Security::Virus::VPN
"Nothing Works!"
NOTHING WORKS! I hear that from people all the time when describing their computer problems. A recent experience with a high profile user's home computer has provided me with some insights and downright fear about future security.
When I visited his home and sat down at his computer I learned that it was true NOTHING WORKED! Got logged in to XP okay, but every shortcut I clicked, "can't find ...." I tried START > RUN > IEXPLORE -> "can't find ..." Then I tried RUN > CMD.EXE -> didn't work. But, RUN > COMMAND.COM worked okay. I went directly to the WINDOWS\SYSTEM32 directory and ran CMD.EXE from the COMMAND shell and it worked fine. (I then had support for long file/directory names and other items I missed greatly under the DOS5 shell clone of COMMAND.COM.) At my CMD prompt I went to C:\PROGRAM FILES\INTERNET EXPLORER and ran IEXPLORE.EXE and it worked! Then I proceeded on an interesting journey of recovery and I had a long time to think about life during reboots and virus scans. During my contemplation, as it all sunk in, I've changed my mind about wanting VPN access for our network. This person was infected with a Klez variant virus. After several hours of work cleaning up the virus almost everything is back to normal. Reading all the vendor propaganda about VPN you would think that the level of encryption of the tunnel is the only security issue with VPN. However, imagine that you have a VPN open to all your employees. Further imagine this big shot bought a new computer and cable modem for Christmas and never installs a personal firewall and then a few weeks later his trial version of NAV expire and gets infected with a virus. This could be a virus or trojan that attaches to available network shares and copies itself there or infects or damages those files. It could be a trojan that sends copies of files or other information to people in the address book or uploads them to a hackers machine. Or it could make his machine a zombie for hackers to take over. We barely have control over user installing and reconfiguring our company computers, we definitely have no control over what mess that home computers might be in. And when you read about companies that have a VPN, but only allow it from company computers, and don't allow personal software installed on company computers.... That "policy" just would make a VPN in our organization not worth the capability. If we have to take our computer with us, then this really wouldn't be as widely useful in our situation. And who is going to police those policies? If we were a huge corporation and hardly ever got ahold of sales persons laptops there would still be very little control over what they did to them.
http://www.microsoft.com/technet/security/bulletin/MS01-020.asp.
No comments:
Post a Comment