On Tue, 9 Mar 2004 [EMAIL PROTECTED] wrote: > On Mon, Mar 08, 2004 at 12:04:22PM +0800, ian sison (mailing list) wrote: > > Yup, i use tinc _in production_. It's OPENSSL based and totally > > _userspace_, meaning no need to patch the kernel and stuff. There's a > > windows port as well i believe. > > Hopefully you do realize that the TINC protocol has some serious flaws > that render it nearly as insecure as Microsoft's infamous PPTP > implementation. > > http://www.mit.edu:8008/bloom-picayune/crypto/14238 > > The same is true for CIPE and vtun, and they're even worse. I'm > beginning to think that there probably is no other decent VPN protocol > out there besides IPsec. >
I heard about that, and i believe the author has a thing or two to say about this, so here's the other side of the coin, for those who are interested. http://216.239.37.104/search?q=cache:PC1e9Ru1ASIJ:tinc.nl.linux.org/security+&hl=en&ie=UTF-8 (Google cache, as the main side is down) -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
