Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: [VPN] Application timeouts over VPN...HELP!
.

  • To: [EMAIL PROTECTED]
  • Subject: Re: [VPN] Application timeouts over VPN...HELP!
  • From: Alex Pankratov <[EMAIL PROTECTED]>
  • Date: Wed, 09 Apr 2003 13:13:40 -0700
  • In-reply-to: <[EMAIL PROTECTED]>
  • References: <[EMAIL PROTECTED]>
  • Sender: [EMAIL PROTECTED]
.
 

Ryan Malayter wrote:
From: Alex Pankratov [mailto:[EMAIL PROTECTED]
can you explain why *exactly* it's a "bad security" ? Especially given that the TCP connection in question is IPsec'ed in first place. 

If the tunnel is left open, and the engineer's workstation is online and
idle, the workstation becomes a vector for compromising the security of
the encrypted traffic.


That's not what I asked about. The question was how keeping *TCP
sessions* open reduces overall VPN security. Let me rephrase it -
which attacks mountable against VPNs would have a lesser chances of
succeeding if all TCP connections are short-lived ?


[bunch of unrelated to TCP question stuff snipped]


_______________________________________________
VPN mailing list
[EMAIL PROTECTED]
http://lists.shmoo.com/mailman/listinfo/vpn
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.