If you used X509 certificate based VPN authentication, then
you could revoke the certificates as soon as the laptop is reported
stolen and keep the thieves out. Its trickier to set up, but its
definiately worth doing it in order to mitigate this risk.
On Monday 13 February 2006 05:01, Rony Romero wrote:
Depending the VPN Concentrator you can disable the save password options on
it.
Regards,
Rony
----- Original Message -----
From: "Bob WIlliams" <sopiaz57@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Sunday, February 12, 2006 9:33 AM
Subject: Testing two bank laptops. winxp vpn client
Hey All,
I have a client who wants two bank laptops tested. I want to do some
reasearch on a fix for a problem I know they are vulnerable too. They
use the WIN xp VPN client which saves the password, giving someone who
steals the laptop an easy way into the corporate network.
Does anyone know how I can disable this feature so employees cant save
the password?
--
Dr. Everett (Skip) Carter Phone: 831-641-0645 FAX: 831-641-0647
Taygeta Network Security Services email: skip@taygeta.net
1340 Munras Ave., Suite 314 WWW: http://www.taygeta.net/
Monterey, CA. 93940
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
