Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I realize that IPSec can be used with VPNs, but is it commonly used for anything else by default? Everything I've searched for thus far has described VPNs and the use of IPSec. Thanks for your help.
Many years ago there were PPTP and L2TP as well as other types of tunneling/VPN protocols. IPSec was envisioned to be a protection for those protocols, and is. But they also realized that IPSec could just be expanded and used to provide the VPN services from within itself. And for a couple of reasons, you could either encrypt the payload and leave the VPN headers alone, or encrypt all of the data and use IPSec packets to establish your VPN. I forget the pros and cons, they are real arguments, but to me it also boils down to choices as to what form of protection you'd prefer. In one form, people can sniff your traffic and know what two endpoints are talking, but not be able to easily view the payload due to encryption. In the other form, the identities of the endpoints are protected because it has been abstracted via the protocol. I believe that to be the difference. Either case the most common use has been for VPNs. I just don't think the concept caught on of using it point to point solely for encryption. The concept has mainly been for an outsider getting into the network and validating their credentials as being someone who does belong in that network. Otherwise if you're internally connected to the network, then you are already authenticated, so no need.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.