how secure is a VPN
Jeffrey Goldberg
jeffrey at goldmark.org
Wed Jun 6 12:54:40 UTC 2007
On Jun 6, 2007, at 4:06 AM, Steven wrote:
> I have setup various VPN links using a variety of routers and
> configurations, and always been under the assumption that they are
> fairly
> well secured if setup correctly. Now I understand that the level of
> security will differ depending on your particular setup. However I
> guy I
> know who runs a rather large ISP claims that under the current SA
> infrastructure VPN's are simply not secure at all.
>
> Does anybody have any thoughts on this, am I blissfully unaware, is
> there
> some truth behind this?
I think that people saying it is secure and people saying it isn't
secure are talking about different things.
Most VPN set-ups do what they are supposed to do "securely". But
often what they are supposed to do is "insecure". What I mean by
the latter is that they often allow unsecured home machines which
may be compromised in many different ways join a "secure" remote
internal network.
That is, people typically use VPNs to allow external machines (or
networks) to join a local network. That's what they do. But
allowing that can be very insecure. Basically it is important to by
distrustful of hosts on the VPN.
Again, I'm just guessing at what might be behind the seemingly
contradictory claims that you've heard.
Cheers,
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/
More information about the freebsd-questions
mailing list