ITinfo: Linux FreeS/WAN Crypto Secures Data

Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear

Strong Encryption Comes To Linux

Secure networking now possible on the net

ITinfo Sponsor

ERROR: Random File Unopenable

The random file, as specified in the $random_file perl variable was unopenable.

The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.

Linux Crypto Secures Data

by Dave Murphy
ISSN 1535-3613

The Linux FreeS/WAN project has released free Linux server tools that use strong encryption to creates a virtual private network between any two Internet users.

According to the project's website: Linux FreeS/WAN is an implementation of IPSEC & IKE for Linux.

IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorized reading of packet contents.

These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result is Virtual Private Network or VPN. This is a network which is effectively private even though it includes machines at several different sites connected by the insecure Internet.

The IPSEC protocols were developed by the IETF (Internet Engineering Task Force) and will be required as part of IP Version Six, the next generation. They are also being widely implemented for IP V4. In particular, nearly all vendors of any type of firewall or security software have IPSEC support either shipping or in development. There are also several open source IPSEC projects. Several companies are co-operating in the S/WAN Secure Wide Area Network project to ensure that products will interoperate. There is also a VPN Consortium fostering cooperation among companies in this area.

Our project's primary objective is to help make IPSEC widespread by providing source code which is freely available, runs on a range of machines including ubiquitous cheap PCs, and is not subject to US or other nations' export restrictions.

Right now the Internet is a very public place. Webmasters track who visits their site, ISPs track where their clients surf and what they download. And businesses attempting to conduct secure communications via the net are hamstrung with an inability to use strong cryptography to encrypt sensitive data.

But law enforcement agencies aren't likely to support publicly-available strong encryption tools. US FBI (Federal Bureau of Investigation) Director Louis Freeh said before Congress that strong crypto will be a boon to terrorists because it hampers law enforcement's ability to decode messages and accurately wiretap the bad guys.

To date, most netizens who need strong encryption use PGP (Pretty Good Privacy). But PGP only encrypts messages and specific files. The Linux FreeS/WAN software creates a secure data tunnel that allows all files transmitted between the sites to be encrypted.

Linux FreeS/WAN
PGP

Previous issues are on our website at http://itrain.org/itinfo/.

International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987

410.567.5366
1.888.290.6200
fax 801.650.0423
Membership Director: member@itrain.org

Return to ITrain Homepage

http://itrain.org/itinfo/1999/it990415.html
updated April 15, 1999