OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archives: RE: VPN solution needed (linux<->wi

RE: VPN solution needed (linux<->win32) or (nt<->win32)

Subject: RE: VPN solution needed (linux<->win32) or (nt<->win32)
From: sean.kellylanston.com
Date: Thu Dec 09 1999 - 09:26:15 CST

> From: Mailing Lists [mailto:mlistalmerco.ca]
>
> I'm looking at implementing a VPN for my network.
...
>
> I already looked at Cybernetica's Secure Socket Agent (SSA)
> built over a
> SSL connection which is free for home and educational
> purposes but don't
> know about the technology is good or if any of you have a
> better solution or experience.

SSL is a well-established good scheme for secure communication. AFAIK there
are no effective attacks against it yet (there was one very esoteric one for
a while but it had never been used as it was fairly difficult and has since
been patched out of existence). Another more workgroup-oriented solution
might be etunnels (which also uses SSL) http://www.etunnels.com/ , though
I'm not sure if they have linux support yet.

IPSec is a likely candidate as well: http://www.ipsec.com/ . It's avaiable
for free for linux (you might have to look around for a port), cisco routers
(if not now then soon), Windows (PGPNet -- free for non-commercial use --
and perhaps other products as well), and will be built-in to Win2k
(supposedly) to replace their existing VPN scheme. It appears to be the
emerging standard for secure IP-based communication -- ssh2 uses IPSec as
well. 3Com and some other companies are even manufacturing network cards
that handle most of the overhead related to IPSec (triple-DES encryption,
etc) in hardware to reduce computation overhead -- might be a good solution
if you're installing it on a server which would be handling >1 connection at
once.

Sean

This archive was generated by hypermail 2b27 : Fri Dec 10 1999 - 16:11:19 CST