Complete.Org: Mailing Lists: Archives: discussion: April 2002:
[aclug-L] Re: Encrypted/compresed network traffic 		Home

[aclug-L] Re: Encrypted/compresed network traffic

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: discussion@xxxxxxxxx
Subject: [aclug-L] Re: Encrypted/compresed network traffic
From: Jonathan Hall <jonhall@xxxxxxxxxxxx>
Date: Wed, 3 Apr 2002 23:36:27 -0600
Reply-to: discussion@xxxxxxxxx 
It looks more like this:

 +------hub------+
 |       |       |
pc(a)   pc(b)   pc(c)

I could set up 3 tunnels:

pc(a) <--> pc(b)
pc(b) <--> pc(c)
pc(c) <--> pc(a)

But in reality, the setup will be much larger, and I don't want to have huge
numbers of tunnels going between computers--this uses huge amounts of RAM.

What would be ideal is some mechanism by which each packet as it goes out
the PC's ethernet card is encrypted in such a way that the receiving
computer can just decrypt it--on a per-packet basis, rather than on a
stream/tunnel basis.

I suspect nothing like this exists.  Or if it does, it's probably
commercialware. :)

-- Jonathan


On Thu, Apr 04, 2002 at 12:27:46AM -0600, John Alexander wrote:
> Ah, use one compression engine on either end of the link that feeds the hub
> that interconnects the three machines.
> 
>   +-c/e--the 'Net--c/e--hub--+-----+-----+
>   |                          |     |     |
> pc(a)                      pc(b) pc(c) pc(d)
> 
> An alternative would be to build the compression engine with whatever might
> be in the van o' junk and computers to interconnect these segments. You
> could use the built-in compression and port forwarding capabilities of ssh
> to do this. That just sticks in my head because I learned how to send a vnc
> screen over a compressed ssh tunnel last night.
> 
> ja
> -----Original Message-----
> From: discussion-bounce@xxxxxxxxx [mailto:discussion-bounce@xxxxxxxxx]On
> Behalf Of Jonathan Hall
> Sent: Wednesday, April 03, 2002 11:08 PM
> To: discussion@xxxxxxxxx
> Subject: [aclug-L] Re: Encrypted/compresed network traffic
> 
> 
> 
> It'd be easier to use something intended for full network tunneling, such as
> IPSec or VTun.  But my goal was to find something that didn't require a
> point-to-point connection for security.  I suspect that nothing like that
> exists.
> 
> -- Jonathan
> 
> 
> On Wed, Apr 03, 2002 at 11:45:04PM -0600, John Alexander wrote:
> > Well, there is a company that is building compression engines that replace
> > data segments that get repeated with variable tags, but you'd have to get
> > three of them to sit at the intersections of all the machines. Or, you
> could
> > just ssh -C, and funnel everything over the ports.
> >
> > ja
> >
> > -----Original Message-----
> > From: discussion-bounce@xxxxxxxxx [mailto:discussion-bounce@xxxxxxxxx]On
> > Behalf Of Jonathan Hall
> > Sent: Wednesday, April 03, 2002 10:18 PM
> > To: discussion@xxxxxxxxx
> > Subject: [aclug-L] Encrypted/compresed network traffic
> >
> >
> >
> > Here's a real general question that may have a rather complex answer.
> >
> > Given an ethernet segment containing three 3 Linux machines, is there any
> > way to encrypt (and possibly compress) all traffic sent to the ethernet
> > segment, aside from building tunnels between all 3 machines?
> >
> > Thanks for any input anyone may have :)
> >
> > -- Jonathan
> >
> >
> >
> > --
> > A man in Johannesburg, South Africa, shot his 49-year-old friend in the
> > face, seriously wounding him, while the two practiced shooting beer cans
> off
> > each other's head.
> > --
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> >   Jonathan Hall  *  jonhall@xxxxxxxxxxxx  *  PGP public key available
> >  Systems Admin, Future Internet Services; Goessel, KS * (620) 367-2487
> >          http://www.futureks.net/  *  PGP Key ID: FE 00 FD 51
> >                   -=  Running Debian GNU/Linux  =-
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
> >
> >
> > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
> 
> --
> Useless fact #1: Rubber bands last longer when refrigerated.
> --
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>   Jonathan Hall  *  jonhall@xxxxxxxxxxxx  *  PGP public key available
>  Systems Admin, Future Internet Services; Goessel, KS * (620) 367-2487
>          http://www.futureks.net/  *  PGP Key ID: FE 00 FD 51
>                   -=  Running Debian GNU/Linux  =-
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
> 
> 
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://www.complete.org/cgi-bin/listargate-aclug.cgi

--
"Heavier-than-air flying machines are impossible." -- Lord Kelvin,
president, Royal Society, 1895.
--
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  Jonathan Hall  *  jonhall@xxxxxxxxxxxx  *  PGP public key available
 Systems Admin, Future Internet Services; Goessel, KS * (620) 367-2487
         http://www.futureks.net/  *  PGP Key ID: FE 00 FD 51
                  -=  Running Debian GNU/Linux  =-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
[Prev in Thread] Current Thread [Next in Thread]