Is anyone else concerned about the ability to bypass your host scanning with a simple GitHub script?
https://github.com/Gilks/hostscan-bypass
Anyone have any solutions out there to provide any other kind of mitigation? After we tested we can't even find it in logs, as you can spoof everything from OS to connection client! Yep, that right you can even spoof that you are using Anyconnect when using OpenConnect.
Host checking was a major VPN control/protection how are other people addressing the loss of this protection?