From owner-freebsd-questions@FreeBSD.ORG  Mon Apr  3 10:55:08 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9225D16A422
	for <freebsd-questions@freebsd.org>;
	Mon,  3 Apr 2006 10:55:08 +0000 (UTC)
	(envelope-from wmoran@collaborativefusion.com)
Received: from mx00.pub.collaborativefusion.com
	(mx00.pub.collaborativefusion.com [206.210.89.199])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F423E43D49
	for <freebsd-questions@freebsd.org>;
	Mon,  3 Apr 2006 10:55:07 +0000 (GMT)
	(envelope-from wmoran@collaborativefusion.com)
Received: from localhost (monrovll-cuda1-24-53-251-44.pittpa.adelphia.net
	[24.53.251.44])
	(AUTH: LOGIN wmoran, TLS: TLSv1/SSLv3,256bits,AES256-SHA)
	by wingspan with esmtp; Mon, 03 Apr 2006 06:55:06 -0400
	id 00056410.4430FF0A.00004974
Date: Mon, 3 Apr 2006 06:55:06 -0400
From: Bill Moran <wmoran@collaborativefusion.com>
To: nospam@mgedv.net
Message-Id: <20060403065506.2e078e35.wmoran@collaborativefusion.com>
In-Reply-To: <00b101c65709$7cd342e0$0a86a8c0@avalon.lan>
References: <44303AE1.4040404@mac.com>
	<00b101c65709$7cd342e0$0a86a8c0@avalon.lan>
Organization: Collaborative Fusion
X-Mailer: Sylpheed version 1.0.6 (GTK+ 1.2.10; i386-portbld-freebsd5.4)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: hunting for secure fileserver-connection!
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Apr 2006 10:55:08 -0000

"No@SPAM@mgEDV.net" <nospam@mgedv.net> wrote:

> 
> > If you don't trust CIFS/Samba enough to be secure against local sniffers,
> and
> > you won't run IPsec, you're left with odd things like Sun's SecureNFS
> software,
> > only I doubt that's available for a FreeBSD fileserver.
> that's what i was afraid of. ipsec would be great, if it was possible to
> have it
> setup itself against the server each time you login (maybe windows logon)
> but theres
> always a client software needed, and in most cases, you're not able to
> access other
> networks smoothly if connected.

I've never actually used it, but IPsec in transport mode should be
capable of what you want, and should not have the negative side effects
you describe.

At least that's the way it's designed.  It might be implemented poorly on
Windows, I don't know.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com