VPN clients and security models

alex at yuriev.com alex at yuriev.com
Tue Jan 28 16:52:39 UTC 2003


> > This is not correct. VPN simply extends security policy to a different
> > location. A VPN user must make sure that local security policy
> > prevents other traffic from entering VPN connection.

> This is nice in theory, but in practice is simply not true. even
> assuming that the most restrictive settings are used (user may not
> install software by admin setting, has no local administration on his
> machine, IP traffic other than via the VPN is exclusive to the vpn
> client) it is *still* possible that the machine could be compromised by
> (say) an email virus who then bypasses security by any one of a dozen
> routes.

Welcome to the world of formal security models. If in theory a VPN is
nothing more than a tool of extending the security policy of a site to a
remote location, then it does not matter what kind of things you try to
achieve with it, it *wont* work for anything other than extending a security
model of a site to a remote location. Can one try to use it for something
else? Sure, one can. It may even work for a little bit, as long as it does
not contradict that security model. 

Your VPN connection dropped you back into your site. If it is site's
security model that all mail comes in and goes out via some mail server that
filters out email viruses, and via VPN you are virtually in a footprint of
that site, then why are you not using the site mail server or why is the VPN
client lets you not use it? If it does not enforce the site's security
policy, then it is a BAD VPN client.

Alex




More information about the NANOG mailing list