Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
07-07-2003, 02:51 AM
|
#1
|
|
LQ Newbie
Registered: Jul 2003
Posts: 2
Rep: 
|
Routing PPTP through router running linux 2.4.x kernel
I am trying to route vpn(pptp) traffic from a win2k client on the internal network to a remote win2k server on the internet, i am currently using ipchains. Has any one got any ideas, all the sites i have found mention using kernel patches and utilities but most of the links are broken and there are no kernel patches for anything passed 2.2.x. Has it been built into the later kernels?
(Running RedHat 7.3, custom Kernel Build version 2.4.18-3, i686 platform)
Any help would be much appreaciated.
Grant
|
|
|
|
|
07-07-2003, 09:33 AM
|
#2
|
|
Member
Registered: Jul 2003
Location: Toronto, Canada
Distribution: Debian etch, Gentoo
Posts: 312
Rep: 
|
re: Routing PPTP through kernel 2.4
I know this is a linux forum, but if you want to do that without a kernel patch or recompile, OpenBSD supports all of that (using pf as opposed to iptables, which is actually extremely user-friendly by comparison IMHO), including PPTP, in the default install. Also if you decide to, OBSD kernel compiles are easier to configure, and if you look at http://www.openbsd.org/errata.html you'll notice they haven't had to release a single patch for their latest version.
HTH
Ben. |
|
|
|
|
07-07-2003, 09:50 AM
|
#3
|
|
Moderator
Registered: May 2001
Posts: 29,415
|
I'm not a VPN expert, but from what I've read the general opinion is PPTP is a MICROS~1/b0rken/surrogate implementation of something vaguely resembling IPSEC. IOW, unsafe, regardless of O.S..
Here's some LinuxQuestions.org Search results for PPTP to get you going. Google around for POPTOP and/or PPTPPROXY. |
|
|
|
|
07-07-2003, 10:01 AM
|
#4
|
|
Member
Registered: Jul 2003
Location: Toronto, Canada
Distribution: Debian etch, Gentoo
Posts: 312
Rep:
|
I've heard the same thing. He didn't ask for security advice  . PPTP VPN's are an outdated technology, and not really suitable for the world wide guerilla war of today. I have seen this tutorial praised by various people that seem to know their stuff, but it seems to require a significant time investment to get working:
http://www.secureops.com/vpn/ipsecvpn.html
Personally I think public key SSH and proper firewalling are the safest way to go, but I may get my eyebrows burnt off when the flames jump out my screen for saying that :P.
B. |
|
|
|
|
07-07-2003, 11:30 AM
|
#5
|
|
LQ Newbie
Registered: Jul 2003
Posts: 2
Original Poster
Rep:
|
Thks
Thanks to all for your help, pptpproxy worked perfectly
I will have to take a look at the BSD family when i have a spare few hours.
Grant |
|
|
|
All times are GMT -5. The time now is 10:01 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
