I looked at Hamachi after a mention of it on this list yesterday, and while it seems pretty cools, I have to ask:
Am I the only one who has at least a slight distrust of using a "mediation server" in the middle of a secure connection? Maybe I just don't get it, or I do and am overly paranoid, but this seems to invite snooping, man in the middle attacks, etc... What level of trust do I need to place on servers I have no control over? Kevin -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nick Kovats Sent: Monday, February 28, 2005 6:33 PM To: vnc-list@realvnc.com Subject: A simple, solid and stable P2P Bidirectional NAT Traversal technique for RealVNC users... For the typical users of RealVNC, the prevailing desire seems to be remote connectivity through home routers, corporate firewalls, etc. but the average user may be thwarted by diverse implementations of the "dreaded" Network Address Tranlations (NAT's). Well, NAT has it's uses but hey...I just wanna check in with my home PC! The following workaround will blow RealVNC users away with it's operational simplicity. It's called Hamachi, it can be found at http://hamachi.cc and displays some brilliant Canuck software engineering. Technically it's a P2P bidirectional NAT traversal solution with 3 levels of security, i.e. - DH group - 2048-bit MODP group from RFC 3526 <http://ietf.org/rfc/rfc3526> - Message encryption - AES-256-CBC using ESP <http://ietf.org/rfc/rfc2406>-style padding - Message authentication - 96-bit version <http://ietf.org/rfc/rfc2404> of HMAC-SHA1 <http://ietf.org/rfc/rfc2104> It creates a virtual network adapter on your PC, issues Hamachi virtual IP addresses, i.e. 5.0.23.43 and speaks Hamachi protocol. It's not a "true" P2P implementation, i.e. it uses "mediation" servers to "help" connect the peers. But if you can operate a mouse, you can install and run Hamachi. It's free and about to become very popular. :) And it literally does "punch" right through "most " NAT's. In fact as I type this my Hamachi virtual adapter on my work PC has a solid connection with my home PC. I have inserted the Hamachi issued IP into my RealVNC viewer and, voila...there is my desktop. Remember to install Hamachi on every windows PC you wish to connect to ...in fact you can easily create multiple and distinct Hamachi networks each with their own unique password access. I work for a significantly sized NOC with multiple levels of firewalls, IDS and IPS. It's increasing popularity may soon have security personal frantically rewriting firewall app filter rules but hey...nows the time to try it out. Bottom Line: Install Hamachi on your remote and local PCs. Create a network name and "common" network password. Add "trusted" users by Hamachi IP or by nickname. You can also "evict" them...in Hamachi parlance. You now can enjoy an encrypted, operational and free virtual private network (VPN) that you can start tunneling your favorite applications right through, i.e. RealVNC. Have fun.... NK in Toronto _______________________________________________ VNC-List mailing list VNC-List@realvnc.com To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list VNC-List@realvnc.com To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
