PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SSL vs IPSec VPNs

From: Jack Daniel <jackadaniel () gmail com>
Date: Tue, 19 Oct 2010 21:43:19 -0400
First you must define what kind of SSL VPN you are talking about, for
example there's a huge difference between OpenVPN and the web
re-writing portals.  Things like SSL strip may or may not be a factor
depending on the choice.

I am a huge OpenVPN fanbois, and have been for years.

Jack


On 10/19/10, Michael Douglas <mick () pauldotcom com> wrote:

Hey all,

I'm trying to determine what protocols should be permitted on a new
VPN concentrator.

I'd like to stick with IPSec, it's tried and true, and to quote Garth:
"We fear change".  However, it seems that all the vendors are going
down the SSL route.  Now I know SSL is 'safe', but it seems like it's
more open to attacks like SSLStrip (thanks again Moxie for making us
aware of the problems!)  I get that SSL is easier for administrators
and end users alike, but is that convenience at too high a cost?

So what are your thoughts?  Am I being too paranoid?  If there are
articles or places where I should RTFM, that's cool... I just need to
know what FM to read!!  Please send the links/info  ;-)


Thanks for your input, and have a nice day!
- Mick
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



-- 
Sent from my mobile device

______________________________________
Jack Daniel, Reluctant CISSP
http://twitter.com/jack_daniel
http://www.linkedin.com/in/jackadaniel
http://blog.uncommonsensesecurity.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: