Re: Securing tcp data

From: Barry Margolin (barmar_at_alum.mit.edu)
Date: 11/11/05

• Next message: Anon: "Encrypted traffic"
• Previous message: Todd Knarr: "Re: Broadband on W98 - firewall necessary?"
• In reply to: Mark: "Re: Securing tcp data"
• Next in thread: Mark: "Re: Securing tcp data"
• Reply: Mark: "Re: Securing tcp data"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 10 Nov 2005 20:21:48 -0500

In article <tgu6n19grlajgthbakerce157s4mecon9t@4ax.com>,
 Mark <nospam@nospam.hello> wrote:

> On 10 Nov 2005 09:32:02 -0600, comphelp@toddh.net (Todd H.) wrote:
>
> >Mark <nospam@nospam.hello> writes:
> >> Hi,
> >>
> >> We need to secure the communication between a tcp/ip server and a
> >> remote client.
> >
> >You might also consider some simple VPN hardware appliances. They're
> >quite inexpensive these days.
> >
> >Implementation specifics and choice of technology depend on a lot of
> >things that exist on both ends already. SSL will certainly provide
> >transport layer security of the data, but it's not clear to me how it
> >alone can provide you authentication and authorization functionality.
>
> At the moment it is entirely unsecured -- so any security would be
> better :-)
>
> The clients are numerous and are connecting from many locations so I
> think a hardware solution may be too costly. The code is all written
> in C, at present, using the standard socket stuff. The server-side
> software is written by us and the client side consists of a simple
> library (again supplied by us) for the customers to integrate into
> their applications.

There are software IPSEC VPN clients available for most operating
systems.

Another solution is SSL VPN, i.e. a reverse proxy. The SSL server can
do authentication and authorization.

-- 
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

• Next message: Anon: "Encrypted traffic"
• Previous message: Todd Knarr: "Re: Broadband on W98 - firewall necessary?"
• In reply to: Mark: "Re: Securing tcp data"
• Next in thread: Mark: "Re: Securing tcp data"
• Reply: Mark: "Re: Securing tcp data"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: SBS VPN connects but no shares.. ... VPN clients can no longer access internal resources after you install ... Windows Server 2003 Service Pack 1 on a computer that is running ISA Server ... How to configure a VPN connection to your corporate network in Windows XP ... (microsoft.public.windows.server.sbs) Re: Consider offline files and VPN domain joined clients. ... Everything seems to be going well after a few quirks with adding the vpn connected client computers to the domain. ... The server and server clients is connected to teh internets through a gigabit network, the vpn clients connects to the server from an 8 Mbit connection. ... (microsoft.public.windows.server.sbs) Re: Unable to access hosts by name across a PPTP VPN connection ... How many remote clients ... Home) will only accept one incoming VPN connection at a time using the ... network and as new machines are used as VPN clients. ... (microsoft.public.windowsxp.work_remotely) Re: SBS VPN Strengthening ... to my other clients, so a software only configuation would be preferred. ... Have SBS 2003 along with Server 2003 at various sites, ... each location and they would establish the VPN between those offices. ... connect to remote offices you could use a hub and spoke method VPN or use ... (microsoft.public.windows.server.sbs) RE: VPN issue ... I understand that you cannot initialize the VPN ... Could you please let me know if this is a Premium SBS server box with ISA ... To support the PPTP VPN clients behind the ISA server, ... (microsoft.public.windows.server.sbs)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint