[plug] CIPE / VPN
Craig Ringer
craig at postnewspapers.com.au
Tue Oct 21 16:45:41 WST 2003
>> It got bagged really badly by a security type recently - on the IETF
>> IPSec list, I think. OTOH, I can't seem to find it now, so all I can
>> tell you is that they guy's opinion of CIPE's security was less than
>> glowing. Alas, the "easy" alternatives are all apparently worse,
>> especially PPTP.
>
> It did indeed, and about half of his concerns were quite well founded.
> The other half it turns out were based on a lack of research into the
> way cipe works..
Fair enough.
> The security applied only has to be higher than the *real* (not
> percieved) threat. Do your risk analysis and determine what you are
> actually worried about.
Indeed. Personally, I think the real-world chances of an attack against
a CIPE tunnel are rather low, unless perhaps the tunnel terminates at a
really juicy target like
"remoteadmin.creditcardprocessing.bankwest.com.au" ;-)
Nonetheless, I've used PPP over ssh because ssh tunnels are known to be
pretty safe, the compression is useful, and because it's quite portable.
Craig Ringer
_______________________________________________
plug mailing list
plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug
More information about the plug
mailing list