Firewall Wizards mailing list archives
RE: Looking for a PVN-only server to put behind the firewall
From: sean.kelly () lanston com
Date: Thu, 7 Oct 1999 16:04:34 -0400
NT Server includes a VPN solution, though hackers are quickto point outthat it does have some security problems.Hacker? You mean Bruce Schneier, who runs Counterpane (http://www.counterpane.com/whycrypto.html) and the developer of TwoFish, one of the proposed AES? Who wrote the definitive text "Applied Cryptography" and make a good living showing up the shortcomings of various wannabe security products? Who probably knows more about cyrpto than the sum of up to the 98 percentile of the members of this list? Is this damning him with faint praise or what?
Bruce may have been the driving force between the testing of MS' VPN security, but the knowledge is hardly limited to him. After all, the results have been published and read by > 0 people. My comment wasn't meant to be regarding any specific individual so much as the community at large. I intend (and use) "hacker" in its original sense, rather than with the script-kiddy connotation it has now. Personally, I consider it to be a somewhat respectful term, and to hardly be limited to someone-who-breaks-into-computer-systems. As for crypto -- this is a firewall list, not a crypto list. I didn't get any more in-depth for that reason. If anyone is interested, they can read the full review on counterpane. Besides, the cryptographic integrity of the software wasn't the crux of the issue. The original question was regarding possible VPN solutions -- MS' implementation being just one possibility. I mentioned that it was known to have potential security risks as a qualification to my reccommendation, and never in any way meant to make any comment on anyone. If I was misunderstood, I apologize. Though I failed to mention it, PGPnet may be another possible solution. It uses IPsec and I consider it much more secure than MS' VPN... but it's not free (for commercial use) and not as easy to use. Sean
Current thread:
- RE: Looking for a PVN-only server to put behind the firewall sean . kelly (Oct 12)