On Saturday 10 April 2004 11:18, Antony Stone wrote: > PPP is Point-to-Point Protocol, and has almost nothing to do with VPNs :) > > SSH is Secure Shell, and at least it contains some encryption, but again, > is almost nothing to do with VPNs (but more on that later). > > PPTP is Pretty Poor Tunneling Protocol (oh, no, sorry, it's a Point to > Point Tunneling Protocol...), and is the way Microsoft systems do VPN. > > The "standard" way to do VPN (in other words, the method which is supported > by most vendors, uses open standards, and also has the best security) is > IPsec. > > The usual way to do IPsec under Linux is to use FreeS/WAN under kernel 2.4, > or the built-in IPsec under kernel 2.6. > > I use FreeS/WAN, I like it, it works well with netfilter (once you've got > used to the path the packets take at each end), and I'm happy with its > 3DES/RSA security. > > I said I'd mention more about SSH - that also uses good encryption and is > therefore secure, and once you have an SSH connection between two machines, > you can "tunnel" almost any network traffic you like between them, and it > does work, although I wouldn't select this as a first choice for a VPN > because there's a lot more manual setting up involved. IPsec is more like > a network route - you just configure it, and let the two endpoint machines > get on with negotiating the link, and then computers from whichever network > ranges you've configured the VPN to support can connect to each other > transparently through a nice secure tunnel across the Internet. > You can also take a look at OpenVPN (http://openvpn.sourceforge.net). It's quite easy to set up, is crossplatform and can be made transparant. Also, it doesn't require kernel modification. Regards, Victor > Hope this helps, > > Regards, > > Antony.
