Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: SSL VPNs and security
From: "Brian Eaton" <eaton.lists () gmail com>
Date: Fri, 9 Jun 2006 10:11:55 -0400

On 6/9/06, Tim <tim-security () sentinelchicken org> wrote:
Set up a wildcard record, *.webvpn.example.org, pointing to the device.
The device then maps all internal domain names or IP addresses to a
unique hostname, such as:  internalhost.webvpn.example.org, or
192-168-0-1.webvpn.example.org, etc.

Wouldn't this properly segment different internal sites, such that an
XSS in one wouldn't impact the other?  If so, pay attention all SSL VPN
vendors: it is your free idea for the week.

That depends on whether the solution tries to solve single-sign-on
problems as well.  If the vendor is trying to handle SSO in such an
environment, then they are probably using domain cookies.  The
problems are exactly the same as the ones Michal listed, plus some
additional ones specific to domain cookies.

- Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]