> > I want to set up my system to use encrypted links to specified sites and
> > unencrypted links to the general public. Currently the plan for our network
> > looks like:
> > Internet --- Firewall --- router === various subnets
> > It seems to me that all I really need is a way to have inetd pick which of
> > 2 ftpds (or telnetds or rloginds) to call based on ip number of the remote
> > host. Does anyone know of a package that does this?
> > Shannon Bell
> > Email: shan .
com - Voice: +1 404 315 6296 x63 - Fax: +1 404 315 0293
> > SecureWare, Inc. / 2957 Clairmont Rd Suite 200 / Atlanta GA 30329-1647
> > GCS -d+@ H>++ s+:- g+ p?>!p !au>* a- w+ v- C++$ U[BLUAVHSCX]++++$ P+ L+>+++
> > 3>+++ E- !N>N++ K W M+ V- -po+ Y+ t+>+(+++) 5+ j R(+) G'('') tv+ b+++ !D
> > B-- e++ u** h--- f+ r+++ n-- y+++
> I am looking to find the same solution also. I came across a product
> called Netlock by Hughes (714-707-1862). This uses DES encryption at the
> network layer (TCP/IP) and runs on SunOS 4.1.X and HP-UX 9.0X. I wanted to
> be used for mostly email which requires that a copy be resident on
> each sendmail gateway at each site.
> Have anyone heard about and used this product? If there is a better solution,
> I'll also like to hear about it.
I have used a Morningstar router to selectively encrypt
the data portion of IP packets based on IP address. It works really
well at lower speeds (56Kbit and fractional T1) but has trouble at T1.
It uses DES encryption. It does not do key exchanges.
I will soon be looking at product by Semaphore Corporation ((408) 980-7750).
This product is supposed to do selective encryption/decryption based on
IP address, as well as handle encryption of other protocols like IPX and
Banyan VINES. The product literature says that it does key exchanges.
RSA and DES are encryption choices.
In the long run, I'd rather use application layer encryption. Makes a
lot of this stuff unnecessary.
> Nancy Saputra
> Hyundai Electronics
> Sr. Unix Systems Administrator