[Gllug] [OT] SSH or VPN?
Tom Weissmann
trmsw at yahoo.co.uk
Thu Sep 27 15:15:26 UTC 2007
Andrew Roberts wrote:
> On 27/09/2007, Bruce Richardson <itsbruce at workshy.org> wrote:
>> And what is it that you do to prevent the virtual instance from
>> connecting to your local network? Unless the physical machine has a
>> separate NIC used only by the virtual one, with separate
>> cabling/switching/vlanning that leads only to the Net and not to your
>> local network, then the virtual instance really does have access to your
>> local network and the assurance offered to the client is just an
>> illusion, surely.
>
> The VPN clients that we use specifically deny access to the local
> network. Typically, they run under Windows although I believe it is
> possible to do this in Linux as well. It doesn't matter if the machine
> is virtual or not in terms of separating it from the network in this
> way as VMWare only provides 'console' access to the VM from the host
> machine.
Yes, the VPN program we have removes any routing to the local network
and raises an angry error if anyone innocently tries to modify the
routing table (not me, honest).
Cheers,
Tom
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list