Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Bypassing SecureClient security policy.

To: [email protected]
Subject: Re: [FW-1] Bypassing SecureClient security policy.
From: Arnor Arnason <[email protected]>
Date: Thu, 31 Jan 2002 00:21:07 -0000
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>
Thread-index: AcGpZ2PWQPiRn+rJT2m1t85q+51MSQAUTtkg
Thread-topic: FW-1-MAILINGLIST Digest - 28 Jan 2002 to 29 Jan 2002 (#2002-29)

James and David,

there is a selection in NG under 'Global Properties'->'Desktop Security'
called 'Desktop Configuration Verification'->'Policy is installed on all interfaces'

If you have this selected, you will not get a verification on the SCV on the client, and therefore the VPN will not work, unless the Secureclient is bound to all interfaces - at least that is how I understand it.

Regards,
Arnor Arnason, CCSA/CCSE
EJS
Iceland

----------------------------------------
Date:    Tue, 29 Jan 2002 03:10:29 -0600
From:    David Phillips CISSP <[email protected]>
Subject: Re: Bypassing SecureClient security policy.

James
Just for kicks I tried this scenario, in fact I was able to circumvent the
policy.

 Regards

 David Phillips CISSP MCSE
 Ft Worth, TX 76112http://www.shadowbiz.net


-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of James
Kilton
Sent: Monday, January 28, 2002 10:25 PM
To: [email protected]
Subject: [FW-1] Bypassing SecureClient security policy.


Is it possible for one to get around a SecureClient
security policy by having 2 NIC's in the machine?  For
example, if one has 2 NIC's in their machine at home
can they bind SecureClient to only one of them,
thereby preventing the security policy from being
enforced on the second?

Thank you.

__________________________________________________
Do You Yahoo!?
Great stuff seeking new owners in Yahoo! Auctions!
http://auctions.yahoo.com

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: [FW-1] Proxy/Accelerator access blocked by rule 0
Next by Date: [FW-1] Problems with CiscoDLSw
Previous by thread: Re: [FW-1] Bypassing SecureClient security policy.
Next by thread: [FW-1] Ben Petty is out of the office.
Index(es):
- Date
- Thread