SlideShare uma empresa Scribd logo

Cheap vpn

Transferir como PPT, PDF
Swarup Kumar Mall
Swarup Kumar Mall
1 de 16
The Poor Person's VPN Or is it “The Lazy Person's VPN”? Hugh Mahon - hm@mahon.cwx.net
What is a VPN? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why VPNs? ,[object Object],[object Object]
Two Sites
Two Sites – One Virtual Site
Tunnel Technologies ,[object Object],[object Object],[object Object],[object Object]
What is SSH? ,[object Object],[object Object],[object Object],[object Object],[object Object]
PPP ,[object Object],[object Object],[object Object],[object Object],[object Object]
Setting up SSH ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Setting up PPP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Making it simple: footunnel ,[object Object],[object Object],[object Object],[object Object]
The script: footunnel ,[object Object],[object Object],[object Object],[object Object],[object Object]
Simple Performance comparison No VPN time=6 sec. Copy w/ VPN Mid-transfer End of transfer time = 58 sec. File size=17,515 kB
Uses for the script ,[object Object],[object Object],[object Object],[object Object]
Wireless Example
Resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recomendados

Linux02 install SSh
Linux02 install SShLinux02 install SSh
Linux02 install SShJainul Musani
 
CentOS Server Gui Initial Configuration
CentOS Server Gui Initial ConfigurationCentOS Server Gui Initial Configuration
CentOS Server Gui Initial ConfigurationKaan Aslandağ
 
CentOS Server CLI Configuration (Nmcli & Hosts)
CentOS Server CLI Configuration (Nmcli & Hosts)CentOS Server CLI Configuration (Nmcli & Hosts)
CentOS Server CLI Configuration (Nmcli & Hosts)Kaan Aslandağ
 
Configuration of BIND DNS Server On CentOS 8
Configuration of BIND DNS Server On CentOS 8Configuration of BIND DNS Server On CentOS 8
Configuration of BIND DNS Server On CentOS 8Kaan Aslandağ
 
Logging remotely open ssh
Logging remotely open sshLogging remotely open ssh
Logging remotely open sshVisha Parasuraman
 
Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Avansa Mid- en Zuidwest
 
Commands
CommandsCommands
CommandsAbhishek Tiwari
 
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS NetProtocol Xpert
 

Recomendados

Linux02 install SSh
Linux02 install SShLinux02 install SSh
Linux02 install SShJainul Musani
 
CentOS Server Gui Initial Configuration
CentOS Server Gui Initial ConfigurationCentOS Server Gui Initial Configuration
CentOS Server Gui Initial ConfigurationKaan Aslandağ
 
CentOS Server CLI Configuration (Nmcli & Hosts)
CentOS Server CLI Configuration (Nmcli & Hosts)CentOS Server CLI Configuration (Nmcli & Hosts)
CentOS Server CLI Configuration (Nmcli & Hosts)Kaan Aslandağ
 
Configuration of BIND DNS Server On CentOS 8
Configuration of BIND DNS Server On CentOS 8Configuration of BIND DNS Server On CentOS 8
Configuration of BIND DNS Server On CentOS 8Kaan Aslandağ
 
Logging remotely open ssh
Logging remotely open sshLogging remotely open ssh
Logging remotely open sshVisha Parasuraman
 
Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Avansa Mid- en Zuidwest
 
Commands
CommandsCommands
CommandsAbhishek Tiwari
 
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS
SITE TO SITE IPSEC VPN TUNNEL B/W CISCO ROUTERS NetProtocol Xpert
 
Strongswan ipsec vpn_linux_strongswan_ip
Strongswan ipsec vpn_linux_strongswan_ipStrongswan ipsec vpn_linux_strongswan_ip
Strongswan ipsec vpn_linux_strongswan_ipHary HarysMatta
 
Lab1 dhcp-server
Lab1 dhcp-serverLab1 dhcp-server
Lab1 dhcp-serverHudson Gwambe
 
Firewalld LAB
Firewalld LABFirewalld LAB
Firewalld LABKaan Aslandağ
 
Socket.io v.0.8.3
Socket.io v.0.8.3Socket.io v.0.8.3
Socket.io v.0.8.3Maryna Vasina
 
Trace route
Trace route Trace route
Trace route NetProtocol Xpert
 
Configuring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallConfiguring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
 
Mininet demo
Mininet demoMininet demo
Mininet demoMomina Masood
 
TCP Intercept
TCP InterceptTCP Intercept
TCP InterceptNetwax Lab
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2T. J. Saotome
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Enumeration
EnumerationEnumeration
EnumerationUTD Computer Security Group
 
CCNA Security configuration
CCNA Security configurationCCNA Security configuration
CCNA Security configurationRafat Khandaker
 
Openvpn
OpenvpnOpenvpn
Openvpnmato2012
 
Packet Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFPacket Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFRafat Khandaker
 
Syslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress GuideSyslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress GuideAbhishek Kumar
 
OpenVPN
OpenVPNOpenVPN
OpenVPNEmil CHERICHEȘ
 
Configuration IPTables On CentOS 8
Configuration IPTables On CentOS 8Configuration IPTables On CentOS 8
Configuration IPTables On CentOS 8Kaan Aslandağ
 
Building a moat bastion server
Building a moat bastion serverBuilding a moat bastion server
Building a moat bastion servernseemiller
 
sshuttle VPN (2011-04)
sshuttle VPN (2011-04)sshuttle VPN (2011-04)
sshuttle VPN (2011-04)apenwarr
 
Ns2 introduction 2
Ns2 introduction 2Ns2 introduction 2
Ns2 introduction 2Rohini Sharma
 
SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testersE D Williams
 
Site to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory authSite to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory authChanaka Lasantha
 

Mais conteúdo relacionado

Mais procurados

Strongswan ipsec vpn_linux_strongswan_ip
Strongswan ipsec vpn_linux_strongswan_ipStrongswan ipsec vpn_linux_strongswan_ip
Strongswan ipsec vpn_linux_strongswan_ipHary HarysMatta
 
Configuring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallConfiguring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
CCNA Security configuration
CCNA Security configurationCCNA Security configuration
CCNA Security configurationRafat Khandaker
 
Packet Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFPacket Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFRafat Khandaker
 
Syslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress GuideSyslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress GuideAbhishek Kumar
 
Configuration IPTables On CentOS 8
Configuration IPTables On CentOS 8Configuration IPTables On CentOS 8
Configuration IPTables On CentOS 8Kaan Aslandağ
 
Building a moat bastion server
Building a moat bastion serverBuilding a moat bastion server
Building a moat bastion servernseemiller
 
sshuttle VPN (2011-04)
sshuttle VPN (2011-04)sshuttle VPN (2011-04)
sshuttle VPN (2011-04)apenwarr
 

Mais procurados (20)

Strongswan ipsec vpn_linux_strongswan_ip
Strongswan ipsec vpn_linux_strongswan_ipStrongswan ipsec vpn_linux_strongswan_ip
Strongswan ipsec vpn_linux_strongswan_ip
 
Lab1 dhcp-server
Lab1 dhcp-serverLab1 dhcp-server
Lab1 dhcp-server
 
Firewalld LAB
Firewalld LABFirewalld LAB
Firewalld LAB
 
Socket.io v.0.8.3
Socket.io v.0.8.3Socket.io v.0.8.3
Socket.io v.0.8.3
 
Trace route
Trace route Trace route
Trace route
 
Configuring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA FirewallConfiguring GRE Tunnel Through a Cisco ASA Firewall
Configuring GRE Tunnel Through a Cisco ASA Firewall
 
Mininet demo
Mininet demoMininet demo
Mininet demo
 
TCP Intercept
TCP InterceptTCP Intercept
TCP Intercept
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
Enumeration
EnumerationEnumeration
Enumeration
 
CCNA Security configuration
CCNA Security configurationCCNA Security configuration
CCNA Security configuration
 
Openvpn
OpenvpnOpenvpn
Openvpn
 
Packet Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPFPacket Tracer: Routing protocols EIGRP and OSPF
Packet Tracer: Routing protocols EIGRP and OSPF
 
Syslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress GuideSyslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress Guide
 
OpenVPN
OpenVPNOpenVPN
OpenVPN
 
Configuration IPTables On CentOS 8
Configuration IPTables On CentOS 8Configuration IPTables On CentOS 8
Configuration IPTables On CentOS 8
 
Building a moat bastion server
Building a moat bastion serverBuilding a moat bastion server
Building a moat bastion server
 
sshuttle VPN (2011-04)
sshuttle VPN (2011-04)sshuttle VPN (2011-04)
sshuttle VPN (2011-04)
 
Ns2 introduction 2
Ns2 introduction 2Ns2 introduction 2
Ns2 introduction 2
 

Semelhante a Cheap vpn

SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testersE D Williams
 
Site to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory authSite to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory authChanaka Lasantha
 
Ssh
SshSsh
Sshgh02
 
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)n|u - The Open Security Community
 
Using Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowUsing Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowNovell
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private NetworkPeter R. Egli
 
Unit 13 network client
Unit 13 network clientUnit 13 network client
Unit 13 network clientroot_fibo
 
ITERA Paper - IPSec L2TP Vulnerability
ITERA Paper - IPSec L2TP VulnerabilityITERA Paper - IPSec L2TP Vulnerability
ITERA Paper - IPSec L2TP VulnerabilityKunal Sharma
 
There and back again
There and back againThere and back again
There and back againJon Spriggs
 
Share File easily between computers using sftp
Share File easily between computers using sftpShare File easily between computers using sftp
Share File easily between computers using sftpTushar B Kute
 
Site to-multi site open vpn solution with mysql db
Site to-multi site open vpn solution with mysql dbSite to-multi site open vpn solution with mysql db
Site to-multi site open vpn solution with mysql dbChanaka Lasantha
 
Site-to-Site VPNs - pfSense Hangout November 2015
Site-to-Site VPNs - pfSense Hangout November 2015Site-to-Site VPNs - pfSense Hangout November 2015
Site-to-Site VPNs - pfSense Hangout November 2015Netgate
 
IP security and VPN presentation
IP security and VPN presentation IP security and VPN presentation
IP security and VPN presentation KishoreTs3
 
Creating a firewall in UBUNTU
Creating a firewall in UBUNTUCreating a firewall in UBUNTU
Creating a firewall in UBUNTUMumbai University
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios
 
Certified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetCertified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetDavid Sweigert
 

Semelhante a Cheap vpn (20)

SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testers
 
Site to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory authSite to-multi site open vpn solution. with active directory auth
Site to-multi site open vpn solution. with active directory auth
 
Remote1
Remote1Remote1
Remote1
 
Ssh
SshSsh
Ssh
 
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
Converting your linux Box in security Gateway Part – 2 (Looking inside VPN)
 
Using Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should KnowUsing Secure Shell on Linux: What Everyone Should Know
Using Secure Shell on Linux: What Everyone Should Know
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
 
WLAN:VPN Security
WLAN:VPN SecurityWLAN:VPN Security
WLAN:VPN Security
 
Unit 13 network client
Unit 13 network clientUnit 13 network client
Unit 13 network client
 
ITERA Paper - IPSec L2TP Vulnerability
ITERA Paper - IPSec L2TP VulnerabilityITERA Paper - IPSec L2TP Vulnerability
ITERA Paper - IPSec L2TP Vulnerability
 
There and back again
There and back againThere and back again
There and back again
 
Tunnel & vpn1
Tunnel & vpn1Tunnel & vpn1
Tunnel & vpn1
 
Share File easily between computers using sftp
Share File easily between computers using sftpShare File easily between computers using sftp
Share File easily between computers using sftp
 
Site to-multi site open vpn solution with mysql db
Site to-multi site open vpn solution with mysql dbSite to-multi site open vpn solution with mysql db
Site to-multi site open vpn solution with mysql db
 
Site-to-Site VPNs - pfSense Hangout November 2015
Site-to-Site VPNs - pfSense Hangout November 2015Site-to-Site VPNs - pfSense Hangout November 2015
Site-to-Site VPNs - pfSense Hangout November 2015
 
IP security and VPN presentation
IP security and VPN presentation IP security and VPN presentation
IP security and VPN presentation
 
Ssh tunnel
Ssh tunnelSsh tunnel
Ssh tunnel
 
Creating a firewall in UBUNTU
Creating a firewall in UBUNTUCreating a firewall in UBUNTU
Creating a firewall in UBUNTU
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
 
Certified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetCertified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheet
 

Mais de Swarup Kumar Mall

Doc c26 c9d9e63c44cba392505b49890b5af_1285830910188_156
Doc c26 c9d9e63c44cba392505b49890b5af_1285830910188_156Doc c26 c9d9e63c44cba392505b49890b5af_1285830910188_156
Doc c26 c9d9e63c44cba392505b49890b5af_1285830910188_156Swarup Kumar Mall
 
Btech. 1st year_new_syllabus_final__2008_bput_
Btech. 1st year_new_syllabus_final__2008_bput_Btech. 1st year_new_syllabus_final__2008_bput_
Btech. 1st year_new_syllabus_final__2008_bput_Swarup Kumar Mall
 

Mais de Swarup Kumar Mall (19)

Vp ns
Vp nsVp ns
Vp ns
 
Vpn rsvp
Vpn rsvpVpn rsvp
Vpn rsvp
 
Vp npresentation 2
Vp npresentation 2Vp npresentation 2
Vp npresentation 2
 
Vpnppt1884
Vpnppt1884Vpnppt1884
Vpnppt1884
 
Vpn 3 13_07
Vpn 3 13_07Vpn 3 13_07
Vpn 3 13_07
 
Vpn 3
Vpn 3Vpn 3
Vpn 3
 
Vpn 2
Vpn 2Vpn 2
Vpn 2
 
Vpn
VpnVpn
Vpn
 
Presentation vpn
Presentation vpnPresentation vpn
Presentation vpn
 
Doc6 mpls vpn-ppt
Doc6 mpls vpn-pptDoc6 mpls vpn-ppt
Doc6 mpls vpn-ppt
 
Doc c26 c9d9e63c44cba392505b49890b5af_1285830910188_156
Doc c26 c9d9e63c44cba392505b49890b5af_1285830910188_156Doc c26 c9d9e63c44cba392505b49890b5af_1285830910188_156
Doc c26 c9d9e63c44cba392505b49890b5af_1285830910188_156
 
D l table
D l tableD l table
D l table
 
Btech. 1st year_new_syllabus_final__2008_bput_
Btech. 1st year_new_syllabus_final__2008_bput_Btech. 1st year_new_syllabus_final__2008_bput_
Btech. 1st year_new_syllabus_final__2008_bput_
 
Blug talk
Blug talkBlug talk
Blug talk
 
Allaboutvpn
AllaboutvpnAllaboutvpn
Allaboutvpn
 
2008 cse
2008 cse2008 cse
2008 cse
 
2008 cse copy
2008 cse copy2008 cse copy
2008 cse copy
 
4 vpn s
4 vpn s4 vpn s
4 vpn s
 
VPN
VPNVPN
VPN
 

Cheap vpn

Notas do Editor

  1. The two LANs are protected from the Internet by firewalls, so a user on LAN A can't get to LAN B, at least not without making a hole in the firewall that could be a security hole.
  2. The VPN puts routable connections inside the firewalls, so that traffic between the LANs travels within a protected tunnel.
  3. Each of these deserve their own presentation. IPSec is the preferred solution, but can be difficult to configure. CIPE is a good solution. PPTP is also a good solution, but the most prevalent implementation lacks quality and the security it is supposed to provide. This presentation focuses on SSH and PPP.
  4. If you are not using a secure mechanism for connecting to your home system across the Internet, you should! SSH is freely available and provides a good level of security.
  5. The above is the performance between a 400MHz PII and a 533 MHz VIA Mini-ITX system. When run between the 400 MHz system and an Athlon 1800 system, the time for the tranfer was about half (i.e., 3 seconds for no VPN, and 30 for the VPN), but instead of CPU load on the sender being ~50%, it was 99%.
  6. In this example, a firewall appliance is used to forward the SSH port to a system on the LAN that will accept the SSH connection and act as one end of the tunnel. Note that unless this node is configured as the router for the external subnet for the wireless LAN, this node should be acting as a NAT, thus all traffic coming through the tunnel will appear to all other systems to be coming from System X.