Home page logo
/

basics logo Security Basics mailing list archives

Re: How can I deny VPN access based on Virus DAT
From: Mario Platt <mplatt () gmail com>
Date: Fri, 6 Jan 2006 10:03:44 +0000

For Cisco NAC, you establish the VPN, but if you don't have everything
in place (AV up-to-date, OS patched, see if corporate image (OS) has
been modified), you get imediately disconnected. I can't really tell
you what kind of variables it checks, but I've seen it work and it
does a great job. If anyone has NAC setup and could run sysinternals
tool on it,it would be nice. As for the other vendors of this kind of
solution, I know they exist but haven't actually see it working.

On 1/5/06, Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net> wrote:
On 2006-01-03 Nick Duda wrote:
Can anyone explain the different products and/or procedures in using a
VPN device for telecommuters with the ability to deny VPN access if
they dona?Tt have Antivirus or their Antivirus DAT's are not up to
date.

How are you going to verify that without already establishing the VPN?
Do you want to rely on the client telling you "yep, ev'rything's just
fine"? Why would $MALWARE refrain from forging that claim?

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault