Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-disclosure] SSL VPNs and security
From: Michael Holstein (michael.holsteincsuohio.edu)
Date: Fri Jun 09 2006 - 10:35:42 CDT
> SSL certificates are free. You just have to have enough knowledge to
> distribute your own CA certificate. For a VPN appliance, this should
> not be a problem at all, since only your trusted users should be
> accessing it. Even if you aren't competent enough to figure out how to
> distribute your own CA certificate, I believe there are such things as
> wildcard certificates.
Great .. setup a SSL vpn, then tell your users it's okay to click "yes"
on the "untrusted certificate" popup.
Sure, it's trivial to create self-signed certs (or run a CA), but
distributing your cert (or the CA cert) to all but a handful of clients
is a logistical nightmare.
If you're going to be installing stuff, might as well make that a
IKE/IPSEC client and do it the right way to begin with.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/