On 6/11/10 6:09 AM, Rob Kampen wrote:
> Ben McGinnes wrote:
>>
>> Now this is an excellent idea! It would be vastly superior to the
>> current situation, though a serious challenge to the price-gouging of
>> many CAs.
>>
> I used to use godaddy for my certs but now use the startssl folk - much
Ben McGinnes wrote:
On 6/11/10 12:25 AM, Ross Walker wrote:
If we could start the whole certificate thing over I think it would
have been better to have a trust "registrar" rather then a bunch of
semi-trusted authorities. Then any corporation can create their own
CA and register that CA with
On 6/11/10 12:25 AM, Ross Walker wrote:
>
> If we could start the whole certificate thing over I think it would
> have been better to have a trust "registrar" rather then a bunch of
> semi-trusted authorities. Then any corporation can create their own
> CA and register that CA with a registrar wit
On Nov 5, 2010, at 8:29 AM, Les Mikesell wrote:
> So if you really want privacy you need to run another layer of encryption end
> to
> end with an uncommon cipher?
Yes, or only trust those CAs that you know you can trust. Use web browsers you
can fully trust don't embed CA trusts and fully ma
On 5/11/10 11:29 PM, Les Mikesell wrote:
> On 11/5/10 4:27 AM, Ben McGinnes wrote:
>>
>> I believe this is one of the methods that was looked at to enable
>> ISPs to filter/censor/log SSL connections should the government
>> policies become legislation here. Except for all outbound
>> connections.
On 11/5/10 4:27 AM, Ben McGinnes wrote:
> On 5/11/10 9:39 AM, Ross Walker wrote:
>>
>> As for the SSL part, you can monitor traffic over it in a couple of
>> ways. For internal services being served out you can have the SSL
>> connection terminate at the gateway and the gateway establish an
>> inte
On 5/11/10 9:39 AM, Ross Walker wrote:
>
> As for the SSL part, you can monitor traffic over it in a couple of
> ways. For internal services being served out you can have the SSL
> connection terminate at the gateway and the gateway establish an
> internal SSL connection to the service. For intern
On Nov 4, 2010, at 9:13 AM, Les Mikesell wrote:
> On 11/4/10 7:15 AM, Ross Walker wrote:
>>
>>
>> If the client PC was set up in a split pipe setup it would be like running
>> your corporate LAN with either no firewall or a consumer level firewall
>> product with questionable administration.
On 11/4/10 7:15 AM, Ross Walker wrote:
>
>> Those of us in the antipodes have a whole different reason for wanting
>> VPN connections to such insecure points as "shared hosting" or VPS
>> systems.
>
> I don't have to encrypt from my government, but I am required to encrypt all
> communication chan
On 11/4/10 7:31 AM, Rob Kampen wrote:
> Ross Walker wrote:
>> On Nov 3, 2010, at 9:24 PM, Ben McGinnes wrote:
>>
>>
>>> On 4/11/10 10:35 AM, Ross Walker wrote:
>>>
On Nov 3, 2010, at 7:01 PM, John R Pierce wrote:
> On 11/03/10 3:46 PM, Ross Walker wrote:
>
>> I just thi
On 04/11/2010 13:31, Rob Kampen wrote:
I've been watching this thread and offer the following observation.
some years ago when working in the corporate world - most internet
connections were still via modem - I used to connect via VPN to the
corporate network from remote offices. Even tho
Ross Walker wrote:
On Nov 3, 2010, at 9:24 PM, Ben McGinnes wrote:
On 4/11/10 10:35 AM, Ross Walker wrote:
On Nov 3, 2010, at 7:01 PM, John R Pierce wrote:
On 11/03/10 3:46 PM, Ross Walker wrote:
I just think VPN
On Nov 3, 2010, at 9:24 PM, Ben McGinnes wrote:
> On 4/11/10 10:35 AM, Ross Walker wrote:
>> On Nov 3, 2010, at 7:01 PM, John R Pierce wrote:
>>
>>> On 11/03/10 3:46 PM, Ross Walker wrote:
I just think VPNs' time has come and gone.
>>>
>>>
>>> VPN's have another use entirely, which is li
On 4/11/10 10:35 AM, Ross Walker wrote:
> On Nov 3, 2010, at 7:01 PM, John R Pierce wrote:
>
>> On 11/03/10 3:46 PM, Ross Walker wrote:
>>> I just think VPNs' time has come and gone.
>>
>>
>> VPN's have another use entirely, which is linking LAN segments over the
>> internet to create a private
On 11/3/10 6:35 PM, Ross Walker wrote:
>
>> On 11/03/10 3:46 PM, Ross Walker wrote:
>>> I just think VPNs' time has come and gone.
>>
>>
>> VPN's have another use entirely, which is linking LAN segments over the
>> internet to create a private WAN.
>
> Yes, of course, those will remain and I use th
On Nov 3, 2010, at 7:25 PM, Les Mikesell wrote:
> On 11/3/2010 6:01 PM, John R Pierce wrote:
>> On 11/03/10 3:46 PM, Ross Walker wrote:
>>> I just think VPNs' time has come and gone.
>>
>>
>> VPN's have another use entirely, which is linking LAN segments over the
>> internet to create a private
On Nov 3, 2010, at 7:01 PM, John R Pierce wrote:
> On 11/03/10 3:46 PM, Ross Walker wrote:
>> I just think VPNs' time has come and gone.
>
>
> VPN's have another use entirely, which is linking LAN segments over the
> internet to create a private WAN.
Yes, of course, those will remain and I us
On 11/3/2010 6:01 PM, John R Pierce wrote:
> On 11/03/10 3:46 PM, Ross Walker wrote:
>> I just think VPNs' time has come and gone.
>
>
> VPN's have another use entirely, which is linking LAN segments over the
> internet to create a private WAN.
But perhaps a better alternative is to give up on the
On 11/03/10 3:46 PM, Ross Walker wrote:
> I just think VPNs' time has come and gone.
VPN's have another use entirely, which is linking LAN segments over the
internet to create a private WAN.
___
CentOS mailing list
CentOS@centos.org
http://lists.cent
On Nov 3, 2010, at 10:15 AM, m.r...@5-cent.us wrote:
> Ross Walker wrote:
>
>> I would suggest only providing VPN access to administrators and for users
>> providing a combination of SSL gateway to web-mail and some type of
>> terminal service that either authenticates with a separate domain or i
On 11/3/2010 9:04 AM, Ross Walker wrote:
>
>>
>> Errr, what issues does openvpn have?
>
> I'm no fan of any type of VPN as I think it's a way of extending your trusted
> LAN to an untrusted endpoint compromising internal trust levels, but if you
> are going to implement a VPN the type is of very
On Wed, Nov 03, 2010, Ray Van Dolson wrote:
>On Wed, Nov 03, 2010 at 10:52:34AM -0400, Adam Tauno Williams wrote:
>> On Wed, 2010-11-03 at 07:34 -0700, cpol...@surewest.net wrote:
>> > Mattias wrote:
>> > > Yes but there is no good webmin module for openvpn?
>> > Not to pour water on your tool, bu
On Wed, 3 Nov 2010, Ross Walker wrote:
> As always it's better to use internally generated certificates that
> are password protected then either passwords or certificates alone.
> Having said that these password protected certificates are a PITA to
> distribute to users and to support remotely
On Wed, Nov 03, 2010 at 10:52:34AM -0400, Adam Tauno Williams wrote:
> On Wed, 2010-11-03 at 07:34 -0700, cpol...@surewest.net wrote:
> > Mattias wrote:
> > > Yes but there is no good webmin module for openvpn?
> > Not to pour water on your tool, but Google for "webmin exploit".
> > This software
On Wed, 2010-11-03 at 07:34 -0700, cpol...@surewest.net wrote:
> Mattias wrote:
> > Yes but there is no good webmin module for openvpn?
> Not to pour water on your tool, but Google for "webmin exploit".
> This software appears regularly on security lists I read,
> but not in a good way.
+1 I'd ne
Mattias wrote:
> Yes but there is no good webmin module for openvpn?
Not to pour water on your tool, but Google for "webmin exploit".
This software appears regularly on security lists I read,
but not in a good way.
--
Charles Polisher
___
CentOS mailin
Ross Walker wrote:
> On Nov 3, 2010, at 9:07 AM, Les Mikesell wrote:
>> On 11/3/10 7:48 AM, Adam Tauno Williams wrote:
>>> On Wed, 2010-11-03 at 12:49 +, John Hodrien wrote:
On Wed, 3 Nov 2010, Adam Tauno Williams wrote:
> On Wed, 2010-11-03 at 13:04 +0200, Eero Volotinen wrote:
On Nov 3, 2010, at 9:07 AM, Les Mikesell wrote:
> On 11/3/10 7:48 AM, Adam Tauno Williams wrote:
>> On Wed, 2010-11-03 at 12:49 +, John Hodrien wrote:
>>> On Wed, 3 Nov 2010, Adam Tauno Williams wrote:
>>>
On Wed, 2010-11-03 at 13:04 +0200, Eero Volotinen wrote:
> 2010/11/3 mattias:
On 11/3/10 7:48 AM, Adam Tauno Williams wrote:
> On Wed, 2010-11-03 at 12:49 +, John Hodrien wrote:
>> On Wed, 3 Nov 2010, Adam Tauno Williams wrote:
>>
>>> On Wed, 2010-11-03 at 13:04 +0200, Eero Volotinen wrote:
2010/11/3 mattias:
> How to setup a vpn server on centos?
> I can't
On Wed, 2010-11-03 at 12:49 +, John Hodrien wrote:
> On Wed, 3 Nov 2010, Adam Tauno Williams wrote:
>
> > On Wed, 2010-11-03 at 13:04 +0200, Eero Volotinen wrote:
> >> 2010/11/3 mattias :
> >>> How to setup a vpn server on centos?
> >>> I can't find the pptpd in any repo
> >> PopTop is possib
On Wed, 3 Nov 2010, Adam Tauno Williams wrote:
> On Wed, 2010-11-03 at 13:04 +0200, Eero Volotinen wrote:
>> 2010/11/3 mattias :
>>> How to setup a vpn server on centos?
>>> I can't find the pptpd in any repo
>> PopTop is possibly solution that you are looking for:
>> http://poptop.sourceforge.net
On Wed, 2010-11-03 at 13:04 +0200, Eero Volotinen wrote:
> 2010/11/3 mattias :
> > How to setup a vpn server on centos?
> > I can't find the pptpd in any repo
> PopTop is possibly solution that you are looking for:
> http://poptop.sourceforge.net/ , but ssl-vpn like openvpn is much
> better soluti
Forgot to add that if you google for... hum... "centos pptp",
you will find several howtos...
JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
2010/11/3 mattias :
> How to setup a vpn server on centos?
> I can't find the pptpd in any repo
Hi Matias,
PopTop is possibly solution that you are looking for:
http://poptop.sourceforge.net/ , but ssl-vpn like openvpn is much
better solution (works correctly with any firewalls)
--
Eero
From: mattias
> Yes but there is no good webmin module for openvpn?
> To create a server
> And i only have dynamic ips from my isp
I never used webmin (I prefer to edit conf files) but google says there are
webmin modules for openvpn...
And for the dynamic IP:
http://openvpn.net/index.php/op
list
Subject: Re: [CentOS] Pptp vpn server
Sorry to redirect, but have you considered OpenVPN? If you are only
connecting Win/Mac/Linux/Unix VPN Clients, I find it easy, secure and
robust.
As to PPTP, I'm afraid I cannot help (never needed it/never did it).
On Nov 2, 2010, at 7:39 PM, ma
Sorry to redirect, but have you considered OpenVPN? If you are only connecting
Win/Mac/Linux/Unix VPN Clients, I find it easy, secure and robust.
As to PPTP, I’m afraid I cannot help (never needed it/never did it).
On Nov 2, 2010, at 7:39 PM, mattias wrote:
> How to setup a vpn server on cento
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of "Germán
> Andrés Pulido F."
> Sent: Wednesday, November 26, 2008 12:08 AM
> To: CentOS mailing list
> Subject: Re: [CentOS] PPTP VPN server
>
> Hi!
>
> Th
Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of "Germán
Andrés Pulido F."
Sent: Tuesday, November 25, 2008 11:46 AM
To: CentOS mailing list
Subject: Re: [CentOS] PPTP VPN server
Hi!
Thanks for your help. The free version of vmware is ESXi,
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of "Germán
> Andrés Pulido F."
> Sent: Tuesday, November 25, 2008 11:46 AM
> To: CentOS mailing list
> Subject: Re: [CentOS] PPTP VPN server
>
> Hi!
>
>
Hi!
Thanks for your help. The free version of vmware is ESXi, that's what
you are using right? I also authenticate VPN sessions against the domain
controller, that also works beautifully. Only issue is the reboot of the
server. However, I found that terminal services is not the only think
tha
happy to help find the differences in your setup, or help you "copy"
ours.
-Jason
_
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
"Germán Andrés Pulido F."
Sent: Monday, November 24, 2008 11:31 PM
To: CentOS mailing list
Subject: Re: [CentOS] PPTP
On Nov 24, 2008, at 11:31 PM, "Germán Andrés Pulido F." <[EMAIL PROTECTED]
om> wrote:
Thanks everyone for your help. I still cannot guess what the problem
is with the rebooting of the server, but I'm currently reading about
openvpn, it seems to be the best solution for my issue.
There ha
2008/11/25 Les Mikesell <[EMAIL PROTECTED]>:
> Microsoft has updated PPTP since the only paper I know about was written.
> Does anyone know if there are still problems with it or if the linux
> version is updated to match?
In addition to Filipe's detailed reply - when I was looking at details
for
Thanks everyone for your help. I still cannot guess what the problem is
with the rebooting of the server, but I'm currently reading about
openvpn, it seems to be the best solution for my issue.
Regards.
Filipe Brandenburger wrote:
Hi,
On Mon, Nov 24, 2008 at 12:56, Les Mikesell <[EMAIL PROTE
Hi,
On Mon, Nov 24, 2008 at 12:56, Les Mikesell <[EMAIL PROTECTED]> wrote:
> Microsoft has updated PPTP since the only paper I know about was written.
> Does anyone know if there are still problems with it or if the linux
> version is updated to match?
>From http://pptpclient.sourceforge.net/prot
On Mon, 24 Nov 2008, Les Mikesell wrote:
Bill Campbell wrote:
I would highly recommend using OpenVPN rather than using pptp,
OpenVPN doesn't require kernel support as it's built on top of
SSL, is far more secure than PPTP (the product of ``Kindergarten
Cryptographers'' according to one wel
Bill Campbell wrote:
I would highly recommend using OpenVPN rather than using pptp,
OpenVPN doesn't require kernel support as it's built on top of
SSL, is far more secure than PPTP (the product of ``Kindergarten
Cryptographers'' according to one well-know security paper), and
there are clients f
On Mon, Nov 24, 2008, "Germ?n Andr?s Pulido F." wrote:
> Hi
>
> I've been using linux to give VPN access to my corporate LAN using the
> following software:
>
> Centos 5.2 x86
> kernel 2.6.18-92.1.18.el5xen
> pptpd (poptop) 1.3.4
> ppp 2.4.4
>
Headaches deleted.
I would highly recommend using Op
49 matches
Mail list logo