>On Thu, 19 Oct 1995, Mikael Suokas wrote about his idea for
>tunnelled, encrypted virtual LAN across the Internet (details below)
>> The preceding leads me to beleive that if i can get a ppp daemon to
>> use a tcp port eg. localhost:1234 instead of /dev/modem, I can set up
>> a reasonably secure private network over the Internet. This shouldn't
>> be very hard to do. The result would look something like this:
>>
>> Machine A Machine B
>> ____________ ____________
>> | pppd |<----| |---->| pppd |
>> | | | | | |
>> | |-->1234 |<----| |---->| 1234<--| |
>> | | | | | |
>> | |-->sshd |<------------Internet------------>| sshd<--| |
>> ------------- -------------
>>
>> So here are my questions:
>>
>> o Has anyone already written such a tunneling ppp daemon?
It's sort of related but not IP. Back in '92 or so? I converted term(1) to
use udp over the internet instead of a /dev/modem. This lets me seamlessly
ftp, (tupload), rlogin (trsh), and X, (txconn), over an encrypted link between
two hosts. At the time I mainly did it to annoy a nosy parker that monitored
_TCP_ streams between my two hosts. Also I wrote a udp telnet/server/ftp/
rlogin in one client and server, but thats another story.
The advantage was I dont need root at either end to run any of my processes.
Also I can easily, (and have up to the latest versions of term), put in
firewalling code so noone can do anything at all from the remote end to my
end.
Your situation above requires root access to setup the ppp side of things
but gives the benefit of IP connectivity through any stream, be it IP, X25
or IPX. I'm not sure how easy it is for you to filter out bad guy packets.
Cheers,
Mark
mark @
lochard .
com .
au
Follow-Ups:
References:
|
|
