Re: ISA firewall problem?
- From: "Steve Foster [SBS MVP]" <steve.foster@xxxxxxxxxxxxx>
- Date: Sat, 23 Apr 2005 15:27:38 -0700
Jim Magee wrote:
>point where it is acting as a router or proxy, this doesn't go away when a single tunnel VPN is invoked. The compromised machine would still be accessible from the internet.
> In split-tunnel mode, it's possible for the remote machine to act as if
> it were a router. Information can flow to/from the internet, and can
> then in turn flow to/from your LAN, and vice versa.
>
> Without the split tunnel, there can be no flow to/from the internet
> (other than through SBS and controlled by ISA).
My understanding is that if the remote machine is compromised to the
The point is that in split-tunnel mode, it's automatically capable of transferring information between networks, without any compromise.
Without a split-tunnel, unless the TCP/IP stack itself has been compromised, the internet connection is effectively broken.
-- Steve Foster [SBS MVP] --------------------------------------- MVPs do not work for Microsoft. Please reply only to the newsgroups. .
- References:
- ISA firewall problem?
- From: Torrey Lauer
- Re: ISA firewall problem?
- From: Jim Magee
- Re: ISA firewall problem?
- From: Steve Foster [SBS MVP]
- Re: ISA firewall problem?
- From: Jim Magee
- Re: ISA firewall problem?
- From: Steve Foster [SBS MVP]
- Re: ISA firewall problem?
- From: Jim Magee
- ISA firewall problem?
- Prev by Date: Re: Using Outlook Express to check mail from SBS 2003 Std
- Next by Date: Re: ISA firewall problem?
- Previous by thread: Re: ISA firewall problem?
- Next by thread: Re: ISA firewall problem?
- Index(es):
Relevant Pages
|
