Vulnerability Development mailing list archives
Re: AIM & VPN
From: 11a () GMX NET (Bluefish)
Date: Fri, 12 May 2000 02:38:02 +0200
Getting in touch with AIM clone-developers is really not hard (especially
for me since such a person is attending my class ;-) but people better
have welldefine, written down question before they start asking, otherwise
they're quite likely to just irritate the developers IMHO.
I'm no expert upon AIM, but the term VPN is probably a bad word to use?
That communication simply is encrypted between two hosts hardly fits the
common use of VPN.
Additionally, most actually windows VPNs are insecure since they commonly
use PTPP v1 or PTPP v2. PTPP v1 is extremly trivial, PTPP relies on
password for keygeneration which makes them highly unsuitable for a
company which faces any kind of advanced attacker (alas, even small
industriall spies... and most certainly not nations)
The IPSec protocoll (which W2K supports IIRC) is much more secure,
although known to be complex. The third option is to tunnel software using
i.e. SSH, which is a moderately good solution in some cases.
..:::::::::::::::::::::::::::::::::::::::::::::::::..
http://www.11a.nu || http://bluefish.11a.nu
eleventh alliance development & security team
Current thread:
- Re: Alternative ways of IP spoofing?, (continued)
- Re: Alternative ways of IP spoofing? Justin Randall (May 09)
- AIM bug or feature jeff D (May 09)
- Re: AIM bug or feature Alistair Orchard (May 09)
- Punishment Blue Boar (May 09)
- Re: AIM bug or feature Justin Lintz (May 10)
- Re: AIM bug or feature White Vampire (May 10)
- really fast data Ogrodnek, Larry (May 10)
- Re: Alternative ways of IP spoofing? Doru Petrescu (May 10)
- AIM & VPN jeff D (May 10)
- Re: AIM & VPN Jeremy Gaddis (May 10)
- Re: AIM & VPN Bluefish (May 11)
- Re: AIM & VPN Matthew S. Hallacy (May 12)
- Norton Internet Security 2000 Jon Alabot (May 10)