لطفا منتظر باشید ...
Potential
Security Risks with a VPN
VPNs are intended, in part, as a tool for
increasing a network's security. They can easily become a doorway through which
intruders can enter, though. VPNs are frequently explained through diagrams
like
the way the various VPN components are tied together. Such figures don't
emphasize strongly enough that many of the links are actually two links. For instance, consider a PPTP VPN in which
a central network uses a VPN router to communicate in a secure way with Windows
computers. Those Windows computers actually have two
network interfacesone for the VPN and one for their normal Internet
connections. Depending upon the firewall rules on the VPN router itself, the logical configuration of such a network might more
closely resemble that shown in
Figure 26.7. Although a
VPN provides secure links between systems or networks, both sides of the VPN
link normally have direct Internet connections, and those can be abused.
VPN clients more than it trusts hosts on the Internet at large. The VPN
clients, though, have their own independent links to the Internet (in fact,
those links are usually the means by which the VPN connection is established). Thus,
unless security on the VPN clients is quite strong, they can become a means of
attack. If the VPN or any other intervening firewalls or security tools treat
VPN clients as truly local, the security provided by those firewalls and other
security measures isn't nearly as good as it might at first appear. For instance,
consider the case of an Internet worm or virus that attacks random computers. You
might build protections from such attacks into your regular firewall. If a VPN
client is compromised, though, and if the firewall protection doesn't apply to
VPN clients, the worm or virus will quickly find its way into your allegedly
protected network.There are two approaches to restoring
security in the face of potential VPN bypasses: Secure both ends of
the VPN If both ends of a VPN connection boast
equivalent security, then the network as a whole remains secure. This approach
is common when a VPN links entire networks; typically, both VPN routers or
separate firewall systems protect all forms of entry. Such a configuration is
trickier when the VPN links individual telecommuters or the like, because the
number of VPN end-points can be quite high, and those systems may not be under
your direct control. If an employee decides to install a potentially risky
program on a home computer, there may be little you can do to stop it. Don't trust VPN
clients You might install firewall rules that
deny certain types of access to the VPN clients, in effect relegating them to
"second-class" status within your network's hierarchy. Taken to an
extreme, this approach eliminates all benefits of the VPN, but you might use it
to give your local network some protection. If
your VPN users won't be using X, for instance, you could block the X protocols
to VPN clients but not to local systems, thus reducing the chance of an X-based
attack succeeding through the VPN.In many cases, a combination of these two
approaches is appropriate. You might insist that employees who use PPTP client
software install firewall packages as well, and give them access only to
particular local computers or protocols. You can use the Linux iptables command (described in
configure these restrictions. When both ends of the VPN are under your complete
control, you can rely more upon the first approach, because you can configure
identical security measures on both Internet access points.
