[ale] Clientless VPN

Ryan Neily ryan at neily.net
Thu Aug 26 19:52:50 EDT 2010 

Some do full ip access over ssl. Check out Aventail (now owned by Soncwall)

Sent from my iPhone

On Aug 26, 2010, at 7:24 PM, Jim Kinney <jim.kinney at gmail.com> wrote:

> I'm not sure. It _may_ do some IP stuff but the ones I've seen (been a while) were just file access or remote control things.
> 
> For a java app to be able to touch networking, that's already a big scary no-no in client security.
> 
> On Thu, Aug 26, 2010 at 7:15 PM, Chris Fowler <cfowler at outpostsentinel.com> wrote:
> On Thu, 2010-08-26 at 19:05 -0400, Jim Kinney wrote:
> > don't (and WON'T) use it as it's a feeble excuse for a vpn. It
> > basically uses a browser session to establish an SSL connection to the
> > home office. That usually loads a java app back to the kiosk client.
> > Sometimes these are VNC things and sometimes they are little more than
> > file managers. Most require some form of user authentication
> > (password) to activate the client code sent back to the browser.
> >
> > As the article states, the basic insecurity of the system is the
> > client itself. Since you don't know what kind of code has been
> > installed (keystroke loggers in particular) the "protection" is only
> > as good as the system you are using.
> 
> So these do not provide ip connectivity?  Maybe something similar in
> process as ssh port redirection?
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
> 
> 
> 
> -- 
> -- 
> James P. Kinney III
> I would rather stumble along in freedom than walk effortlessly in chains.
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20100826/89a119ba/attachment.html

More information about the Ale mailing list