SIGforum
What shows up on network firewalls when workstations use a VPN ?

This topic can be found at:
https://sigforum.com/eve/forums/a/tpc/f/320601935/m/5020029864

April 16, 2020, 08:55 AM
ensigmatic
What shows up on network firewalls when workstations use a VPN ?
quote:
Originally posted by Gear.Up:
Would you agree that it's possible to decrypt traffic via proxy server, inline method, etc.?

Sure. It's called a "Man In The Middle" attack. But it takes more than just installing a "corporate certificate" on client machines.

I don't mean to be insulting or dismissive, but an explanation of how public/private key cryptography works would take way more effort than I'm willing to expend Smile There are plenty of on-line resources, however.


"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
April 16, 2020, 09:28 AM
David Lee
Read it and thank you Rey HRH..
April 16, 2020, 10:52 AM
Gear.Up
quote:
Sure. It's called a "Man In The Middle" attack. But it takes more than just installing a "corporate certificate" on client machines.

I don't mean to be insulting or dismissive, but an explanation of how public/private key cryptography works would take way more effort than I'm willing to expend Smile There are plenty of on-line resources, however.


Yes, there are a number of ways to achieve it. A good corporate firewall will have the ability to decrypt any encrypted traffic entering and leaving the network. Thus my statement that they can see everything you're doing. We havem't even touched on remote monitoring with capture of your screen, keystrokes, etc.

My short answer to anyone asking this question is "don't use corporate assets for personal stuff." That also applies to a personal mobile phone or tablet with company email / mgmnt. software. Use a second device...