[nycbug-talk] VPN vs IPsec
Fri Jul 15 15:54:10 EDT 2005
On 7/15/05, michael <lists at genoverly.net> wrote:
> After the last NYCBUG talk "Angelos Keromytis: OpenBSD IPsec stack" I have been reading up on securing a wifi connection. Two alternatives to WEP are OpenVPN and IPsec.
> According to a SANS white paper (http://www.sans.org/rr/whitepapers/vpns/1459.php) "IPsec VPNs are either too expensive or too difficult to use securely." The paper goes on to support OpenVPN.
> Angelos gave an informative talk and even put up graphs that showed IPsec pushes more/faster.
> I know there are a lot of variables to examine, but...
> 1. Does anyone bother to secure wifi beyond WEP?
> 2. Are OpenVPN and IPsec good alternatives?
> 3. Of those which makes more sense for a wifi installation?
You forgot pptp, done correctly on a proper os it is not a security
problem. Now my one remembered PITA from the one time I set up open
vpn was that each client had to have its own port assigned on the
server, this was using udp. Not bad for 5 or 10 users but I would
hate to manage it for a few hundred or more.
Happy weekend to all,
> % NYC*BUG talk mailing list
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
More information about the talk