[ale] IPSec question
Geoffrey
esoteric at 3times25.net
Tue Jul 20 12:26:51 EDT 2004
Stephan Uphoff wrote:
> Geoffrey wrote:
>
>>Because they are supporting the service. Again, you're at their mercy.
>> Most companies don't permit just anyone vpn type connectivity. Since
>>you don't 'manage' the firewall in question, you'll have to work with
>>each company to get ipsec connectivity.
>
>
> But you can tunnel over HTTP/DNS/SMTP/ICMP....... any protocol };-)
>
> You can easily leak informations through firewalls and even gateways
> if you control machines on both sides.
You might want to concern yourself with company policies in this area.
I'll have to admit, my suggestions were assuming you were going to do
things according to existing policies...
--
Until later, Geoffrey Registered Linux User #108567
Building secure systems in spite of Microsoft
More information about the Ale
mailing list