[olug] SSL VPN Vulnerabilities?

Jim jameso at elwood.net
Thu May 19 21:59:14 UTC 2005 

Ahh, I see.

Really, an SSL VPN done right is no more or less secure then a IPsec  
VPN. SSL VPNs just use SSL as the underlying encryption.

I would however be skeptical of any sort of VPN that claimed it ran  
through a web browser.

Jim

On May 19, 2005, at 3:14 PM, Rob Townley wrote:

> Thanks for pointing that out.  I was not referring to openvpn, but
> vpns and security in general.  The article i read on nwfusion.com
> would lead one to believe a web browser is commonly used.
>
> But still,
>
> On 5/19/05, Jim <jameso at elwood.net> wrote:
>
>> The SSL VPN tools I know of, like OpenVPN, are completely separate
>> from your web browser.
>>
>> http://openvpn.net/howto.html
>>
>> I would read the docs again, as it sounds like you missed some of the
>> basics of the program.
>>
>> I highly recommend OpenVPN. It is not *better* then IPsec, but it
>> fits some needs. It is very easy to set up different VPNs between
>> different Operating systems. It is not without its problems as well,
>> but in some cases it is a better choice then std IPsec.
>>
>> Jim
>>
>> On May 19, 2005, at 10:04 AM, Rob Townley wrote:
>>
>>
>>>  I have just been reading about how much easier SSL vpns are to
>>> maintain and get working from anywhere through a firewall.  I am a
>>> skeptic.  If your browser is hijacked (or maybe you have a keystroke
>>> logger), isn't it possible that when the end user types in their
>>> password, they are unknowningly giving a copy of the key away?    
>>> Or is
>>> an SSL vpn capable of doing a network quarantine such as check for
>>> latest virus signatures, firewall, and security updates before  
>>> the end
>>> user is prompted to type in a password?
>>> _______________________________________________
>>> OLUG mailing list
>>> OLUG at olug.org
>>> http://lists.olug.org/mailman/listinfo/olug
>>>
>>>
>>>
>>
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> http://lists.olug.org/mailman/listinfo/olug
>>
>>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>
>

More information about the OLUG mailing list