Security Basics mailing list archives
Re: Requesting info: VPN solution
From: Michael Gale <michael.gale () bluesuperman com>
Date: Wed, 31 Mar 2004 16:28:35 -0700
Hello, I guess it all depends on what you need, lets say for example you have two offices. One in location A with static IP A.A.A.A and one in location B with static IP B.B.B.B. Why go out and spend all kinds of money on VPN's --- they all do mostly the same thing ... they usually all support the same encryption levels. Why not use FreeS/Wan or SuperFreeS/Wan ? You take two average boxes and install linux, base install nothing more. Really all you need is a running kernel, you could easily use a bootable CD. Anyways base install and build Super FreeS/wan ... on VPN box at location A we allow only UDP port 500 traffic and IP protocol 50 from IP B.B.B.B only .. all other traffic is dropped. We do the same on box B at location B, allowing only UDP port 500 and IP protocol 50 from IP A.A.A.A. You use then only allow AES-256 with SHA-1-256 bit encryption using RSA keys. Once configured their is NO maintenance at all required. I am using a similar solution and since the initial install I never have had to touch the boxes. All this cost me about $1500 because I had to buy two boxes at $700 a piece. Michael. On 30 Mar 2004 18:30:14 -0000 Nicholas Diotte <xphox () xphox net> wrote:
Good afternoon list, Yet again, it's time for me to pick your brain... I've been asked to develop a VPN solution that will require little to no maintenance. Project Goal: Connect two computers, on two public networks, to secure data transfers between the two. Ex: Offsite backup. If anyone can recommend any hardware solutions that would establish a secure connection... I was looking into Cisco 1712 series... The sky is the limit on this one, and I've been given a fairly reasonable budget... I've never setup anything like this before, so I'm open to any, and all suggestions... Thank you, Nick Diotte --------------------------------------------------------------------- ------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html --------------------------------------------------------------------- -------
-- Hand over the Slackware CD's and back AWAY from the computer, your geek rights have been revoked !!! Michael Gale Slackware user :) Bluesuperman.com --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: Requesting info: VPN solution Brian Whitehead (Apr 01)
- <Possible follow-ups>
- Re: Requesting info: VPN solution Michael Gale (Apr 01)
- RE: Requesting info: VPN solution Keenan Smith (Apr 01)
- RE: Requesting info: VPN solution Andrew Shore (Apr 01)
- RE: Requesting info: VPN solution Henry, Christopher M. (Apr 02)
- Re: Requesting info: VPN solution Nicholas Diotte (Apr 02)