[nycbug-talk] VPN vs IPsec

pete wright nomadlogic
Fri Jul 15 14:07:27 EDT 2005


On 7/15/05, michael <lists at genoverly.net> wrote:
> After the last NYCBUG talk "Angelos Keromytis: OpenBSD IPsec stack" I have been reading up on securing a wifi connection.  Two alternatives to WEP are OpenVPN and IPsec.
> 
> According to a SANS white paper (http://www.sans.org/rr/whitepapers/vpns/1459.php) "IPsec VPNs are either too expensive or too difficult to use securely."  The paper goes on to support OpenVPN.
> 
> Angelos gave an informative talk and even put up graphs that showed IPsec pushes more/faster.
> 
> I know there are a lot of variables to examine, but...
> 1. Does anyone bother to secure wifi beyond WEP?
> 2. Are OpenVPN and IPsec good alternatives?
> 3. Of those which makes more sense for a wifi installation?
> 

On a similar topic, have you checked out nocatauth?
(http://nocat.net/)

I think this address a larger issue with wifi networks than that of
encryption of data (which is very important, but can be addressed with
end user security policies i.e. using ssh and https).  notcatauth
provides a way to track who is using your network, and doing so in
such a way that users can be notified about terms of use for your
network.

-p


> Michael
> 
> 
> --
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
> 


-- 
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group




More information about the talk mailing list