RE: [SLUG] Win2k - Linux VPN

[Rob B <rbyrnes@xxxxxxxxxxxxxx>]

At 04:55 PM 13/03/03, Adam W sent this up the stick:
> Just on this topic of VPN's. I have been meaning to ask everybody. How
> secure are VPN's in terms of packet sniffers/encryption etc. The company
> that I work for has decided to use citrix Nfuse or whatever the S^#@ is!
> Because they argue that using a VPN is insecure - I totally disagree
> with this, as I know massive multi-national corporations use these and
> rely on these. And as if these companies would use this if it was
> insecure.

A IPSEC VPN seems to be most secure out of these technologies, when I 
worked for a large ISP we used to implement them (with 3DES encryption and 
key regeneration every hour).  Since the actual keys aren't transmitted, 
they can't be sniffed.  They were a nice cash cow for us, being a managed 
service and all.

However, you still want a firewall or the like protecting the VPN box, if 
the VPN box is compromised, then the whole VPN is compromised too.

cheers,
rob

--
It was such a lovely day I thought it a pity to get up.

This is random quote 724 of 1254.

Distance from the centre of the brewing universe
[15200.8 km (8207.8 mi), 262.8 deg](Apparent) Rennerian

Public Key fingerprint = 6219 33BD A37B 368D 29F5  19FB 945D C4D7 1F66 D9C5