[nycbug-talk] VPN vs IPsec

Marc Spitzer mspitzer
Fri Jul 15 15:54:10 EDT 2005

On 7/15/05, michael <lists at genoverly.net> wrote:
> After the last NYCBUG talk "Angelos Keromytis: OpenBSD IPsec stack" I have been reading up on securing a wifi connection.  Two alternatives to WEP are OpenVPN and IPsec.
> According to a SANS white paper (http://www.sans.org/rr/whitepapers/vpns/1459.php) "IPsec VPNs are either too expensive or too difficult to use securely."  The paper goes on to support OpenVPN.
> Angelos gave an informative talk and even put up graphs that showed IPsec pushes more/faster.
> I know there are a lot of variables to examine, but...
> 1. Does anyone bother to secure wifi beyond WEP?
> 2. Are OpenVPN and IPsec good alternatives?
> 3. Of those which makes more sense for a wifi installation?

You forgot pptp, done correctly on a proper os it is not a security
problem.  Now my one remembered PITA from the one time I set up open
vpn was that each client had to have its own port assigned on the
server, this was using udp.  Not bad for 5 or 10 users but I would
hate to manage it for a few hundred or more.

Happy weekend to all,


> Michael
> --
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month

More information about the talk mailing list