NetStumbler.org Forums - View Single Post

agentgrn · 03-10-2003

The VPN only secures the data transmitted from the client to the VPN server. It doesn't make the transmission any more secure in and of itself. In fact, running VPN traffic may generate more WLAN traffic due to the overhead introduced, making the key sniffing goal that much easier.

The WLAN and LAN need to be kept separate by a firewall or filtered routing device in order to ensure security.

One scenario that could happen is that someone figures out the VPN client really isn't required to access the LAN...then there's a risk for stuff to be sniffed out of the air and logged. Even if specific protocol or UN/PW information is gleaned from the potential broken network, the hacker then only has to snoop around. If your company is big enough to require 30 access points, it's possible any information on the LAN could have some value to someone. A firewall is the only device that can prevent this.

03-10-2003	#8 (permalink)
agentgrn KB1JQO - Packin' Heat Join Date: May 2002 Location: Worcester, MA Posts: 517	The VPN only secures the data transmitted from the client to the VPN server. It doesn't make the transmission any more secure in and of itself. In fact, running VPN traffic may generate more WLAN traffic due to the overhead introduced, making the key sniffing goal that much easier. The WLAN and LAN need to be kept separate by a firewall or filtered routing device in order to ensure security. One scenario that could happen is that someone figures out the VPN client really isn't required to access the LAN...then there's a risk for stuff to be sniffed out of the air and logged. Even if specific protocol or UN/PW information is gleaned from the potential broken network, the hacker then only has to snoop around. If your company is big enough to require 30 access points, it's possible any information on the LAN could have some value to someone. A firewall is the only device that can prevent this. __________________ -A.G.-