[olug] SSL VPN Vulnerabilities?
Rob Townley
rob.townley at gmail.com
Thu May 19 15:04:31 UTC 2005
I have just been reading about how much easier SSL vpns are to
maintain and get working from anywhere through a firewall. I am a
skeptic. If your browser is hijacked (or maybe you have a keystroke
logger), isn't it possible that when the end user types in their
password, they are unknowningly giving a copy of the key away? Or is
an SSL vpn capable of doing a network quarantine such as check for
latest virus signatures, firewall, and security updates before the end
user is prompted to type in a password?
More information about the OLUG
mailing list