28 Jan
2003
28 Jan
'03
12:32 p.m.
at Monday, January 27, 2003 7:50 PM, alex@yuriev.com <alex@yuriev.com> was seen to say:
This is not correct. VPN simply extends security policy to a different location. A VPN user must make sure that local security policy prevents other traffic from entering VPN connection. This is nice in theory, but in practice is simply not true. even assuming that the most restrictive settings are used (user may not install software by admin setting, has no local administration on his machine, IP traffic other than via the VPN is exclusive to the vpn client) it is *still* possible that the machine could be compromised by (say) an email virus who then bypasses security by any one of a dozen routes.