Reply to post: Re: .NET 4.0.30319

This page is currency unavailable... Travelex scrubs UK homepage, kills services, knackers other sites amid 'software virus' infection

Anonymous Coward
Anonymous Coward

Re: .NET 4.0.30319

"thus a VPN connection can be hacked/initiated/abused with a brute force hack (often)"

If you can brute-force your VPN solution, it hasn't been configured correctly. IPsec VPN's require a shared secret/client certificate to proceed to the authorisation step and SSLVPN's can be configured with similar client certificate checks or some other pre-authorisation check to ensure brute forcing requires the pre-authorisation to be brute forced before attempting username/password attacks.

"I might not make myself popular with my statements, but I trust Microsoft more to mitigate these flaws than I do Cisco (at the ASA level)."

Assuming you patch both Microsoft and Cisco solutions, the Cisco solution allows you to adopt a higher level of security than is possible with Microsoft RDP solutions. If you are comparing a patched Microsoft solution with an unpatched Cisco solution you may have a point, but I suspect you might be missing the point of having infrastructure that you can support and maintain in order to ensure it is secure.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020