لطفا منتظر باشید ...
Chapter 26.
Using a VPN
One problem frequently faced on the Internet
at large is encryption. Many common protocols, such as Telnet and FTP, were not
designed with data security in mind; they send data, often including usernames
and passwords, in an unencrypted form. Such practices are sometimes tolerable
on a local network, where you can control access to the network hardware, but
they're very risky on the Internet at large, where your data may pass through a
dozen or more routers between client and server.WARNING
align=left border=0> Don't assume that data on your local
network is safe. A cracker controlling a compromised computer or a
disgruntled local user can wreak considerable havoc using local network
access. Using encrypted protocols locally may be justified. The Kerberos
suite (described in
Authenticating Users via Kerberos) can be a useful local security tool.
Users sometimes want to use local network
resources from a distancefor instance, from home or when traveling. One
approach to allowing such access without imposing too great a security risk is
to implement a Virtual Private Network (VPN). This
is a way of giving remote users access to local network resources as if they
were themselves local. VPNs set up virtual network interfaces in both a VPN
server and a VPN client system used by the remote user, and link those
interfaces across the Internet in an encrypted fashion. VPNs can be used to
link individual computers or entire remote networks to a local network. This
chapter describes the basics of VPN configuration and use, including two common
VPN protocols, PPTP and FreeS/WAN.
