WAN & VPN Security

DJ Lucas dj at linuxfromscratch.org
Sat Aug 27 19:35:11 PDT 2005


Declan Moriarty wrote:
> The Government here (if you would call it that) has a decentralisation
> policy which is resulting in WAN connectivity for each department to a
> central VPN.
> 
> Is this remotely secure? Even if it is, is it hackable? I am presuming
> windows, and ssh are also involved. But wan means 2 people broadcast,
> and surely any third one can pick them both up.
> 

Sure, you can pick up anything...whether you can make sense of what you
'pick up' is the question.  If this is just involving windows
connectivity issues, have a google for 'VPN', 'MSCHAT-V2' and 'MPPE' and
related mppe patch(m)es(s) for linux kernel.  Security is pretty good
but certainly not unbreakable.  I have MS style VPN working on LFS for
server side (for remote VPN sessions from windows PCs) should you need
assistance in coping with it.  I can't imagine it being more difficult
setting up the client....this assuming you are dealing with MS VPN.  If
not, you should be searching for L2TP, or maybe even Cisco variants
which I know nothing about except that they require a separate client on
MS boxes.

Hope that helps you find what it is you are looking for.

-- DJ Lucas



More information about the blfs-support mailing list