jana
asked on
Creating VPN Fortinet can be used to spy on or breach data
We have a user that their tech wants to creat a VPN Fortinet in his computer for the purpose of accessing the office server. He usually used to use TeamViewer but this time the tech is gonna install some sort of VPN. The concern the user has is his personal data in his computer if by creating the VPN it can have some sort of breach or that his activity can be monitor etc. We have informed him that there is no way and the VPN is just to secure connection between his pc and the server (but since he has been reading all about these crybaby etc. and the tech of his office is outsource he wanted to be sure). The said, is his concerned viable? What does setting a VPN between 2 computer technically consiste of?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The tech would need to have either admin access on the local machine, or know the (local!) account password. As it seems, there is nothing common in regard of accounts, and the tech can't gain access without performing active hacking.
ASKER
The tech doesn’t have the password.
So to understand, if the tech has the users password he can navigate to his local PC even though apps that the tech installed is a fortinet client to setup a VPN for the user to connect to the server?
Correct?
So to understand, if the tech has the users password he can navigate to his local PC even though apps that the tech installed is a fortinet client to setup a VPN for the user to connect to the server?
Correct?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It is indeed as simple as this: If the PC would be directly connected to the network, which privileges had the tech? With a VPN it is slightly different (more difficult) for the tech to try the same access.
So, if the tech does not have passwords, all they can get is what is sent over via VPN, and that means they might see some DNS queries if they try.
So, if the tech does not have passwords, all they can get is what is sent over via VPN, and that means they might see some DNS queries if they try.
ASKER
I thought that when one installed a VPN, like the user FortiClient VPN, the purpose of the connection was one-way, that is the user PC to the server. Based on what has been said here, if the tech has the user/password of the user he can connect from the server to the user computer.
ASKER
Sorry what I meant was if connecting to a server using a VPN, then the “server” can have access to the connected computer (as long as it has the counters users/password)? (In other works reverse access since the purpose is to “PC >> Server” not “Server >>> PC” )
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much! We are well instructed!
ASKER