On Fri, 31 Mar 1995, Jimmy Brown wrote:
> I suspect this has been discussed in extreme detail, but I am
> new to the list so I'll ask anyways. :>
> I know how to allow specific unsecure sites telnet access
> to my firewall. The problem of course is, that they will be
> passing their username/passwords across the unsecure net
> for anybody to sniff. What are ways to address this
> and where do I go for more info? Are there any commercial
> products that provide this?
> What is the best way to encrypt TCP/IP traffic between one
> site and another on the Internet? Essentially I want
> to tunnel all traffic coming out of one site bound
> for another site into an encrypted stream to provide
> some modicum of security. Is this feasible?
You could implement a couple of options to address this.
1. Use a one-time password challenge/response mechanism,
such as Bellcore's S/key.
2. Implement a firewall that will support encryption, such
as TIS's gauntlet Version 3.0 product. This generally
only works though from like product to like.