADSL connection
and it actually works! What I don't know is how secure it is. I've ran
audits using the securityspace.com standard audit service and it's found no
high or medium vulnerabilities.
A very loose overview of what I did is below:
Applied all service packs and critical updates. Installed & configured IIS
lockdown tool and URLScan. Setup RRAS to accept incoming VPN clients (5 x
l2tp ports), allowed vpnclients in ISA Server - disabled allow PPTP packet
filters. Installed Stand-alone CA with web enrollment enabled on SBS server
and set it so administrator has to approve all requests.
All of this has resulted in a working l2tp VPN! When connected if I look at
the connection status it says I am using L2TP/IPSEC with encryption.
I realise the above is very general but what I am looking for here is to see
if I've missed anything really really important.
All comments are very welcome (though go easy, I'm just amazed the bloody
thing worked!)
Cheers,
Paul.
- Next message: Lanwench [MVP - Exchange]: "Re: Prevent copying files from CDROM"
- Previous message: kurttrail: "Re: MicroMonopoly aids Terrorism?"
- Next in thread: S. Pidgorny
: "Re: Is this totally un-secure?" - Reply: S. Pidgorny
: "Re: Is this totally un-secure?" - Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
