Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Secure VPN Gateway a new solution to InterNet Security

Reply
Thread Tools

Secure VPN Gateway a new solution to InterNet Security

 
 
David Gempton
Guest
Posts: n/a
 
      06-01-2006
Absolutely Secure VPN Gateway


It's the most secure way to connect & now its free!

Connecting to secure systems over the Internet just got a whole lot safer and easier.

* Need to connect numerous service providers to different components on your network and
keep total control ?
* Need to provide easy access to busy staff members when they are away from the office ?
* Want to have access to your home computer when your overseas ?
* Worried about SpyWare and maintaining security ?
* Looking for a VPN solution that is quick and easy to install ?

Stop looking ! This is the perfect solution

Download your free copy from here:
http://www.ttc4it.co.nz/download/TTC...re-Gateway.zip

This is a VMware appliance so you'll need VM Player. You can download you free VM player
from here:
http://www.vmware.com/download/player/

Full documentation and support is available from here:
http://www.ttc4it.co.nz/cgi-bin/yabb/YaBB.cgi

Secure VPN Gateway from TTC enables you to connect to applications and network services,
secured behind a firewall, without compromising security.

At TTC we have developed a secure VPN system that is suitable for everyone to use. There
is no tricky installation and no client configuration. The whole product is can be up and
running within a few minutes of downloading. This save you time and allows you to get on
with business.

The Secure VPN Gateway just requires a dhcp server to provide it with a network address.
With this information it configures itself and tells you how to access the management web
page.

The VPN client package learns everything directly from the Secure VPN Gateway. Once
started, the person using the Secure VPN client, is presented with a menu of their
available network services. Access is as simple as clicking a start button.

Our key to security.
====================
Our extreme security comes from individually coded client packages that are generated for
each user by the Secure VPN Gateway. This builds unique digital keys directly into each
client package. The built-in digital key improves security beyond that of many VPN
clients because the user must have the correct client package (digital key), the correct
login name, and the correct password. The digital key is never typed and all network
communication is strongly encrypted, so “SpyWare” applications are unable to break the
security. This is of vital importance for people who use public computers to access
corporate or private resources.

The Secure VPN gateway is configured and managed from an administration web page where all
account setup functions are performed. Administrators can create, edit, delete, and
disconnect live users from this web page. Network link rules are defined and then
allocated to user accounts. Network link rules provide a network description of the
service that the user is connecting to. The rule definition allows the administrator to
use their own words to describe the link rule making it easily adaptable to ever users
level of understanding.

For example; “Bob's human resource files” or “Corporate internal e-mail server” rather
than cryptic strings of numbers.

Help is only a click away
=========================
http://www.ttc4it.co.nz/cgi-bin/yabb/YaBB.cgi

We have eliminated the most frustrating problem with downloaded software by putting all
the documentation and access to the software developers right at your fingertips.

This is done through a free bulletin board where users can read and download
documentation. They can also share their own experiences with using the software.
Posting issues and solutions for all users to share. Access to the bulletin board is
provided directly from the Secure VPN Client and the Administration web page.

To post a topic/question you just need to register first.

How was it built
================
This VMware appliance has been built on top of the outstanding freeware firewall,
Smoothwall Express. Written exclusively in Perl the TTC Secure VPN Gateway has been in
development and testing for the past 24 months.

It was intended to run on a standalone server but thanks to the efficient VMPlayer from
Vmware it can now be run under any environment where VMPlayer is supported. The most
significant market breakthrough here is the ability to deploy it as an application on a
Microsoft Windows system.

Vmware workstation has played a vital part in the development and testing of the TTC
Secure VPN Gateway. We are delighted to be able to offer this application

How to get started
==================
Once you have installed VMPlayer and downloaded the zip file “TTC-VPN-Secure-Gateway.zip”,
simply expand the zip file on the computer that will be hosting the VM-appliance.
Now start VMPlayer and open the VM appliance found under the TTC-VPN-Secure-Gateway
directory.

The appliance will start automatically. When it is up and running a page of information
will be displayed on the VMPlayer console. Press enter to make sure the information is up
todate.

The information on the console will show you three important details:
1.The external IP address of the Secure VPN Gateway.
2.The port forwarding rule to configure on your firewall (if you have one) to enable the
VPN clients to communication with the Secure VPN Gateway.
3.The URL for accessing the management web page.

For example:
============
Secure VPN Controller
My external IP address is 192.168.1.184
If I am behind a firewall please set a port forwarding rule on the firewall as follows:
inbound TCP port ==> TCP port : IP address
2227 ==> 2227 : 192.168.1.184
Then access my web management interface and change the settings for the “external
interface” to firewall's external IP address.
The URL for my web management interface is:
http://192.168.1.184:81/vpn_frame.html

When you access the management web page you will be prompted to login.

The default user name is : administrator
The default password is : admin123
(This can be changed from the “Manage the users of this page” menu option.)

Note# The full documentation and online help is available by clicking on the words “Click
here for help” at the top right of the screen.

After logging in to the web page as the administrator, use the menu on the left side of
your screen and click on “Change settings”. Make sure that the “External IP” address is
correct. If you will be accessing the Secure VPN Gateway through a firewall the “External
IP” should be set to the IP address that reaches the firewall from the Internet.

If you do not have a firewall then the “External IP” setting should be correct.

Now generate your first VPN Client kit by clicking on the Refresh keys icon for the
administrator. And confirm that you want to proceed. Now click on the red download symbol
to receive a copy of the administrator VPN client kit.

Congratulations, this client kit can now be used to connect to Secure VPN controller from
the Internet.

Now its time to “Click here for help” and download a copy of the Secure VPN documentation.
This will explain how to:
Use the VPN client.
Create VPN Link Rules
Create user accounts
Even how to change the logos to your own.


 
Reply With Quote
 
 
 
 
nemo_outis
Guest
Posts: n/a
 
      06-01-2006
David Gempton <(E-Mail Removed)> wrote in news:(E-Mail Removed):

> Absolutely Secure VPN Gateway

....


If a man brags about his honesty, or a woman her virtue, avoid the former
and cultivate the latter.

IOW why the **** should we trust you?

Regards,





 
Reply With Quote
 
 
 
 
Nico Kadel-Garcia
Guest
Posts: n/a
 
      06-02-2006

"David Gempton" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Absolutely Secure VPN Gateway


It's a joke: I've written to the website owner: and he's responded only that
it's Legitimate! Honest! I Promise! Ask me anyithing! And here's the website
with my non-existent documentation, all written by me!

Given the lack of documentation, source code, explanation of how it works,
and the apparent one-person operation, it's obvious that it's a start up
operation and lacks any pretense of code review that should be in place for
what is obviously a one-man operation, no one sane should be using it.

Also, since he's stated in his email to me that it "uses the OpenSSH"
protocol, I'm notifiying the OpenSSH authors that he's probably in violation
of the very limited OpenSSH licensing.

What a maroon!


 
Reply With Quote
 
Nico Kadel-Garcia
Guest
Posts: n/a
 
      06-02-2006
I just double-checked the license of OpenSSH, which states:

* Copyright (c) 1995 Tatu Ylonen <(E-Mail Removed)>, Espoo, Finland
* All rights reserved
*
* As far as I am concerned, the code I have written for this software
* can be used freely for any purpose. Any derived versions of this
* software must be clearly marked as such, and if the derived work is
* incompatible with the protocol description in the RFC file, it must be
* called by a name other than "ssh" or "Secure Shell".

I wrote to the website's public info address: it's obviously a one-man
operation, since David Gempton himself wrote back to me with this. (I'm not
posting the entire letter, because it's generally considered rude to post
the complete contents of a private email to a public newsgroup, even though
it's probably nto a copyright violation as some fools complain if you do
so.)

This is a product that uses openssh protocols to provide encrypted
communication channels between clients - the secure gateway - and
network services on the same LAN as the secure gateway.

So I submit among its other weirdness, it's a violation of the very generous
OpenSSH license, since the software is closed source and makes no such
public notice. Moreover, since he's acting like this, I certainly wouldn't
want to use a security product from anyone this obviously such a fool. The
stuff obviously needs a complete public souce code publication to see just
what else he's done under the hood.

I've never heard of him before this crosspost to comp.security.ssh, where
I'm active. Can anyone here vouch for him? Was this just a really, really
bad mistake?, or what? The only stuff I see in groups.google.com from the
same name is from 1997 and 1998, also from New Zealand address, so it might
be the same guy. But it's not as if this is from a well-respected,
well-known poster.

Nico Kadel-Garcia
http://www.velocityreviews.com/forums/(E-Mail Removed)


 
Reply With Quote
 
Richard E. Silverman
Guest
Posts: n/a
 
      06-02-2006

> Absolutely Secure VPN Gateway


Never trust anything Described in Capitalized Superlatives!

--
Richard Silverman
(E-Mail Removed)

 
Reply With Quote
 
Chuck
Guest
Posts: n/a
 
      06-02-2006
Call me skeptical, but why would I want to risk using an unknown
security product? Why should I choose this over something like OpenVPN
which is also free and makes the source code available for review?
 
Reply With Quote
 
Walter Roberson
Guest
Posts: n/a
 
      06-02-2006
In article <(E-Mail Removed)>,
Nico Kadel-Garcia <(E-Mail Removed)> wrote:
>(I'm not
>posting the entire letter, because it's generally considered rude to post
>the complete contents of a private email to a public newsgroup, even though
>it's probably nto a copyright violation as some fools complain if you do
>so.)


Where to start??

- These are international newsgroups.

- Copyright law varies from jurisdiction to jurisdiction.

- Copyright law deals with the Rights To Copy (and to control when
copies are made.)

- In many jurisdiction, material is considered "published" if unrestricted
access to it is made available to even just one person in that
jurisdiction. For example, a letter sent to a *specific* (listed)
set of people is not usually considered to be "published", and
material made available only under NDA (Non-disclosure agreement)
{including in the course of employment} is not usually considered
"published", but if the material is made available without controls
(e.g., copies offered for public sale, a copy posted on the town
notice-board) then the material is usually considered "published".

- In many jurisdictions, publishing includes electronic dissemination

- In many jurisdictions, if a person submits an electronic document
to an automated copying mechanism, then that person is considered to
have made all of the copies that result without further human interaction

- Thus, in those jurisdictions, the action of posting a letter to
a Usenet newsgroup (which is, by definition, allowing uncontrolled access
to the letter) is considered to be one count of "publishing" the letter
for each automated copy that results -- even though only the person
only pressed "send" once.

- Hence, posting a letter to a Usenet newsgroup is considered by
many jurisdictions to be "copying" the letter and "publishing" it,
both done many times over. Therefore, the legal authority to post a
letter to Usenet is there considered a matter subject to Copyright law.
Copies are deemed to have been made, and the question then becomes
one of whether the poster had the legal right to make (trigger) those copies.

- Copyright law usually applies to "an original expression of an idea";
presuming that David Gempton did not use a form letter, his response
was likely sufficiently "creative" for copyright law to apply to the
parts of it that he himself phrased. Note that Copyright law does not
apply to the ideas themselves[*], only to the -expression- of them: the
actual words.[*] Exception: the entertainment industry especially is
increasingly pushing to restrict "derivative works" (originally
applicable only to translations and to substantial reproductions of the
original words...)

- We have by now established that Copyright law applies to the
situation [in many jurisdictions], and have reduced the question down
to one of whether the jurisdiction's local Copyright law would
permit the substantial reproduction of a previously-unpublished letter.

- The limits on reproduction vary from jurisdiction to jurisdiction.

-The US has its "Fair Use Doctrine" (which is not actually written
into law under that name); the boundaries of Fair Use are a bit
fuzzy in the USA, but case law has deemed copying of as little as
three lines of a short work to not be within the limits of Fair Use.
The publishing of large extracts of a longer work has rarely been
considered to be Fair Use except in cases of high Public Interest.
And increasingly, case law in the USA has been saying that even
in situations that were traditionally Fair Use (e.g., academic photocopying),
that if there is reasonable time available to ask permission for
the copying, that the permission must be sought [with some leeway
allowed for researched criticisms of a work whose author would likely
not grant copying permission in order to avoid the criticism.]
http://www.copyright.gov/title17/92chap1.html#106

- Canada does not have any equivilent to the Fair Use Doctrine;
the "Fair Dealing" clauses are quite limited, and
the suggested letter-posting activity would not fall within the boundaries
of any of them
http://laws.justice.gc.ca/en/C-42/23...tml#Section-29

- US case law is sufficiently fuzzy that one could perhaps talk about
"probability" of a copying being within the limits of Fair Use
(and thus not a copyright violation in the USA), but Canadian law is
much more rigid, and it would essentially only be meaningful to
speak of reproducing a letter being "probably" a copyright violation in Canada
if the probabilities being referred to were zero (i.e., "not") and
one (i.e., "decidedly so".)

- In other words, posting a private letter to Usenet "probably" IS
a copyright violation -- unless one wishes to play games like
"Oh, my IP is from the USA but I'm really in a country that doesn't
have a copyright law and doesn't recognize any other country's
copyright laws."


Perhaps, Nico, you were thinking of a different matter: not whether it
would -be- a copyright violation, but rather what the likely legal
-consequences- would be for that violation.

For example, in Canada, if the original letter author bothered to do
anything, the most -likely- result of posting of an informative letter
from a non-famous person, would be a $C200 fine plus court costs and a
lecture to Don't Do It Again. (Statutory $C50 per count, multiple
counts would be deemed, but the judge would have considerable leeway in
fixing the count; $C200 is about average for multiple count cases where
malicious publication is not established, sliding up to about $C800-
$C1000 if there were previous interpersonal spats but no monetary
gain from the publication.) Stronger penalties are definitely possible,
especially where there is monetary value involved, but the legal
standards of proof are also noticably higher than for the stat penalty.

 
Reply With Quote
 
Sebastian Gottschalk
Guest
Posts: n/a
 
      06-02-2006
Walter Roberson wrote:

> - In other words, posting a private letter to Usenet "probably" IS
> a copyright violation


Damn, no. The reason is a quite simple one: You cannot expect the sender
to be unwilling to allow publishment unless he explicitly stated so. By
posting a letter to someone you're actively putting it into public domain.

The reason why it's illegal under _zivil_ rights is that's an
unreasonable violation of privacy to publish someone else's private
information without even asking him first.
 
Reply With Quote
 
Rick Merrill
Guest
Posts: n/a
 
      06-02-2006
Sebastian Gottschalk wrote:
> Walter Roberson wrote:
>
>
>>- In other words, posting a private letter to Usenet "probably" IS
>>a copyright violation

>
>
> Damn, no. The reason is a quite simple one: You cannot expect the sender
> to be unwilling to allow publishment unless he explicitly stated so. By
> posting a letter to someone you're actively putting it into public domain.
>
> The reason why it's illegal under _zivil_ rights is that's an
> unreasonable violation of privacy to publish someone else's private
> information without even asking him first.


Hey, cut the crap guys, I want to buy this thing - does it work?!
 
Reply With Quote
 
Richard E. Silverman
Guest
Posts: n/a
 
      06-02-2006

>>>>> "RM" == Rick Merrill <(E-Mail Removed)> writes:


Read this first:

http://www.schneier.com/tristrata.html

--
Richard Silverman
(E-Mail Removed)

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Secure your digital information assets with Secure Auditor. SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:53 AM
Secure your digital information assets with Secure Auditor SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:52 AM
Secure VPN Gateway - a Perl Solution David Gempton Perl 0 01-03-2007 12:28 AM
Edit Primary Gateway To Send Internet Traffic To Secondary Gateway Frank Cisco 3 09-30-2004 04:51 AM



Advertisments