OpenVPN or most easily OpenVPNAS - comes with 2 licenses (you can share
creds between user groups) or you can get an unlimited license from OpenVPN
for $50.00 (last I looked) forever.
You can get a plug and play appliance as well with everything already
configured, however it installs via package management and is easy to
configure.
You can pull it up via a web based browser and download the client of your
OS and your cert. It's a two click process for adding a new client. Be
sure to enable passthrough for VPN on your SOHO router.
It's about the best application out there, since it uses IPtables, you can
just use it for your Gateway machine with a well crafted iptables recipe
and dnsmasq (easiest way to get into anything is via DNS tunneling
<
http://www.purehacking.com/news/dns-tunnelling-shellcode>
On Sat, Apr 20, 2013 at 2:21 AM, Phil Waclawski
<
phil.waclawski@mesacc.edu>wrote:
> I'll skip that honor. I am aware of things like SSH brute force attacks
> (I do have a iptables throttle on that that limits attempts to a couple of
> tries), but I make no claim to really know the ins and outs of SSH. So, you
> are basically saying there is NO secure way to ever connect to a machine
> remotely? That's rather depressing. So it's more of a hope that someone who
> knows what they are doing will never target you specifically.
>
> Phil W.
>
>
> On Sat, Apr 20, 2013 at 1:32 AM, Lisa Kachold <lisakachold@obnosis.com>wrote:
>
>> Your key is as sècure as the version of SSL/SSH. Îf you lèave password
>> SSH login via. Pam.d ènabled, you will be targeted by more than DefCon's
>> hackers! The mere fact that you have SSH turned ôn indicàtes you do not
>> understand the risks. Your passwords most probably fail to be adequately
>> complex? What's your router IP; we will make you a flag at the next
>> hackfest?
>> On Apr 19, 2013 11:52 PM, "Phil Waclawski" <phil.waclawski@mesacc.edu>
>> wrote:
>>
>>> Well, I'm attending it in the hopes of learning about how some of these
>>> attacks work, and how to defend against them. Helps me teach my students
>>> better practices (and myself as well).
>>>
>>> To be honest, I had planned on having an old laptop with a brand new
>>> kubuntu install on it (no data I care about) and just doing some blender
>>> work and note taking offline, and never connecting it to a network while at
>>> the convention.
>>>
>>> However, I'm curious, if I set up an ssh tunnel to a server I've already
>>> established a Key system with, wouldn't ssh throw up a huge warning from a
>>> man in the middle attack not having the right "handshake"? At that point
>>> I'd only be hosed if I was dumb enough to say "connect anyway"?.
>>>
>>> Phil W.
>>>
>>>
>>> On Fri, Apr 19, 2013 at 10:30 PM, der.hans <PLUGd@lufthans.com> wrote:
>>>
>>>> Am 19. Apr, 2013 schwätzte Alan Dayley so:
>>>>
>>>> moin moin Alan,
>>>>
>>>>
>>>> Why in the world would anyone actually attend a conference where you
>>>>> KNOW
>>>>> people are going to attack your electronics and data? Erasing
>>>>> everyone's
>>>>>
>>>>
>>>> It's in the city where people pay to let someone steal from them, so it
>>>> fits the theme.
>>>>
>>>> http://www.newyorker.com/**online/blogs/culture/2013/01/**
>>>> video-the-art-of-**pickpocketing.html<http://www.newyorker.com/online/blogs/culture/2013/01/video-the-art-of-pickpocketing.html>
>>>>
>>>>
>>>> credit cards? For the lulz, I guess. It sounds like a bunch of very
>>>>> smart
>>>>> trolls getting together to see who can out-troll who. I would just
>>>>> be collateral damage in such a group. I guess it's an effective way to
>>>>> keep
>>>>> the non-trolls and newbies out of the "defcon club." Or maybe it is a
>>>>> from
>>>>> of hazing.
>>>>>
>>>>> And, if I HAD to go, cash, pen and paper is all I would bring.
>>>>>
>>>>
>>>> Make sure to keep them somewhere safe ;-).
>>>>
>>>> ciao,
>>>>
>>>> der.hans
>>>> --
>>>> # http://www.LuftHans.com/ http://www.LuftHans.com/**Classes/<http://www.LuftHans.com/Classes/>
>>>> # Like the maid, I don't do (M$)Windows. - der.hans
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>
>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
--
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss