Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•	The botnet world is booming
•	What’s driving this university to IPv6? Going green
•	IT pros continue to lose jobs
•	How ending exclusivity agreements would change the telecom industry
•	How to use electrical outlets and cheap lasers to steal data
•	EMC distances rival NetApp
•	Crime lab saves energy costs by turning up heat in the data center
•	IBM security software masks confidential info
•	Google Native Client provides hints on Chrome OS gambit
•	Ericsson signs deal to run Sprint wireless, wireline networks
•	Verizon helping companies assess application vulnerabilities
•	Internet's biggest issue? IPv6 transition, new ARIN CEO says
•	Gmail, other Google apps, out of beta
•	Microsoft may have known about critical IE bug for months
•	Symantec de-duplication strategy targets data growth, virtual machines
•	Windows 7 ramp-up will be sharp
•	More breaking news

Security /

Remote users - don't let them become your VPN's security weak link

Sign up to receive this and other networking newsletters in your inbox.

By Tim Greene
Network World on VPNs, 07/07/99

Your Internet virtual private network secures data via tunneling and encryption -- but remember to plug potential leaks outside the tunnel.

In particular, make it your business to insure the security of your remote users' PCs, especially if they are connected to your VPN via a connection such as digital subscriber line (DSL) or cable modem.

Advertisement:

Once those remote users log in to the VPN, chances are they will stay logged in all day or all week. That gives intruders from the Internet plenty of time to try hacking in with Back Orifice or some other software that takes control of the remote PC.

If that commandeered PC is logged in to your corporate network when someone takes it over, the hacker has access to everything the authorized user does.

Two suggestions:

- Set up your VPN so remote users have to respond to authentication challenges every hour or so. That assures you still have an authorized user tapping away at that keyboard.

- Limit remote user access to corporate resources. Set up authorization profiles so remote users get access to just the resources they need and nothing more. That way, if an intruder does slip in, he won't be able to do as much damage.

Tim Greene is a senior editor at Network World, covering virtual private networking gear, remote access, core switching and local phone companies. You can reach him at tgreene@nww.com.

VPNs are easy - once you get the clients installed
Network World, 05/31/99

Protocols serve up VPN security
Network World, 05/31/99

Review: VPNs
Network World, 05/10/99

Review: VPN/firewalls
Network World, 04/19/99

Archive of Network World on Virtual Private Network newsletters

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.

Click Here

alt text

Click Here

HOME

RESEARCH CENTERS

NEWS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.