Full Disclosure mailing list archives
Re: SSL VPNs and security
From: Michael Holstein <michael.holstein () csuohio edu>
Date: Fri, 09 Jun 2006 11:35:42 -0400
SSL certificates are free. You just have to have enough knowledge to distribute your own CA certificate. For a VPN appliance, this should not be a problem at all, since only your trusted users should be accessing it. Even if you aren't competent enough to figure out how to distribute your own CA certificate, I believe there are such things as wildcard certificates.
Great .. setup a SSL vpn, then tell your users it's okay to click "yes" on the "untrusted certificate" popup.
Sure, it's trivial to create self-signed certs (or run a CA), but distributing your cert (or the CA cert) to all but a handful of clients is a logistical nightmare.
If you're going to be installing stuff, might as well make that a IKE/IPSEC client and do it the right way to begin with.
/mike. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: SSL VPNs and security, (continued)
- Re: SSL VPNs and security E Mintz (Jun 09)
- Message not available
- Re: SSL VPNs and security E Mintz (Jun 09)
- Re: SSL VPNs and security Tim (Jun 09)
- Re: SSL VPNs and security Brian Eaton (Jun 09)
- Re: SSL VPNs and security Tim (Jun 09)
- Re: SSL VPNs and security Q-Ball (Jun 12)
- Re: SSL VPNs and security Ray P (Jun 13)
- Re: SSL VPNs and security Q-Ball (Jun 13)
- Re: SSL VPNs and security Brian Eaton (Jun 09)
- Re: SSL VPNs and security Tim (Jun 09)
- Re: SSL VPNs and security Michael Holstein (Jun 09)
- Re: SSL VPNs and security Tim (Jun 09)
- Re: SSL VPNs and security Brian Eaton (Jun 09)
- Re: SSL VPNs and security Michael Holstein (Jun 09)