Thanks David. So, assuming there's no unknown security "bug" in OpenConnect, running it as root introduces no additional vulnerabilities to internet threats? You mentioned that the Cisco client also runs as root. Is this true, even though a connection could be established by running the gui as a normal (non-root) user? Finally, what's the recommended way to terminate a VPN session initiated form OpenConnect? Ctrl-C? OL On Wed, Jun 27, 2012 at 3:51 AM, David Woodhouse <dwmw2 at infradead.org> wrote: > Fairly much, yes. It's vaguely possible for someone with a packet > sniffer in the path between you and the server to see your TCP or UDP > traffic and maybe inject a packet ? but almost impossible for them to > get the MAC on that packet correct, which will result in the TCP > connection closing, or their UDP packet being silently discarded. > > And of course, such a vulnerability shouldn't exist.