PaulDotCom mailing list archives
Re: SSL vs IPSec VPNs
From: Kerry <kerry.milestone () gmail com>
Date: Wed, 20 Oct 2010 09:50:32 +0100
Remembering that with IPv6, IPSec is part of the protocol it may make sense to use IPsec and at the same time a good chance for yourself to gather learning about how it works. From: http://ipv6.com/articles/security/IPsec.htm IPsec is a mandatory component for IPv6, and therefore, the IPsec security model is required to be supported for all IPv6 implementations in near future. In IPv6, IPsec is implemented using the AH authentication header and the ESP extension header. Since at the present moment, IPv4 IPsec is available in nearly all client and server OS platforms, the IPSec IPv6 advanced security can be deployed by IT administrators immediately, without changing applications or networks. -------- Original Message -------- Subject: [Pauldotcom] SSL vs IPSec VPNs Date: Tue, 19 Oct 2010 09:41:05 -0400 From: Michael Douglas <mick () pauldotcom com> Reply-To: PaulDotCom Security Weekly Mailing List <pauldotcom () mail pauldotcom com> To: pauldotcom () pdc-mail pauldotcom com Hey all, I'm trying to determine what protocols should be permitted on a new VPN concentrator. I'd like to stick with IPSec, it's tried and true, and to quote Garth: "We fear change". However, it seems that all the vendors are going down the SSL route. Now I know SSL is 'safe', but it seems like it's more open to attacks like SSLStrip (thanks again Moxie for making us aware of the problems!) I get that SSL is easier for administrators and end users alike, but is that convenience at too high a cost? So what are your thoughts? Am I being too paranoid? If there are articles or places where I should RTFM, that's cool... I just need to know what FM to read!! Please send the links/info ;-) Thanks for your input, and have a nice day! - Mick _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: SSL vs IPSec VPNs, (continued)
- Re: SSL vs IPSec VPNs Butturini, Russell (Oct 20)
- Re: SSL vs IPSec VPNs Carlos Perez (Oct 20)
- Re: SSL vs IPSec VPNs Michael Miller (Oct 21)
- Re: SSL vs IPSec VPNs Butturini, Russell (Oct 20)
- Re: SSL vs IPSec VPNs Jack Daniel (Oct 20)
- Re: SSL vs IPSec VPNs Chris Clymer (Oct 25)
- Re: SSL vs IPSec VPNs Baggett, Mark (Oct 20)
- Re: SSL vs IPSec VPNs Carlos Perez (Oct 20)
- Re: SSL vs IPSec VPNs Michael Douglas (Oct 21)
- Re: SSL vs IPSec VPNs Baggett, Mark (Oct 22)
- Re: SSL vs IPSec VPNs Gregory Baker (Oct 26)
- Re: SSL vs IPSec VPNs Kerry (Oct 20)