[olug] SSL VPN Vulnerabilities?
Jim
jameso at elwood.net
Thu May 19 15:48:03 UTC 2005
The SSL VPN tools I know of, like OpenVPN, are completely separate
from your web browser.
http://openvpn.net/howto.html
I would read the docs again, as it sounds like you missed some of the
basics of the program.
I highly recommend OpenVPN. It is not *better* then IPsec, but it
fits some needs. It is very easy to set up different VPNs between
different Operating systems. It is not without its problems as well,
but in some cases it is a better choice then std IPsec.
Jim
On May 19, 2005, at 10:04 AM, Rob Townley wrote:
> I have just been reading about how much easier SSL vpns are to
> maintain and get working from anywhere through a firewall. I am a
> skeptic. If your browser is hijacked (or maybe you have a keystroke
> logger), isn't it possible that when the end user types in their
> password, they are unknowningly giving a copy of the key away? Or is
> an SSL vpn capable of doing a network quarantine such as check for
> latest virus signatures, firewall, and security updates before the end
> user is prompted to type in a password?
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>
>
More information about the OLUG
mailing list