|
[networknewsletters]
||
[Date Prev]
[02-2007 Date Index]
[Date Next]
||
[Thread Prev]
[02-2007 Thread Index]
[Thread Next]
[ECP] Hamachi Cross-Platform VPN
- From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
- To: NetworkNewsletters@xxxxxxxxxxxxx
- Date: Tue, 06 Feb 2007 05:00:00 -0500
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
Please link to the Educational CyberPlayGround
http://www.edu-cyberpg.com
Add your K12 SCHOOL OR SCHOOL DISTRICT URL
http://www.edu-cyberpg.com/schools/
Please Share and Add Your Song
http://www.edu-cyberpg.com/ncfr/
Educational CyberPlayGround Network Newsletters Mailing List ©1994
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
=== CONTENTS ===================================================
IN FOCUS: Hamachi Cross-Platform VPN
NEWS AND FEATURES
- GoDaddy.com Abuse Policy Takes SecLists.Org Offline
- Researchers Find Fault with Extended Validation Certificates
- Recent Security Vulnerabilities
PRODUCTS
- Extend Group Policy Control over Passwords
- Wanted: Your Reviews of Products
RESOURCES AND EVENTS
FEATURED WHITE PAPER
=== IN FOCUS: Hamachi Cross-Platform VPN =======================
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Last week, I discussed Microsoft's Secure Socket Tunneling Protocol
(SSTP) VPN technology, which will debut as part of Windows Vista
Service Pack 1 (SP1) and Longhorn Server Beta 3. The VPN will work over
standard Web ports and ease client-to-server connectivity. If you
missed that editorial, you can read it at
http://list.windowsitpro.com/t?ctl=488CD:57B62BBB09A6927982FBAF992E8490C7
This week, I learned about another VPN technology that I hadn't heard
of before. LogMeIn Hamachi is a relatively simple tool that lets you
connect systems together to build a VPN where such connectivity might
not otherwise be possible.
A couple really great features of Hamachi make it a very useful tool.
The first is that it runs on Windows 2000, Windows XP, Windows Server
2003, Linux, and Mac OS X. The second interesting feature is that it's
a UDP-based VPN technology, where most other VPNs are TCP-based.
Because it's UDP-based, it can work in networks where other VPNs might
not because it can traverse some overly restrictive policies and can
operate behind networks that use Network Address Translation (NAT).
The real "magic" of Hamachi is that it takes advantage of UDP
operational characteristics. As you know, in order for TCP connections
to take place, ports need to be open on firewalls, and when NAT is in
use (with or without a firewall), the NAT router needs to forward
traffic to the proper endpoint. In contrast, a NAT device (and
sometimes a firewall) can be coaxed into accepting UDP traffic even
when specific rules don't exist to allow that traffic.
To get an idea of how Hamachi works under the hood, we can take a look
at the Skype VoIP technology because Skype also uses UDP to traverse
NAT networks and firewalls. If you head over to the heise Security Web
site, you'll find a very interesting article, "The hole trick," (at the
URL below) that explains what's happening under the hood of a Skype
client. If you read the article, you'll come away with an understanding
that applies to Hamachi.
http://list.windowsitpro.com/t?ctl=488D0:57B62BBB09A6927982FBAF992E8490C7
I've heard that Hamachi is especially useful for Windows administrators
who need to use Microsoft Remote Desktop connectivity but can't due to
restrictions on the network on which they happen to be at the moment,
whether that network is at a hotel, conference center, library, coffee
shop, or elsewhere. Hamachi can establish a VPN between two endpoints,
and then Remote Desktop can be used over the Hamachi VPN. The same
principle undoubtedly applies to many other tools that are useless
without a VPN.
There is at least one downside to Hamachi, though: It doesn't work when
a system is behind a proxy server. Nevertheless, it looks like an
incredibly useful tool and I intend to give it a try soon. You can
learn more about it and download a copy at the URL below.
http://list.windowsitpro.com/t?ctl=488D9:57B62BBB09A6927982FBAF992E8490C7
If you're interested in more technical, nitty-gritty details about how
tools like Hamachi and Skype work, then take a look at RFC3489, "Simple
Traversal of User Datagram Protocol Through Network Address
Translators" at the URL below. The document explains the technique in
considerable detail.
http://list.windowsitpro.com/t?ctl=488D6:57B62BBB09A6927982FBAF992E8490C7
=== SECURITY NEWS AND FEATURES =================================
GoDaddy.com Abuse Policy Takes SecLists.Org Offline
SecLists.Org, a popular site that archives the messages from
numerous popular security mailing lists, was temporarily shut down by
GoDaddy.com after complaints by MySpace.
http://list.windowsitpro.com/t?ctl=488CC:57B62BBB09A6927982FBAF992E8490C7
Researchers Find Fault with Extended Validation Certificates
Researchers from Stanford University and Microsoft Research have
concluded that extended validation (high assurance) certificates used
in conjunction with Microsoft Internet Explorer (IE) 7.0 don't
necessarily improve a user's ability to detect phishing attacks.
http://list.windowsitpro.com/t?ctl=488CB:57B62BBB09A6927982FBAF992E8490C7
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=488C4:57B62BBB09A6927982FBAF992E8490C7
=== PRODUCTS ===================================================
by Renee Munshi, products@xxxxxxxxxxxxxxxx
Extend Group Policy Control over Passwords
Special Operations Software announced the release of Specops
Password Policy 2.0, which works with Group Policy in Active Directory
(AD). Specops Password Policy lets you configure password policies in
any number of group policies and not just at the domain level of Group
Policy. Some of the new features in version 2.0 are the ability to
disallow words from specified dictionaries in passwords, to disallow
incremental passwords (e.g., changing from password1 to password2), and
to send an email notification when a password is about to expire. For
more information, go to
http://list.windowsitpro.com/t?ctl=488D8:57B62BBB09A6927982FBAF992E8490C7
=== RESOURCES AND EVENTS =======================================
How at risk is your business? Attend this free Web seminar and learn
how to
- differentiate alternative high-availability and disaster-recovery
solutions
- ensure seamless recovery of your key systems and data
- keep your users continuously connected
- benefit from real-time high availability and disaster recovery
Live Event February 22, 2007, at 12:00 pm EST
http://list.windowsitpro.com/t?ctl=488C1:57B62BBB09A6927982FBAF992E8490C7
Did you know that 75% of corporate intellectual property resides in
email? The challenges facing this vital business application range from
spam to the costly impact of downtime and the need for effective,
centralized email storage systems. Join us for a free Web seminar and
learn the key features of a holistic approach to email security,
availability, and control. Download this on-demand seminar now!
http://list.windowsitpro.com/t?ctl=488BF:57B62BBB09A6927982FBAF992E8490C7
=== FEATURED WHITE PAPER =======================================
Learn to differentiate between computer records and business records.
Learn the subjective meaning of business records and how to best manage
regulatory requirements for email backup and retention. Download this
special eGuide today!
http://list.windowsitpro.com/t?ctl=488C0:57B62BBB09A6927982FBAF992E8490C7
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround Network Newsletters Mailing List
Subscribe - Unsubscribe - Set Preferences
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Copyright statements to be included when reproducing
annotations from the
Educational CyberPlayGround Network Newsletter
The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
EDUCATIONAL CYBERPLAYGROUND
http://www.edu-cyberpg.com
Network Newsletters copyright
Email Prefrences - Subscribe - Unsubscribe - Digest
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Advertise Network Newsletters Guidelines
http://www.edu-cyberpg.com/Community/Subguidelines.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
|
|
