a little security
Michael F. March
plug-discuss@lists.PLUG.phoenix.az.us
Mon, 10 Sep 2001 12:01:21 -0700
Oh yeah..
Vtun does cool stuff like bridging.. You basically can have a
WAN that is on one big subnet.
> Ken Kughes, who lurks on this list, used vtun to set up
> a eight site WAN and it works great. Like the sshd based
> solution, it is not a kernel level VPN.. However it performs
> like (or better than) a kernel based IPSEC solutions.
>
> Also, he tried an SSH based solution before he used vtun and
> vtun appears to be MUCH more reliable and robust than SSH. For
> instance, vtun is much better about recovering from high latency
> or downed networks.
>
> ----- Original Message -----
> From: "Bill Warner" <wwarner@direct-alliance.com>
> To: <plug-discuss@lists.PLUG.phoenix.az.us>
> Sent: Monday, September 10, 2001 11:09 AM
> Subject: Re: a little security
>
>
> > I setup a vpn useing ssh. check the howtos it basicly
> > uses ssh and pppd to create a vpn. I felt very 31337
> > after setting it up. :) got an ssh encrypted tunnel
> > through my work firewall straight to my house.
> >
> > Bill Warner
> >
> > On 07 Sep 2001 09:49:36 -0700, Nathan England wrote:
> > > Okay, I know half of you will probably shoot me for this, but I'm
doing
> > > it anyway...
> > >
> > > I need access to a volume on a server across the internet.
> > > Right now I am running samba and I am connecting by running three
> > > ssh tunnells to ports 137, 138, and 139 from my computer at work to
the
> > > server. From there I mount the volumes.
> > >
> > > There has to be a more secure way than this. Especially more secure
than
> > > samba.. I have a good password, but still any sniffer would get it in
a
> > > few seconds. Except for the ssh tunnels, there really isn't any
> > > security.
> > >
> > > Are there any safer ways any one knows of that I could do this?
> > > I'm not so worried about my security where someone sniffs me and gets
my
> > > password, but others seeing the wide open ports and going after it..
> > > It's pretty stupid.
> > >
> > > I was thinking about setting ipchains to only accept the connection
from
> > > a specific ip, but is there a better way than this? Any input
helpfull.
> > > Thanks guys.
> > >
> > > nathan
> > >
> > >
> > > --
> > > "Ah, lives there a man with soul so dead, who never to himself hath
> > > said,
> > > as he hunched and rolled in his comfortable bed:
> > > To hell with rent...I'll drink instead!"
> > >
> > > ________________________________________________
> > > See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail
doesn't
> post to the list quickly and you use Netscape to write mail.
> > >
> > > PLUG-discuss mailing list - PLUG-discuss@lists.PLUG.phoenix.az.us
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >
> > --
> > Bill Warner
> > Unix/Linux Admin.
> > Direct Alliance Corporation
> >
> > Company required stuff:
> >
> > Contents are Direct Alliance Corporation Confidential
> >
> > This message is for the designated recipient(s) only and contains
> > Direct Alliance Corporation privileged and confidential information.
> > If you have received it in error, please notify the sender immediately
> > and delete the original. Any other use of this email is prohibited.
> >
> > ________________________________________________
> > See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
> post to the list quickly and you use Netscape to write mail.
> >
> > PLUG-discuss mailing list - PLUG-discuss@lists.PLUG.phoenix.az.us
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss