Security Basics mailing list archives
RE: Cisco VPN Client - Stateful Firewall
From: "Rosenhan, David" <David.Rosenhan () swiftbrands com>
Date: Tue, 24 Feb 2004 14:44:53 -0700
Omar, I used to work for Cisco on the VPN team and when the VPN client stateful firewall was checked it only allowed outgoing connections for ESP and ISAKMP traffic, basically it blocked everything but VPN traffic incoming and outgoing. It is a very basic firewall, mostly used for users that are not doing any split-tunneling and if you can't afford a 3rd party firewall solution. I would suggest enabling it and then run a program called LanGuard against the IP address of the computer. LanGaurd has a 30 day trial version out there you can download, you will probably need to google it.
From here you should be able to tell what is left open when it is
enabled. Thanks! David Rosenhan, CCNP Information Technology -----Original Message----- From: Omar Khawaja [mailto:omarkhawaja () yahoo com] Sent: Monday, February 23, 2004 9:01 AM To: security-basics () securityfocus com Subject: Cisco VPN Client - Stateful Firewall Does anyone have any thoughts on how secure the "Stateful Firewall", that is integrated with the Cisco VPN Client, is? I was hoping someone may have done some penetration testing targeted at this particular feature of the product. ___ Omar Khawaja ------------------------------------------------------------------------ --- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_security-basics_040219 ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Cisco VPN Client - Stateful Firewall Omar Khawaja (Feb 24)
- <Possible follow-ups>
- RE: Cisco VPN Client - Stateful Firewall Rosenhan, David (Feb 25)
- RE: Cisco VPN Client - Stateful Firewall Rosenhan, David (Feb 25)
- RE: Cisco VPN Client - Stateful Firewall jamesworld (Feb 25)