Branches
Comments
[»]
simple VPN solution
by kervel - Aug 23rd 2004 15:29:51
i like vtun a lot, for its simplicity. no complex setup,
no NAT incompatibilities and so on ...
actually, i was looking for a program that just
bridged a stdout/stdin par (or a tcp connection) to
tun/tap, no security at all. i could then use ssh
tunneling to secure the connection. But i understand
udp makes a better protocol for tunneling, so i like
vtun.
[reply]
[top]
[»]
CBC
by bishop - Jan 26th 2002 22:23:10
XOR 'encryption' is only used on systems that don't have libcrypto.
Michael should maybe upgrade his machine in other ways before reviewing
VTund. .. and maybe explore lower case a bit more.
CBC encryption. It'll be nice, but Steinar's probably been following the
discussion on vtun-devel. It'll be in 3.0.0, probably. Aldem should
follow the discussion there, too, and maybe offer a few tips as well as
patches.
Have I got your patch, Steinar?
[reply]
[top]
[»]
More secure VTUN
by Sesse - Jun 5th 2000 18:00:39
I've just made a patch for VTUN, which changes its algorithms from MD5 and
Blowfish/ECB to SHA1 and Twofish/CBC, respectively. It appears to work
properly, but it requires a bit more testing before it's released (either
as part of the official VTUN tree, or here on Freshmeat as a standalone
`product'). It also eliminates the need for OpenSSL (that's a 2MB download
less). So... stay tuned :-)
/* Steinar */
[reply]
[top]
[»]
BlowFish? It is not enough, though :)
by aldem - Jan 12th 2000 16:19:37
Well, BlowFish is good, same as a lot of other encryption algorithms, but
ONLY if it is used properly.
What I've found - BlowFish in VTUN is used in ECB mode, it means, in
turn, that attacker could use a very wide range of cryptoanalisys to
recover the key in _extremely short_ time (say, several hours). Why? It is
a little bit difficult to explain _here_, but I'd suggest to take a look on
design of some protocols like SSL and SSH and (especially) explanations to
what attention should be paid. Of course everyone who has experience in
cryptology understand what I mean, but for those who does not:
VTUN is good enough to protect you against snifers in regular
environment, but if you are going to keep in secret something _really_
significant, it will not help. For casual "hacker", of course, it provides
a good protection (at least there are no public known tools to crack
BlowFish encryption in ECB mode).
And last... Concerning comment above "totally insecure"... Even a XOR
encryption is good enough if it is implemented in a right way, and just
FYI (author of comment) - almost all encryption algorithms use XOR as
final transformation over plain text. "totally insecure" mean "no security
at all" - but even in first versions it was not true - protection against
non-professional attacker is still protection, not good enough, but
anyway...
Good luck!
[reply]
[top]
[»]
lame site
by karellen - Apr 4th 1999 12:01:54
Get rid of the lame windoze distribution site. Since you
are an open source developer you could get a free webspace
and a decent subdomain at netpedia.net. I can't use lynx
to download your cool programs nor can I use wget. And I
am NOT going to "upgrade" my browser to some Misc0$oftish
crap.
[reply]
[top]
|
