Nirlog.com

This guide describes how to install and configure the OpenVPN Server in Linux and clients in Windows XP and Mac OSX. There are many advanced features in OpenVPN and if you’re interested in those advanced stuff, there’s a more detailed HowTo for you. This guide was created from my successful installation, so it works for me. If you find any problems or have suggestions please leave a comment. I’ll try my best to help. I’m sure, you know that you’re using this at your own risk

In our scenario, a small office network is protected by Linux firewall and we’ll implement the secure OpenVPN to access the internal office network (File Server, Database Server and Desktop PCs) securely from anywhere in the Internet.

Read the rest of this entry »

I’ve used IPSec, PPTP and SSL VPNs for quite some time and found them to have their own strengths and weaknesses. IPSec is secure but too complicated, with too many options for implementation and configuration. PPTP is easy to use and configure but it had some security issues in the past, which deters serious security minded organizations to implement it. Commercial SSL VPNs are easy to use but they’re very expensive and still haven’t solved all the remote connection problems.

I was introduced to SoftEther (popular Japanese personal VPN) by one of my boss few years ago, it’s secure and free but the documents are available only in Japanese. While I was searching for english documents of SoftEther, I came across an Wikipedia entry, which said “It is similar to OpenVPN, though it is closed source software”. I’d heard about OpenVPN but had never given it a serious look. This time I decided to look at it. I was pleasantly surprised by it’s ease of installation, use and robust security. Here are few points to note about OpenVPN:

• It’s a free and opensource.
• It’s secure; uses the SSL/TSL protocol.
• It’s easy to install and use. Graphical User Interfaces are available for those who fear the command lines.
• Has flexible authentication scheme based on certificates, smart cards, or traditional username/password credentials.
• Can be implemented as a bridge or a router (OSI layer 2 or layer 3).
• Excellent cross-platform support, it can be installed in Linux, Unix, Windows and Mac OS X.
• Good documentation, FAQs, HowTos and articles.

If you’re looking for a secure, cheap, flexible and easy to use vpn solution, then you should give OpenVPN a try.

Today I attended a seminar called Workplace IT Security & Communications Solutions for Today’s Business organized by one of our technology partner. It was an interesting event where several networking vendors presented about the IT Security Technology and the latest and greatest products they’ve in offer.

Opening speech was given by the Senior Inspector WONG Hung-Fu of Technology Crime Division, Crime Prevention Unit, Commercial Crime Bureau, Hong Kong Police Force. Unfortunately he choose to speak in Cantonese (which I don’t understand) but from his slides and later explained to me by other participant he was showing figures of increasing cyber crimes in Hong Kong specially Phishing, Spyware and P2P related crimes.

Read the rest of this entry »

One of our customer was interested in a security solution that was tightly integrated, easy to manage and cost effective. After researching for a while I found that Astaro Security Gateway software (formerly Astaro Security Linux) was one of the best choices available in the market. The features were so appealing that I did a 30 day evaluation and this is what I found.

Read the rest of this entry »

Last Saturday we had fun in our annual lunch and I presented about secure mobile remote access (SSL VPN). I wanted to let everyone know that there is a better, easier and safer way to connect to the corporate network remotely.

Different sort of remote access are being used today. It’s a necessity and convenience upon which businesses are relying. VPN (Virtual Private Network) is a mature technology and many big networks are connected to each other by it. The main technologies being used for VPN today are IPSec (IP Security), PPTP (Point to Point Tunneling Protocol), L2TP (Layer 2 Tunneling Protocol) and SSL (Secure Socket Layer). If we categorize them in terms of their use then the VPNs can be of 2 types.
Read the rest of this entry »