Top

VirtualPrivateNetwork

A Virtual Private Network (VPN) is a method of securely connecting computers over insecure channels.

The basic idea is that all traffic from point-to-point is sent through an encrypted tunnel (invisible to applications).

Because VPNs encrypt all data leaving a computer, insecure protocols (like telnet, ftp, xdm, etc..) can continue to be used through the VPN instead of switching to secure alternatives (ssh, sftp, etc..)

But VPNs are not a panacea. SSH is available in many more places than telnet, and might be faster than telnet over a VPN. sftp is best for most data transfer, but ftp is much faster for downloading large files (like linux .isos :), and with MD5 checksums we can eliminate most problems with corrupt/tampered data.

Problems with VPNs

• VPNs may give a false sense of security: VPN must be configured properly, and users on the same machine might be able to see each others data (anyone confirm/deny this?)
• if any part of the VPN network goes down, all transmissions either cease or are transmitted insecurely.

Another benefit of VPNs is that the encryption can be parcelled out to a coprocessor on a separate card, eliminating strain on the main processor(s) of the computer.

RobinsonTryon - 28 Oct 2002