digitalFAQ.com Forums [Archives]

digitalFAQ.com Forums [Archives] (http://www.digitalfaq.com/archives/)
-   Computers (http://www.digitalfaq.com/archives/computers/)
-   -   Hamachi - Secure mediated peer to peer (VPN) (http://www.digitalfaq.com/archives/computers/14127-hamachi-secure-mediated.html)

kwag 02-19-2006 10:56 AM

Hamachi - Secure mediated peer to peer (VPN)
 
I just found this: http://www.hamachi.cc/ after listening to Episode #18 (audio) review here 8O http://grc.com/securitynow.htm

All I can say is that it rocks :mrgreen:

-kwag

black prince 02-20-2006 05:41 PM

@Kwag,

I listened to audio #18 and from all that I could understand it's extremely
secure for P2P connections. As for a practical use, could this be
used as a remote client to run a computer like UltraVCN SC, or is this
different. Some hamachi forum posts mentioned that the server that maintains
the unique IP addresses will be trustworthy given what is known
about this company. They do have future plans to develope your own server
to provide this security. I'm interested in how WiFi can be used with
Yellow Tuna and what would be some other examples using hamachi. :)

-BP

kwag 02-20-2006 06:41 PM

Hi BP,

I'll give you an example of how I'm using it.
Right now, my home connection to the internet is via a wireless provider, who gives out private (Intranet) IP addresses.
So I can not reach my home from the Internet, because lack of a public IP (it sits behind their NAT firewall).
But :arrow: Never fear, because the tricks are here :rotf:
As you know, I have an "Asterisk" PBX at home ( Asterisk@Home), and I no longer have "Ma Bell" phone company services :lol:
So I can call out without any problems, but nobody could call me, because of the problem of the private IP address.
Well, I just connected via an Asterisk IAX2 trunk from my box, to "Free World Dialup" (FWD), and then forwarded a free IPKall.com land line to my FWD number.
So now I can receive calls from anyone in the world, even though I'm behind a firewall :cool:
But now, back to the real case and question, which is accesing my home machine from the Internet.
That's where the Yellow Tuna (Hamachi) comes in :D
In the same machine I'm running at home for Asterisk, which is a CentOS Linux distribution BTW, I installed Hamachi Linux software.
So now, I can be anywhere in the world and I can connect with my Windows notebook using the Hamachi Windows software, and I connect to a group I created at home.
So basically I can now see my shared drives, and I can even run a SIP client on my notebook, using SIP protocol, and it works perfectly fine because I don't have to punch any firewall holes :!:
It's truly amazing the way it works, just like the audio file you listened, and with comments like that coming from Leo Laporte (TechTV) and Steve Gibson (Gibson Research), you can be assured it's really a secure product :)

Edit: As for your VNC question, for sure :!: go ahead and use it :D
Just install Hamachi at all your clients, and then instead of connecting your VNC client in the wild ( public_address:port ) you would just connect to your customer's :arrow: Hamachi_IP_address:port and that's it :)
Now all your VNC communication is encrypted via Hamachi point-to-point VPN ;)
Just think of all the neat things you can do with this :idea:

EDIT #2: BTW, here are some great "NAT Router Security Solutions" :)
http://www.grc.com/nat/nat.htm

-kwag

black prince 02-21-2006 11:18 PM

@Kwag,

Here's my senerio with router setups:

Quote:

Isolating an open or low-security wireless access point:
Suppose you have a first-generation wireless Wi-Fi NAT router access point running either fully-open (you never bothered to setup any security at all) or with crackable WEP encryption (because your hardware cannot be upgraded to the later generation of really good WPA encryption).
If I add another router behind the first router will this create more security
for my pc since I'm using outdated WEP encryption which is easy to crack.
Will this mean I don't need a software firewall ( I use kerio) :?:

-BP

kwag 02-21-2006 11:25 PM

Quote:

Originally Posted by black prince
If I add another router behind the first router will this create more security
for my pc since I'm using outdated WEP encryption which is easy to crack.
Will this mean I don't need a software firewall ( I use kerio) :?:

-BP

For sure it will :D
But you should still use a software firewall to detect your "outgoing connections", because the NAT firewalls block incomming, but all outgoing connections are NAT(ed) transparently.
Go ahead and cascade as many as you want :lol:
What you are describing is something like this:

http://www.digitalfaq.com/archives/error.gif

Ot this:

http://www.digitalfaq.com/archives/error.gif

Which is fully described in the article here :cool: http://www.grc.com/nat/nat.htm

-kwag

black prince 02-22-2006 07:31 AM

@Kwag,

Kwag wrote:
Quote:

For sure it will Very Happy
But you should still use a software firewall to detect your "outgoing connections", because the NAT firewalls block incomming, but all outgoing connections are NAT(ed) transparently.
Go ahead and cascade as many as you want Laughing
What you are describing is something like this:
I reviewed the Security Broadcast #3 and looked at the attached doc file
which shows what your saying. BTW, I copied their boradcasts as MP3
files and burned them to audio CD's. Example #14, 15, 17, 18, 19 are
discussing VPN. When grouped by topic this was like getting a mini
education. I also listened to #4, 5 about Personal Passwords :wink:

-BP

kwag 02-22-2006 07:45 AM

Quote:

Originally Posted by black prince
I copied their boradcasts as MP3
files and burned them to audio CD's. Example #14, 15, 17, 18, 19 are
discussing VPN. When grouped by topic this was like getting a mini
education. I also listened to #4, 5 about Personal Passwords :wink:

I'm doing just that myself, and yes, it's like a fast school on steroids :lol:
Just excelent information :!:

-kwag

black prince 03-15-2006 12:15 AM

@Kwag,

This is new problem :? I have a customer who wants a WLAN setup and
they need security and parental controls. It's the security that's giving me
problems. Also, the WLAN is going to have internet access. I thought of
"ipig", but it's very slow, I'm not sure hamachi allows multiple pc's to
control software from a server simultaneously (sic). Do you have any
ideas about security :?:

-BP


All times are GMT -5. The time now is 06:52 PM  —  vBulletin © Jelsoft Enterprises Ltd

Site design, images and content © 2002-2024 The Digital FAQ, www.digitalFAQ.com
Forum Software by vBulletin · Copyright © 2024 Jelsoft Enterprises Ltd.