"Eric M. Hopper" <hopper,AT,omnifarious,DOT,org>|
Re: Cipe still vulnerable?|
Les Mikesell <les,AT,futuresource,DOT,com>|
Wed, 23 Feb 2005 10:39:46 -0600|
On Wed, 2005-02-23 at 10:24, Eric M. Hopper wrote:
> > today I have found a link that claims cipe to be vulnerable for being
> > easy to encrypt by third party and even being vulnerable to replay
> > attacks.
> > The page is quite old but as it is representing a mail archive, it may
> > be up-to-date?
> I'm thinking that IPSEC + NAT-T will work out better for people. Though
> I think IKE is ugly. :-(
Is there an easy way to tell if a NAT device is NAT-T compatible?
Another alternative is OpenVPN, but it looks much more difficult to
configure, especially compared to the RedHat releases that included
CIPE and made it a fill-in-the-form setup.