I can tell you of cases where users with tunnels to their office that were running Webservers back in the CodeRed days were wreaking HAVOC on their corporate networks. My old company spent weeks trying to identify the source of the problem. It really is a pretty trivial avenue to exploit. If you are Joe Social Engineer and you want to break into Widgets Inc. that would probably be the first avenue of attack you would look to do. Virtually no logging of intrusions. Oblivious user. Often full reign of the corporate treasures. In many corporate worlds VPN users are treated as fully trusted hosts. You could go MONTHS without detection. The question isn't whether a Joe Cracker has broken in this way. The question is why WOULDN'T they use this method? -----Original Message----- From: Jim MacLeod [mailto:jmacleodat_private] Sent: Wednesday, October 09, 2002 6:21 PM To: firewall-wizardsat_private Subject: [fw-wiz] Tunnel intruder There's a lot of FUD being touted by firewall vendors about the possibility of a home computer being hacked, then the attacker using that computer's VPN connection to the office to break into the company network. I can see this as a possibility and realize that we could easily get into an extended discussion of the probability/impossibility/inevitability of it occurring. I personally want to avoid speculation. Does anybody know of an actual incident where this attack was used, successfully or not? Thanks, -Jim _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards ***************************************************************** Ryan Beck & Co.'s e-mail system is for business purposes only. Messages are not confidential. All e-mail may be reviewed by authorized supervisors, compliance or internal audit personnel. E-mail may be archived and produced to others. Ryan Beck will not accept trade order instructions via e-mail. Please telephone your Financial Consultant to place trade orders. Ryan Beck & Co. ***************************************************************** _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Wed Oct 09 2002 - 17:03:43 PDT