[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Clientless VPN

Subject: [ale] Clientless VPN
From: cfowler at outpostsentinel.com (Chris Fowler)
Date: Thu, 26 Aug 2010 19:15:25 -0400
In-reply-to: <[email protected]>
References: <1282861332.1803.123.camel@cfowler-desktop> <[email protected]>

On Thu, 2010-08-26 at 19:05 -0400, Jim Kinney wrote:
> don't (and WON'T) use it as it's a feeble excuse for a vpn. It
> basically uses a browser session to establish an SSL connection to the
> home office. That usually loads a java app back to the kiosk client.
> Sometimes these are VNC things and sometimes they are little more than
> file managers. Most require some form of user authentication
> (password) to activate the client code sent back to the browser.
> 
> As the article states, the basic insecurity of the system is the
> client itself. Since you don't know what kind of code has been
> installed (keystroke loggers in particular) the "protection" is only
> as good as the system you are using. 

So these do not provide ip connectivity?  Maybe something similar in
process as ssh port redirection?

Follow-Ups:
- [ale] Clientless VPN
  - From: jim.kinney at gmail.com (Jim Kinney)

References:
- [ale] Clientless VPN
  - From: cfowler at outpostsentinel.com (Chris Fowler)
- [ale] Clientless VPN
  - From: jim.kinney at gmail.com (Jim Kinney)

Prev by Date: [ale] Clientless VPN
Next by Date: [ale] Clientless VPN
Previous by thread: [ale] Clientless VPN
Next by thread: [ale] Clientless VPN
Index(es):
- Date
- Thread