Got some more feedback on this from James, he pointed me to IPCop which looks kind of like an all-in-one package.
Anyone used IPCop? On Wed, 2008-06-18 at 01:01 -0400, Rob Ludwick wrote: > OpenVPN is good. Clients for Windows, Linux, and MacOS exist. > > Configuration can be done via X.509 certs as well as username/password > authentication (or hey, if you're paranoid, both). > > It's more secure than Microsoft's PPTP, and it's faster than Tor. > > I do recommend you start here, it's the one I started off with. > http://www.thebakershome.net/openvpn_tutorial > > Proto should be TCP... and heck, use TAP0 (Ethernet Bridging). > > It uses X.509 Certs, but if you look around there are configurations for > Username/Password. > > --R > > > > Here's what I'm thinking. I want a VPN box (likely Ubuntu and SSH based) > > between my cable modem and my router. Any of my trusted machines run > > over open wireless or cat5 to the router and are configured to connect > > to the VPN. Then any connections over the open wireless or a tor exit > > node get logged (both CYA and traffic snooping) and go out to the > > internet. > > > > Goal is to explore the networking side of IT a little more, help my > > paranoid bretheren with Tor, and learn how to build a system that can > > safely function in a hostile environment. > > > > Depending on my mood I may also get a little grey-hat and see if > > anything interesting is coming through the unsecured wireless and Tor. > > > > Some questions: > > 1. Recommendations for a distro and VPN software for the VPN box? I'm > > most comfortable with Ubuntu, but I'm open to other options. Obviously > > the most common and easiest to configure VPN option wins. > > 2. How can I prevent the open connections from the outside from getting > > inside? I'm open to sharing my bandwidth, but I want to keep people from > > peeing in my pool. > > 3. How can I throttle (simple bandwidth cap) the unsecured traffic? The > > day will come when I decide to find out how far I can push Comcast, it > > will be the same day I decide to sign up for FiOS. > > 4. How can I give secured traffic priority over unsecured traffic? I.E. > > my ISO downloads come down BEFORE the tor node gets to myspace. > > 5. How can I readily configure my own Linux boxes, my wifes Mac, and any > > of my guests computers to connect to the VPN? Machines that regularly > > use the network should autoconfgure. > > 6. Any suggestions for dynamic DNS services? > > 7. How can I sanely manage the logs for the open connections? Following > > Bruce Scheiers idea of having an open wireless router is interesting, > > but I would prefer a more reliable way of covering my ass. > > > > > > > _______________________________________________ > Fwlug mailing list > [email protected] > http://fortwaynelug.org/mailman/listinfo/fwlug_fortwaynelug.org -- -- Jon Bartels [EMAIL PROTECTED] _______________________________________________ Fwlug mailing list [email protected] http://fortwaynelug.org/mailman/listinfo/fwlug_fortwaynelug.org
