Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Building a Robust Linux Security Solution: Page 10 of 15

The Free S/WAN IPSec distribution for Linux can be obtained from
www.freeswan.org
.

If you want to grant your remote users VPN access to your Linux gateway, but you don’t want to install (or maintain) IPSec software on their laptops, you are in luck: PopTop is a freely available Point-to-Point Tunneling Protocol (PPTP) server that can act as an end-point for VPN sessions from standard Windows desktops. Microsoft includes PPTP VPN support on Windows 95/98/NT, and there is even a PPTP client available for Linux clients. The PPTP standard is the subject of Internet Draft RFC 2637 and has been implemented by many commercial vendors.

Be aware that while PPTP is fundamentally sound, Microsoft’s PPTP implementation contains several obvious security flaws. Visit the Counterpane Systems report at
www.counterpane.com/pptp-faq.html
before you decide to implement this solution. You should also consider that Microsoft has announced IPSec support in the upcoming release of its Windows 2000 OS.

The PopTop server for Linux can be obtained from
www.moretonbay.com/vpn/pptp.html
, and a PPTP client for Linux is also available from
www.pdos.lcs.mit.edu/~cananian/Projects/PPTP/
.

A MATURE OS