| Stephen Slaughter on 29 May 2011 15:36:58 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] VPN |
I'm concerned that you might not understand how a VPN actually helps
to secure traffic.
VPNs securely get data from point A to point B without risk of
interception or modification.
> Is there any way to configure one machine as both server and client?
So, you want to securely get data from machine A to machine A without
anybody in-between intercepting it. What exactly is your threat
model? Nobody can intercept it without having local access (likely
root), and somebody with local root can just read anything you have
right out of RAM.
>
> Is it possible to host a virtual machine as the OpenVPN server with Virtual
> box while running the client software on the same physical machine?
>
Sure. That would let you securely send network data between the host
and the virtual server without interception on the wire, although in
this case it doesn't actually go over a wire where it could be
intercepted anyway.
> Do any of you know of an alternative VPN solution I can use which does not
> require hosting a server?
>
None that are sane. Of course anything can be a server - including
many linksys routers with the right firmware.
I think you might have the wrong idea concerning VPN. Data that goes
over a VPN isn't magically "more secure" - it is only secure from
interception while it is in transit over the VPN. If the VPN server
then passes it onto the regular internet in the clear then it is as
vulnerable as it would otherwise be. VPN is a point-to-point
communication protocol. If your two points are the same, it just is
added complexity.
The typical use case for VPN is that you want to let somebody in a
hotel connect to your corporate network as if they were plugged right
into it, and thus be able to get into local server resources that you
don't expose to the internet at large.
You could use it to set up a tunnel between your network and a
friend's so that they appear to be a single network and you can print
or play games or whatever as if you were on the same LAN, but without
much risk of hackers exploiting your local machines.
Another big use case is to set up your wireless to go into a network
with nothing on it but a VPN server, and then send your traffic over
VPN from your laptop to the VPN server, thus securing it from the next
big WiFi attack method. In that case the client would be on your
laptop, and the server would be a PC on your network.
Hope that helps a little. Note, I am by no means an expert on VPN.
Rich
------------------------------
Message: 3
Date: Sat, 28 May 2011 16:04:10 -0400
From: "Eric at Lucii.org" <eric@lucii.org>
Subject: Re: [PLUG] VPN
To: Philadelphia Linux User's Group Discussion List
<plug@lists.phillylinux.org>
Message-ID: <4DE1553A.6090007@lucii.org">4DE1553A.6090007@lucii.org>
Content-Type: text/plain; charset=windows-1252
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Steve:
What are you trying to VPN to? I have not used OpenVPN but I have used the open
source PTPP to connect to Microsoft networks with great success.
You'll always need a server on the other end to connect to but you should not
need a separate server on your end of the VPN tunnel.
Eric
On 05/28/2011 03:49 PM, Stephen Slaughter wrote:
> I'm in a Linux Noob and interested in securing my internet traffic with a VPN.
>
> I tried to install OpenVPN, but, correct me if I'm wrong, it appears that I need
> to configure a separate physical server machine with the software, in addition
> to the client, which would be my Linux box in this case.
>
> Is there any way to configure one machine as both server and client?
>
> Is it possible to host a virtual machine as the OpenVPN server with Virtual box
> while running the client software on the same physical machine?
>
> Do any of you know of an alternative VPN solution I can use which does not
> require hosting a server?
>
> Thank you!
> Stephen
>
>
>
> --
> "We can only see a short distance ahead, but we can see plenty there that needs
> to be done.?
> - Alan Turing
>
>
>
>
> ___________________________________________________________________________
> Philadelphia Linux Users Group -- http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
- --
# Eric Lucas
#
# "Oh, I have slipped the surly bond of earth
# And danced the skies on laughter-silvered wings...
# -- John Gillespie Magee Jr
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk3hVToACgkQ2sGpvXQrZ/7XqgCfYzUhpsUuCcKGV3mmncrbpxwi
zakAoJjqbOWOLnWEIG1aLjLPuSpt9yj6
=lzNf
-----END PGP SIGNATURE-----
------------------------------
_______________________________________________
plug mailing list
plug@lists.phillylinux.org
http://lists.netisland.net/mailman/listinfo/plug
End of plug Digest, Vol 78, Issue 32
************************************
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug