Date: Thu, 02 Sep 1999 15:42:44 +0400 (MSD) From: "Sergey S. Kosyakov" <ks@Chg.RU> To: freebsd-net@freebsd.org, freebsd-security@freebsd.org, freebsd-users@freebsd.org Subject: New tool for IP secure tunnels Message-ID: <XFMail.990902154244.ks@chg.ru>
next in thread | raw e-mail | index | archive | help
1.0 version of TUND was released. ftp://ftp.chg.ru/pub/networking/freebsd/README. TUND allows for creation IP over IP (current version) tunnels, which can help to organize private networks, secure channels, non-tivial network topologies, etc. TUND can work upon tun(4) interface or divert(4) sockets. With single running process of TUND up to 65534 tunnels can be created. If tunnel is configured to work with tun(4) pseudo-device, it can be feeded with standard IP routing (route add ...) I the case of ipfw(8), when tunnel is configured to work with divert(4) socket, it can be feeded in many ways - by source or destination, by protocol, by ports, etc. TUND supports compression with ZLIB. Compression level can be configured in tund.conf. Data in tunnels can be encrypted with BlowFish, IDEA or RC5 ciphers from OPenSSL. Symmetric keys for ciphers are passed with RSA identification and encryption. Each host running TUND has own RSA private key. Public version of this key should be transferred to other end of tunnel. Random number is mixed with data before encryption for preventing "dictionary" attack. --- ---------------------------------- Sergey Kosyakov Laboratory of Distributed Computing Department of High-Performance Computing and Applied Network Research Landau Institute for Theoretical Physics E-Mail: ks@chg.ru Date: 02-Sep-99 Time: 15:38:56 ---------------------------------- --- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990902154244.ks>