<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: Keeping CIPE link Up
From: "Les Mikesell" <lesmikesell,AT,home,DOT,com>
Date: Sat, 4 Aug 2001 22:48:22 +0200
In-reply-to: <CJELIEBEFNCJAOMOOMNNOECBCCAA.lesmikesell@home.com>

> From: "Peter van den Heuvel" <peter,AT,asylum,DOT,xs4all,DOT,nl>
[...]
> I hope this answer is clear and that we can close the topic. If I'm
> capable I would like to help anybody who's using cipe to strengthen
> security and extend network functionality as I would guess it was
> intended for. I simply don't like to support usage of cipe as a firewall
> busting tool by ignorant users. Of course you are the exception with
> completely legitimate reason, but I hope I made my point of view clear
> enough.

While I agree with your overall point that the network admin should
control things, I must disagree with almost all of the individual
statements relating to technical problems helping accomplish
this goal.  If CIPE doesn't work as the tunnel carrier, someone
needing a tunnel will just use a different tool, like PPTP or
ppp-over-ssh or something much worse like tunneling over http.
Or, in the case of the stateful NAT firewall, they'll do something
like pinging the other tunnel endpoint every few seconds to keep
the port open (which is what I did until the building service at the
remote office got around to making the change I requested...).

   Les Mikesell
      lesmikesell,AT,home,DOT,com 





<< | Thread Index | >> ]    [ << | Date Index | >> ]