Groups | Search | Server Info | Keyboard shortcuts | Login | Register

Groups > comp.os.linux.security > #243

Re: VPN Security. How secure is really?

From Lew Pitcher <lpitcher@teksavvy.com>
Newsgroups comp.os.linux.security
Subject Re: VPN Security. How secure is really?
Followup-To comp.os.linux.security
Date 2013-01-23 10:06 -0500
Organization The Pitcher Digital Freehold
Message-ID <kdoua2$qpk$1@dont-email.me> (permalink)
References <87d8ac4b-7e9e-4274-8a30-5692caa97416@googlegroups.com> <rsXIs.32354$Id.12850@newsfe24.iad> <363f7157-b6fe-46f0-aee1-5516b7fcb98e@googlegroups.com> <9DZIs.71318$LS5.35504@newsfe10.iad> <84d6d819-6984-40b2-9b8e-165512d0d549@googlegroups.com>

Followups directed to: comp.os.linux.security

Show all headers | View raw

Ferrous Cranus wrote:

> Understood! Thanks!
> 
> Now to the technical part:
> 
>  [ local_ip:local_port  <=>  external_ip:external:port ]  <=> 
>  [ ISP_gateway:port  <=>  VPN_server:port
> 
> What part of the above is being encrypted?

Potentially, all of it. Possibly, none of it.

Assuming that this diagram represents the "provider" end of a commercial 
enterprise that uses VPN, then even the path from "local" to "VPN" may be 
encrypted, possibly by a pair of commercial, hardwired encryption devices, 
one at each end.

But, then again, you might have that diagram wrong, for commercial 
enterprises. It probably should be drawn as:
  local_ip: <=> VPN_server: <=> external_ip: <=> ISP_gateway:
That's the way I've seen it done in high-security commercial enterprises 
(like banks).

OTOH, assuming that your diagram represents the "provider" end of an 
*amateur* setup, then the path from local to VPN may not even have minimal 
encryption.

The part that's most likely to be encrypted is the part that you /didn't/ 
draw: the VPN_server:port <=> VPN_client:port, which is the "public" part of 
the process, living in the Internet "cloud". But, in a poorly set up VPN, 
even /that/ part might not be encrypted, or may be protected with minimal, 
breakable encryption.

HTH
-- 
Lew Pitcher

Back to comp.os.linux.security | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

VPN Security. How secure is really? Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-01-14 07:45 -0800
  Re: VPN Security. How secure is really? unruh <unruh@invalid.ca> - 2013-01-14 17:42 +0000
    Re: VPN Security. How secure is really? Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-01-14 12:02 -0800
      Re: VPN Security. How secure is really? unruh <unruh@invalid.ca> - 2013-01-14 20:10 +0000
        Re: VPN Security. How secure is really? Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-01-14 22:58 -0800
          Re: VPN Security. How secure is really? Lew Pitcher <lpitcher@teksavvy.com> - 2013-01-23 10:06 -0500
  Re: VPN Security. How secure is really? Lusotec <nomail@nomail.not> - 2013-01-14 18:39 +0000
  Re: VPN Security. How secure is really? Jared Twyler <admin@intl-alliance.com> - 2014-12-28 13:46 -0800

csiph-web