RE: What do you guys think about this?|
Rod Boyce <rod_boyce,AT,stratexnet,DOT,com>|
Tue, 23 Sep 2003 16:34:55 +1200|
I don't very often respond to this kind of stuff. When I think of Linux and
VPN I consider Linux my Swiss army knife of VPN stuff. If I want a think
VPN then works over UDP/IP with good enough encryption for my needs I choose
CIPE. If I need to connect to a window network with an existing PPTP VPN
then I use the PPTP client. If I want temporary tunnels between Linux end
points that I use SSH. I have never need any thing else. CIPE is the best
and easiest to set up permanent VPN I have ever come across the fact that is
works well over the internet with any special route configuration is great
in my opinion.
When I evaluate these kind of technologies I set up a complete test
environment, perform many simple test and make an informed decision.
This is what I do and for my and my customers needs CIPE is the best
permanent VPN I have test out.
> -----Original Message-----
> From: Mailing Lists [mailto:groups,AT,hasely,DOT,com
> Sent: Tuesday, 23 September 2003 4:16 p.m.
> To: cipe-l,AT,inka,DOT,de
> Subject: Re: What do you guys think about this?
> How about some ranting, and raving on Slashdot.?
> On Monday, September 22, 2003, at 08:54 PM, Russell Berry wrote:
> > yeah, pissed me off too. But you hit the nail on the head with
> > infantile in
> > the same paragraph with Gutmann. Rant away....
> > ---russ
> > Russell Berry
> > Berrex Computer Solutions
> > http://www.berrex.com
> > Russ,AT,berrex,DOT,com
> > 1-877-558-9507
> > ----- Original Message -----
> > From: "Damion Wilson" <dwilson,AT,ibl,DOT,bm>
> > To: "Groups" <groups,AT,hasely,DOT,com>
> > Cc: <cipe-l,AT,inka,DOT,de>
> > Sent: Monday, September 22, 2003 11:20 PM
> > Subject: Re: What do you guys think about this?
> >> Alright. I've just seen this on Slashdot and a few things pissed me
> >> off:
> >> 1. CIPE has apparently been declared a "dead" project.
> >> 2. The cursory analysis by Peter Gutmann appears to have missed subtle
> > things.
> >> For instance, CIPE primarily using Blowfish (and not IDEA).
> >> 3. The apparent zeal with which all non IPSec or SSL implementations
> >> are
> >> attacked as basically infantile and not worth entertaining smacks of
> >> patronising.
> >> 4. Some issues are stated as being known "years ago" and ignored. I
> >> don't
> >> recall the issues he raises as having crossed my 5 year participation
> >> on
> > this
> >> list, the "man in the middle" vulnerability notwithstanding. We
> >> appear to
> >> have voted for simplicity in this regard, correct me if I'm wrong.
> >> It's
> >> easier to believe that your ISP isn't out to get you.
> >> If Mr. Gutmann had bothered to peruse the mailing list archives (the
> >> link
> > was
> >> right on the same page as the protocol description), He might have
> >> had the
> >> chance to determine what was important to the userbase and, instead of
> >> declaring CIPE, Tinc, OpenVPN, et al. "dead", He might have realised
> >> what
> > was
> >> important enough to them to specifically eschew IPSec, etc in
> >> choosing our
> >> specific flavours of VPN.
> >> He deems us stupid and foolhardy for making the decision to use these
> >> products, develop for them, and show loyalty to them in the face of
> > software
> >> and techniques that he prefers. Apparently, we're all a bunch of
> >> idiots
> > and
> >> it only took him a 30 minute or more analysis for him to determine
> >> it, and
> >> the other projects weren't as lucky. Let's all remember the Andrew
> > Tanenbaum
> >> v Linus Torvalds "discussion" over the relative technical merits of
> >> Minix
> >> over Linux.
> >> I'm still pissed. I need to rant some more later
> >> I'd like to know if Olaf has anything to say about it, though. Peter
> > Gutmann
> >> apparently attempted to contact him.
> >> DKW
> >> On Monday 22 September 2003 08:57 pm, Groups wrote:
> >>> I've been using CIPE for over a year now, and my boss just forwarded
> > this
> >>> link, http://www.mit.edu:8008/bloom-picayune/crypto/14238, to a
> >>> posting
> >>> about the security of CIPE. Does anyone have any arguments that may
> > help
> >>> me out?
> >>> --
> >>> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> >>> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> >>> Other commands available with "help" in body to the same address.
> >>> CIPE info and list archive:
> >>> <URL:http://sites.inka.de/~bigred/devel/cipe.html>
> >> --
> >> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> >> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> >> Other commands available with "help" in body to the same address.
> >> CIPE info and list archive:
> > <URL:http://sites.inka.de/~bigred/devel/cipe.html>
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: