Omar,
I used to work for Cisco on the VPN team and when the VPN client
stateful firewall was checked it only allowed outgoing connections for
ESP and ISAKMP traffic, basically it blocked everything but VPN traffic
incoming and outgoing. It is a very basic firewall, mostly used for
users that are not doing any split-tunneling and if you can't afford a
3rd party firewall solution.
I would suggest enabling it and then run a program called LanGuard
against the IP address of the computer. LanGaurd has a 30 day trial
version out there you can download, you will probably need to google it.
>From here you should be able to tell what is left open when it is
enabled.
Thanks!
David Rosenhan, CCNP
Information Technology
-----Original Message-----
From: Omar Khawaja [mailto:omarkhawaja_at_yahoo.com]
Sent: Monday, February 23, 2004 9:01 AM
To: security-basics_at_securityfocus.com
Subject: Cisco VPN Client - Stateful Firewall
Does anyone have any thoughts on how secure the "Stateful Firewall",
that is
integrated with the Cisco VPN Client, is? I was hoping someone may have
done
some penetration testing targeted at this particular feature of the
product.
___
Omar Khawaja
------------------------------------------------------------------------
---
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_security-basics_040219
------------------------------------------------------------------------
----
---------------------------------------------------------------------------
----------------------------------------------------------------------------
Received on Feb 25 2004
Intro
