Firewall Wizards mailing list archives
Re: fw-1 general & VPN questions
From: "Marcus J. Ranum" <mjr () nfr net>
Date: Tue, 21 Apr 1998 09:22:51 -0400
Eric Vyncke wrote:
I would personnaly prefer a plain ASCII login via a dedicated login program with `strong' authentication with S/key or any other OTP. Then a complete logging of everything the user types.
I always wanted to find source code for a decent W32 VT100
emulator, and then add crypto to it. Modify a version of /bin/login
to recognize a "go secure" login and spin off a proxy that allocates
a pty, then calls login over a link-encrypted session. It'd be easy
and fairly portable and best of all it'd scale with modem speed,
instead of the more egregiously expensive solutions like the
encrypting modems which are always a generation late on the bandwidth.
mjr.
--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr
Current thread:
- fw-1 general & VPN questions AC (Apr 20)
- Re: fw-1 general & VPN questions Joseph S. D. Yao (Apr 20)
- Re: fw-1 general & VPN questions Marcus J. Ranum (Apr 20)
- Re: fw-1 general & VPN questions AC (Apr 20)
- Re: fw-1 general & VPN questions Eric Vyncke (Apr 21)
- Re: fw-1 general & VPN questions Marcus J. Ranum (Apr 21)
- Re: fw-1 general & VPN questions Lyndon David (Apr 21)
- Re: fw-1 general & VPN questions Bennett Todd (Apr 21)
- Re: fw-1 general & VPN questions Mark Horn [ Net Ops ] (Apr 21)
- Re: fw-1 general & VPN questions Bennett Todd (Apr 21)
- Re: fw-1 general & VPN questions Marcus J. Ranum (Apr 20)
- Re: fw-1 general & VPN questions Joseph S. D. Yao (Apr 20)