[ale] Clientless VPN

Jim Kinney jim.kinney at gmail.com
Thu Aug 26 19:05:04 EDT 2010


don't (and WON'T) use it as it's a feeble excuse for a vpn. It basically
uses a browser session to establish an SSL connection to the home office.
That usually loads a java app back to the kiosk client. Sometimes these are
VNC things and sometimes they are little more than file managers. Most
require some form of user authentication (password) to activate the client
code sent back to the browser.

As the article states, the basic insecurity of the system is the client
itself. Since you don't know what kind of code has been installed (keystroke
loggers in particular) the "protection" is only as good as the system you
are using.

On Thu, Aug 26, 2010 at 6:22 PM, Chris Fowler
<cfowler at outpostsentinel.com>wrote:

> As I dive into OpenVPN naturally I am doing a bit of goolging on the
> subject.  The pros of cons of tun vs tap, tcp vs udp, etc.  i found this
> article.
>
> http://www.linux.com/archive/feature/48330
>
> I've heard of 'Clientless VPNs' but am befuddled as to how they actually
> work or are implemented in the client.  For example, on Windows you must
> first install the TAP-Win32 driver so that OpenVPN can work.  This
> article mentions the ability to go to any location (cafe) get on their
> computer and open up a VPN.  Can anyone that uses this mess give me some
> insight on the internals and how it works on the client?
>
> Chris
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>



-- 
-- 
James P. Kinney III
I would rather stumble along in freedom than walk effortlessly in chains.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20100826/059834ed/attachment.html 


More information about the Ale mailing list