How intrusive is using VPN?

My company lets us work from home sometimes using VPN (during weather emergencies and stuff). When logging in a big window comes up that says the network is private and for employees only and that there's no right to privacy while using VPN. It makes sense that they don't want people poking around their network but I wonder if the company can use the connection to look around my computer while I'm connected. I'm not entirely computer-illiterate but I'm not a networks person at all so the technical documents I've found don't help me. Is that possible, and if so to what degree?

UPDATE Thanks Mark. The funneling thing is what I was really asking about. Mostly I was worried that I would already have some IM conversation open or log into eBay forgetting that the VPN was open and that my company IT people would see it or that they would log my eBay password. Thanks again.

ANOTHER UPDATE What if my son wants to play online poker or Warcraft etcetera while I have VPN on to work? Can my company think I'm the one playing if I am not typing often?

Slade

Posted 2010-03-04T02:36:00.120

Reputation:

about your edit - I would be shocked if they recorded that stuff. Most IT shops will block undesired things and create logs if something is blocked, but very few waste the effort and resources to capture packets from each and every thing on the network. And even if they were, the volume would be so high that I doubt it would even be useful to them - needle in a haystack. – MDMarra – 2010-03-05T03:55:38.287

Answers

They can only access your computer as much as any other computer on your home network can. If you have C:\ shared to everyone, they could potentially see everything on it - though this is unlikely unless you have a sketchy IT department. Otherwise, you should be fine.

That warning is up because all of your traffic is funneling through their network connection. This means that if you forget to terminate your VPN session and go surfing for porn or torrents, etc - it will all be logged on the company's servers.

MDMarra

Posted 2010-03-04T02:36:00.120

Reputation: 19 580

1Actually, it is possible to configure a computer so that only traffic to the company LAN goes through the VPN, while Internet traffic bypasses it. However, not all VPN clients allow / support this. SonicWall SSL VPN for example does allow it. – sleske – 2010-03-05T03:27:26.650

@sleske - this is true, Juniper uses a similar technique. If you have your DNS set to resolve hostnames on the VPN side though, your computer will still use the company DNS servers for name resolution. This would create a log of Internet browsing during the connection. Of course - if you connect via IP and don't configure your computer to use the company's internal DNS during VPN sessions this is a non-issue – MDMarra – 2010-03-05T03:35:29.007

Connecting to VPN exposes you to "risk" from the side of your internal network. But there is much greater risk of being attacked from Internet. If you don't have evil enemies-hackers in your company and don't open up all the ports for all applications in the firewall then you should be safe :).

Sergiy Belozorov

Posted 2010-03-04T02:36:00.120

Reputation: 1 704