[Dshield] General security question

Vince Flammia vflammia at shoppersdrugmart.ca
Fri Nov 22 19:35:32 GMT 2002


I have found people who work for associate companies (i.e. auditors)
connect to our internal network. 
They are served a valid dhcp address which then allows them to access
the Internet via a valid proxy server.
They are then using a piece of software which uses SSL to connect to an
outside SSL server (similar to a clientless VPN). They are then able to
transfer files to their machines into our network. 

This does not seem very secure to me but "the business" allows our
auditors to connect to our network and we do allow our internal users
http access o the Internet. Since this traffic is all valid, according
to our network structure (proxy, firewalls, etc), and because the
traffic is SSL I cannot see what is really happening. Can I take any
further steps to protect our internal network?




More information about the list mailing list