similar to: [olug] TINC

There were a few notes in this thread that may indicate open areas for development. I forward merely as FYI. http://www.metzdowd.com/pipermail/cryptography/2015-January/024231.html ---------- Forwarded message ---------- From: Peter Gutmann <pgut001 at cs.auckland.ac.nz> Date: Sun, Jan 4, 2015 at 9:29 PM Subject: Re: [Cryptography] Why aren?t we using SSH for everything? To: calestyo at

Richard Atterer wrote: >On Tue, Mar 02, 2004 at 10:00:58PM +0100, I.R. van Dongen wrote: > > >>You might want to check tinc (http://tinc.nl.linux.org) >> >> > >I strongly recommend *not* to use tinc. ><http://www.securityfocus.com/archive/1/249142> illustrates that the >authors didn't have enough expertise to build a secure tool 2 years ago.

Hello, I just read this document, especially the section about Tinc : http://www.cs.auckland.ac.nz/~pgut001/pubs/linux_vpn.txt It's an old one, but i would like to know the state of the Tinc security level for now. I don't scared about possible security weakness of Tinc because i only use it over our internal operator network (MPLS), but maybe one day will come the need to connect a

Damien, What is the best document to use for documentation on SFTP? In other words, if I want to build an SFTP client library based on libssh.a, is there documentation about the series of messages I need to send over the wire? Thanks, ScottN -----Original Message----- From: openssh-unix-dev [mailto:openssh-unix-dev-bounces+scott_n=xypro.com at mindrot.org] On Behalf Of Damien Miller Sent:

Hello All, I have been trying to get a feel for the Tinc sources because I would like to see about developing a version of Tinc that uses threads and also incorporated the idea of groups so that when a user starts up their daemon they can join one or more groups. I know that you can establish multiple "networks" on a single daemon, but from what I understand, you also have to have

Hello all, If you try to make a TCP connection to a host, and the host is down, timeouts can be as long as an hour. This is not specific to ssh, or OS. Is this a scenario worth working around, e.g. with a timer when connecting or the like? -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems.

Yeah that's the one. On Nov 6, 2014 1:23 PM, "Tristan Matthews" <le.businessman at gmail.com> wrote: > On Thu, Nov 6, 2014 at 4:20 PM, Cameron Gutman <aicommander at gmail.com> > wrote: > > _WIN32, WIN32, WIN64, and _WIN64 are the wrong definitions to be gating > this > > on in the first place. They aren't at all meant to be x86/x86-64 >

Is there any consensus on what's the correct fix here? Jean-Marc On 06/11/14 04:26 PM, Cameron Gutman wrote: > Yeah that's the one. > > On Nov 6, 2014 1:23 PM, "Tristan Matthews" <le.businessman at gmail.com > <mailto:le.businessman at gmail.com>> wrote: > > On Thu, Nov 6, 2014 at 4:20 PM, Cameron Gutman > <aicommander at gmail.com

Darren Tucker <dtucker at zip.com.au> writes: >That's a vendor-modified version of OpenSSH. Assuming it corresponds to >what's in FreeBSD head, there's about a thousand lines of changes. Ugh. >Can you reproduce the problem with an unmodified version from openssh.com? >Failing that, can you get the server-side debug output from a failing >connection (ie

I have clients, which connectin to Internet through vpn. I want to dynamically share bandwith between vpn connections, so if there few connections, then they get all bandwith, if more then they get their minimal guaranteed bandwith. my idea is: ip-up.local: tc class add dev $DEV parent 1:1 classid 1:2${1/ppp/} htb rate $[$RATEUP/$VPNS]kbit ceil ${RATEUP}kbps tc filter add dev $DEV protocol ip

Hi, I use shorewall on 2 computers and I''m really happy with it. But now I came over a special case where my wisdom ends. I have 2 VPNs running via FreeS/WAN on the firewall host, and now I want to replace my hand made setup with shorewall. I use the same FreeS/WAN setup as it is working already. I read through the documentation but there are only examples of 1 static net2net VPN and 3

I use 3 Ubuntu server 14.04 as KVM guest. Now I run 5 tinc vpns in switch mode. I use the same key for every vpn. Every kvm has connect to the two other servers. I need 5 vpns to have 5 networks connected but seperated. 1 vpn was running fine, but now that I run 5 vpns, my kvm crashes sometimes. Especially when I stop tinc. I used tinc 1.0.26 from repo. Now I tried tinc 1.1 pre, same problem but

_WIN32, WIN32, WIN64, and _WIN64 are the wrong definitions to be gating this on in the first place. They aren't at all meant to be x86/x86-64 specific. At best, they're 32-bit/64-bit specific, but that's not the intended use in the code. The correct definitions are _M_IX86 and _M_X64, as Martin said. I sent a patch to this ML that fixed these a few months ago but it was

Hello, More than a week ago Peter Gutmann contacted us and showed us a writeup in which he analysed CIPE, VTun and tinc. A few days ago he posted this to a cryptography mailing list, and someone posted this on Slashdot. In response we've added a new section to the website dedicated to the current security issues. Currently, you can find our response to Peter Gutmann's analysis there:

Hello, More than a week ago Peter Gutmann contacted us and showed us a writeup in which he analysed CIPE, VTun and tinc. A few days ago he posted this to a cryptography mailing list, and someone posted this on Slashdot. In response we've added a new section to the website dedicated to the current security issues. Currently, you can find our response to Peter Gutmann's analysis there:

I have built a fedora 3 test box that has 4 pptp client vpn''s from my T-1 to a Group of businesses (test environment). The businesses all have pptp vpn concentrators on their ends. The purpose is that all of the businesses will be at an offsite location together for a 3 day sale. I have the box working now with the latest ver of shorewall with two nics on this fedora box eth0 will

On Sat, Mar 26, 2016 at 12:03:48AM +0100, albi at life.de wrote: > 1 vpn was running fine, but now that I run 5 vpns, my kvm crashes sometimes. Especially when I stop tinc. > I used tinc 1.0.26 from repo. > Now I tried tinc 1.1 pre, same problem but less often. > > Any help or idea why system crashes? So the KVM instance itself crashes? Or Linux inside the VM? Any error messages

Hi, I configured 2 vpn's between 2 servers. When starting the tinc on each server. De 2 vpns's look like 1 vpn. Can tinc be configure for multiple vpn's between 2 hosts or more. Lets say there are 3 servers A, B and C. I want a tinc vpn between host A en host B. And a second vpn between host B en C without is becoming one vpn. And for example a third vpn between host A en host

I am trying shorewall as my previous post With alisias on eth1 loc and 4 pptp client vpns. The odd thing is when I enter one of the vpns in interfaces such as vpn1 it works. But if I enter the vpn in the hosts file shorewall blocks the vpns. shorewall/hosts #ZONE HOST(S) OPTIONS loc eth1:192.168.25.0/24 loctw eth1:192.168.50.0/24 locsa eth1:192.168.75.0/24 vpntw

Hello, Researchers have shown that many operating systems, sometimes in default configurations, allow packets to be received on an interface with a destination address that does not match a route that would send return packets back out of that interface. For example, you have a LAN interface which uses the address range 192.168.1.0/24, and a WAN interface with a public IP address. In some