[Kaboodle-devel] Kaboodle VPN overview

Sat, 07 Dec 2002 13:55:25 -0800 

Meenakshi:

        Hello! The biggest limitation of the current VPN feature
is the lack of peer review. :) That is, I believe it works as follows:

1. User1 on LAN1 downloads Kaboodle and registers its VPN capabilities
   at www.GetEngaged.net. That is, they download a "registration
   file", essentially a signed secret-key.
2. User2 on LAN2 does the respective thing for their network.
3. User1 on LAN1 creates a Partnership file with User2 on the same
   site. Both users download and install the Partnership file,
   essentially a signed public key.
4. USer1 or User2 then initiate a connection. Kaboodle does a
   Gnutella search for the Partnership file associated with the
   connection. Once the file is found, it is authenticated on both
   sides using the secret-key information from #1.
5. After authentication, a "control channel" is setup using TCP port
   4282. An 16-char random string is transferred across this channel.
6. Using that string as a symmetric password, a Zebedee connection
   is initiated from one side to the other, using a user-defined
   TCP port (defaults to 11965, the Zebedee default).
7. All data transactions now go across this "data channel".

        Version 0.99 (which you can get from the "alpha" directory
on ftp.Kaboodle.org) should do all of this. I know that using that
connection, I can do all of the above and then VNC across the secure
connection (I can see from tcp-dumping the LAN traffic that the
right ports are being used). I have just not *confirmed* that the
security model works exactly as I have specified above. One of the
coders may have, unknowingly, taken a shortcut in the interest of
functionality.
        Would you be able to review such a thing?

thanks,
Scott

PS: It'd be great if you could join the Kaboodle-devel email list.
    I've CC'd it here in my reply.

On Fri, 6 Dec 2002, meenakshi arora wrote:

> Hello Scott,
> Could you please send me the list of current
> limitations of the VPN feature which I can start
> working on. Also If you could send me other features
> limitaions too I would like to review them.
>
> I would be needing your guidance to chose a direction
> to start.
>
> Thanks,
> Meenakshi




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Kaboodle-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/kaboodle-devel

Reply via email to