Date: Fri, 29 May 1998 08:29:07 -0400 From: "Jim Flowers" <jflowers@ezo.net> To: "spork" <spork@super-g.com>, "Open Systems Networking" <opsys@mail.webspan.net> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: FreeBSD Tunneling Message-ID: <01bd8afd$5fdb2bc0$8a8266ce@violet.eznets.canton.oh.us>
next in thread | raw e-mail | index | archive | help
I have no particular interest in defending SKIP which is available for FreeBSD only because DEC did a reference implementation back at 2.1.0 and 2.1.5. I had to do quite a bit of code juggling to get it to compile with 2.2.5 which resulted in a pretty good understanding of how it works. I have used it successfully with fbsd to fbsd and Win95 to NT. From NT/Win95 to fbsd it provides authentication and encapsulation but with no common encryption methods for transit keys it's in cleartext. I also use an upgrade (3.0?) for the NT/Win95 program which may not have ever been released, freely. I found that there was a great deal of documentation of very high quality at the user level including a fairly decent powerpoint presentation. The "how it works" at the program level could use updating to match the current operation but it's a 10% job, not a 90% job. And of course it could benefit from patches to use with current. There are three or four modules that are caught in macro processing differences from 2.1.X to 2.2.X. All told, I think it's a currently usable option for someone willing to spend the time. I have one tunnel coupling two private networks over the Internet with full encryption and encapsulation running for six months without a hiccup. -----Original Message----- From: spork <spork@super-g.com> To: Open Systems Networking <opsys@mail.webspan.net> Cc: freebsd-security@FreeBSD.ORG <freebsd-security@FreeBSD.ORG> Date: Friday, May 29, 1998 1:01 AM Subject: Re: FreeBSD Tunneling > >> I was going to write a section in the handbook for SKIP once I got it >> working but im quite convinced SKIP sucks, and while no one likes writing >> doc's I have seen more documentation on "undocumented" kernel options >> thatn SKIP. Im sure once its working it is probably nice, but I think the >> implementation must be piss poor if so many people are finding it >> impossible to get configured. > >It seems particularly difficult to make it work from FBSD<->win95... >Reminded me of getting the windows 5.5.5 pgp to work with the ol' 2.6.3 on >Unix... There's always gotta be a 'gotcha'. > >Charles > >> >> > Agreed on both accounts. Keep in touch w/ me if you want testers, etc. >> >> I'd be happy to test it as well. >> >> Chris >> >> -- >> "I don't do favors, I accumulate debts" >> >> ===================================| Open Systems Networking And Consulting. >> FreeBSD 2.2.6 is available now! | Phone: 316-326-6800 >> -----------------------------------| 1402 N. Washington, Wellington, KS-67152 >> FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net >> http://www.freebsd.org | Consulting-Network Engineering-Security >> ===================================| http://open-systems.net >> >> -----BEGIN PGP PUBLIC KEY BLOCK----- >> Version: 2.6.2 >> >> mQENAzPemUsAAAEH/06iF0BU8pMtdLJrxp/lLk3vg9QJCHajsd25gYtR8X1Px1Te >> gWU0C4EwMh4seDIgK9bzFmjjlZOEgS9zEgia28xDgeluQjuuMyUFJ58MzRlC2ONC >> foYIZsFyIqdjEOCBdfhH5bmgB5/+L5bjDK6lNdqD8OAhtC4Xnc1UxAKq3oUgVD/Z >> d5UJXU2xm+f08WwGZIUcbGcaonRC/6Z/5o8YpLVBpcFeLtKW5WwGhEMxl9WDZ3Kb >> NZH6bx15WiB2Q/gZQib3ZXhe1xEgRP+p6BnvF364I/To9kMduHpJKU97PH3dU7Mv >> CXk2NG3rtOgLTEwLyvtBPqLnbx35E0JnZc0k5YkABRO0JU9wZW4gU3lzdGVtcyA8 >> b3BzeXNAb3Blbi1zeXN0ZW1zLm5ldD4= >> =BBjp >> -----END PGP PUBLIC KEY BLOCK----- >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe security" in the body of the message >> > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01bd8afd$5fdb2bc0$8a8266ce>