[PLUG] Security Alert about VPN

LeRoy Cressy on Tue, 23 Sep 2003 08:36:07 -0400

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Security Alert about VPN

From: LeRoy Cressy <leroy@lrcressy.com>

To: PLUG <plug@lists.phillylinux.org>

Subject: [PLUG] Security Alert about VPN

Date: Tue, 23 Sep 2003 08:31:02 -0400

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Hi All,

I Saw the following article on http://slashdot.org http://slashdot.org/articles/03/09/22/2127236.shtml?tid=106&tid=126&tid=172&tid=185 which lead me to this great article "Linux's answer to MS-PPTP" http://www.mail-archive.com/cryptography%40metzdowd.com/msg00891.html

With your interest in security and those who are considering setting up a VPN I would take this information very seriously. The worse thing that can happen is to think that you are secure when you are not.

Use Encryption Well

Anyone can use encryption. Unfortunately, its also true anyone can use encryption badly. Using encryption badly is worse than not using encryption at all. If you know that you are not using encryption, you will probably be careful with the files and email messages that contain information that you would like to keep secret. You might think twice before creating documents that contain damaging information. But if you are using bad encryption or if you are using good encryption badly, you might be lulled into a false sense of security while your confidential information remains available to others.

Simson Garfinkel, "PGP: Pretty Good Privacy" (Sebastopol, CA: O'Reilly & Associates, 1995), p. 10.

The above quote is appropriate to the information about protecting your network. It is time for the Open Source community to wake up and fix the holes in some of the security tools.

- -- Rev. LeRoy D. Cressy mailto:leroy@lrcressy.com /\_/\ http://lrcressy.com ( o.o ) Phone: 215-535-4037 > ^ <

gpg fingerprint: 62DE 6CAB CEE1 B1B3 359A 81D8 3FEF E6DA 8501 AFEA

For info on enigmail: http://lrcressy.com/linux/mozilla.pdf For info on gpg: http://www.gnupg.org/

Jesus saith unto him, I am the way, the truth, and the life: no man cometh unto the Father, but by me. (John 14:6) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org

iD8DBQE/cD0RP+/m2oUBr+oRAlcCAJ9hhkq9YSXsiC4pD5v0ncrOoRsNvACdFvcK qc7J9Yy2Nm+OVG8sjPXOjeM= =njbe -----END PGP SIGNATURE-----

_________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Security Alert about VPN
From: Paul <emailme@dpagin.net>

Prev by Date: Re: [PLUG] Firewall Check

Next by Date: Re: [PLUG] Where to buy hobbyist electronics parts?

Previous by thread: RE: [PLUG] Where to buy hobbyist electronics parts?

Next by thread: Re: [PLUG] Security Alert about VPN

Index(es):

Date

Thread