Still working to recover. Please don't edit quite yet.
encrypting network links
From Anarchopedia
See also: Security | Cryptography | Network | HOWTOs | Encrypting Your ...
Methods
- CIPE - Crypto IP Encapsulation
- IPsec - IPsec is a set of extensions to the IP protocol family. It provides cryptographic security services
- SRP - Secure Remote Password
- SSH - Secure shell protocol (and OpenSSH)
- SSL - Secure Socket Layer
- Stunnel - Allows one to encrypt arbitrary TCP connections inside SSL.
- VTun - Creates Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption.
- VPN - Transparrently encrypts between nodes that have VPN software installed.
Software
- rstunnel | Sourceforge Page | GNU Page - '</pre html2wiki>rstunnel' provides secure port forwarding by transfering data between 2 networks through an encrypted tunnel. It both sets up the tunnel and make sure it remains open.
- yavipin | Sourceforge Page | GNU Page - Yavipind is a secure tunnel (2 peers securely forwarding packets toward each other). It forwards any kind of packet (IPv4, IPv6, or other) sent over the virtual point-to-point device (e.g., tun0). It runs in Linux userspace (no need to recompile the kernel). Yavipin is virtual, so you can apply any tool designed for the network device. packet overhead is small (26 bytes) and packets can be compressed using gzip. The tunnel can be established over NAT since all packets in a tunnel are sent over a single UDP/IPv4 connection. If one peer becomes unreachable, it is detected; if a peer deliberately stops, it immediately notifies the other peer. Packages are encrytpted with blowfish. The program has strict anti-replay rules and no packet can be accepted twice. Traffic older than a given delay (default 10 min) can't be decrypted since the keys are periodically renewed and securely erased.
Filesystems:
- File System Translator
- Linux Userland Filesystem
- Secure NFS and NIS via SSH Tunnel
- Self-certifying File System
- SHell FileSystem
- Transparent Cryptographic File System
This article is based on a public domain infoAnarchy article: Encrypting_Your_Network_Links | iA |