Hey all, I'm trying to determine what protocols should be permitted on a new VPN concentrator.
I'd like to stick with IPSec, it's tried and true, and to quote Garth: "We fear change". However, it seems that all the vendors are going down the SSL route. Now I know SSL is 'safe', but it seems like it's more open to attacks like SSLStrip (thanks again Moxie for making us aware of the problems!) I get that SSL is easier for administrators and end users alike, but is that convenience at too high a cost? So what are your thoughts? Am I being too paranoid? If there are articles or places where I should RTFM, that's cool... I just need to know what FM to read!! Please send the links/info ;-) Thanks for your input, and have a nice day! - Mick _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
