[Novalug] Meeting topic suggestion - openvpn

Peter Larsen plarsen at famlarsen.homelinux.com
Mon Oct 3 11:28:24 EDT 2011 

Sorry - that's too easy. Oracle isn't the only protocol that does this.
There are lots of technical reasons to do this. Another reason for not
going in your proposed direction is having a ton of servers that you
need to access. You'll require at least one parameter per host your way.
It's really not feasible unless you only work on one central host.

On Mon, 2011-10-03 at 15:07 +0000, jecottrell3 at comcast.net wrote: 
> I wouldn't be using Oracle in the first place, and this is just another example of why.
> 
> One Service...One Port is how the Client/Server model goes.
> 
> Note that the problem I am trying to address is "access from home"...logging on to an internal machine and accessing the world from there. I'm not talking about "Arbitrary Access from Anywhere", altho it would seem like some products go out of their to make things difficult.
> 
> ssh -L can be used to set up tunnels for simple cases.
> 
> JIM
> 
> ----- Original Message -----
> From: "Peter Larsen" <plarsen at famlarsen.homelinux.com>
> To: novalug at calypso.tux.org
> Sent: Monday, October 3, 2011 10:42:23 AM
> Subject: Re: [Novalug] Meeting topic suggestion - openvpn
> 
> On Fri, 2011-09-30 at 22:22 +0000, jecottrell3 at comcast.net wrote: 
> > I don't know why anyone thinks that VPN is a good idea...once you are connected, you are actually On That Net, and can use Any and All methods of attack. By contrast with SSH, you need Specific Private Keys (I am assuming that Plain Passwords are disabled) as well as their Passphrases, and can only attack thru the SSH port.
> 
> Help me understand how you would do SSH tunneling with protocols like
> Oracle's SQL Net that randomly assigns new socket pairs upon connection
> - making your server wanting you to connect to a new special port on the
> host? We have firewall plugins to deal with those kinds of crazyness -
> but it's what we need access to when we connect to corporate networks.
> 
> > 
> > I find it annoying that people hit me with SSH login attempts, but I don't worry about them.
> > 
> > JIM
> > 
> > ----- Original Message -----
> > From: "Jon LaBadie" <novalugml at jgcomp.com>
> > To: novalug at calypso.tux.org
> > Sent: Wednesday, September 28, 2011 7:23:33 PM
> > Subject: [Novalug] Meeting topic suggestion - openvpn
> > 
> > I'd really like a more secure way to get back to
> > my home systems while traveling.  Although I've
> > had no successful breakins (that I know about :)
> > if my router lets ssh traffic through I always
> > have attempted logins.
> > 
> > Perhaps a vpn would be a better solution.
> > 
> > Anyone else who would like such a talk?
> > 
> > Anyone comfortable giving it?
> > 
> > Jon
> 
> 


-- 
Best Regards
  Peter Larsen

Wise words of the day:
Sex dumps core
(Sex is a Simple editor for X11)
	-- Seen on debian bugtracking
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://calypso.tux.org/pipermail/novalug/attachments/20111003/9956c7aa/attachment.bin

More information about the Novalug mailing list