ad info
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards





Hackers, IT consultants embrace free security tool

August 13, 1999
Web posted at: 1:42 p.m. EDT (1742 GMT)

by Ann Harrison

Hacking your way to an IT career

Hacking group reveals IP-security glitch


ALTLANDSBERG, GERMANY (IDG) -- When IT security consultants attend hacker conferences, they have high expectations for finding open-source security tools that have been tested in hostile environments.

One tool that met the standard for hacker information technology consultants is the Linux FreeS/WAN project, free, open-source Linux-based server software that uses strong encryption to create secure data tunnels between any two points on the Internet -- a badly needed alternative to expensive, proprietary virtual private networks (VPN).

FreeS/WAN uses the proposed IPsec protocol, an interoperable global standard for securing IP connections. It automatically encrypts data packets at 6M bit/sec. and creates secure gateways in a VPN without modifying the operating system or application software. A PC running FreeS/WAN can set up a secure tunnel in less than a second.

The software generated strong interest among the 1,800 hackers who attended the Chaos Communication Camp, the Chaos Computer Club's first international hacker conference held outside Berlin last weekend. Among the attendees was Kurt Seifried, an independent security consultant from Edmonton, Alberta, who uses FreeS/WAN to create secure networks for corporate customers.

  Computerworld's home page
  Computerworld Year 2000 resource center
  Computerworld's online subscription center

Seifried said he is encouraged by a recent announcement by the Ontario Information and Privacy Commission that pointed out that the Internet is insecure and urged everyone to learn to use strong encryption. "Encryption is no good unless the majority of people use it," he said.

Seifried said he implemented FreeS/WAN with a retail client, Best Computers, in Edmundton, which needed a system to let stores securely access inventory in real time. He looked at the PPTP network protocol for Windows NT servers but decided it was too insecure. "PPTP is a total disaster. L0phtcrack [a hacking tool] just goes through it like a buzz saw," said Seifried, who has posted a 177-page guide to Linux security on the Web.

Instead, Seifried used FreeS/WAN to connect client machines on either side of two firewalls. He said it created a negligible load on the network and could be run on cheap $500 PCs with two network cards to create a gateway. The system costs $3,000 in hardware for five locations, as opposed to $15,000 for a commercial VPN, Seifried said.

FreeS/WAN's biggest drawback, according to Seifried, is that the last stable release is several months old and it doesn't work with the new Linux kernel Version 2.0. He advised users to examine several FreeS/WAN snapshots and recommended the June 14th snapshot.

Speaking in a camp workshop, FreeS/WAN developer Hugh Daniels said his software is especially useful for e-commerce, banking and financial interests that are losing money to theft and fraud. "The entire finance system of the world leaks like a sieve," Daniels said. "Our goal is transparent encryption."

Reporter's notebook: Hackers on holiday
August 11, 1999
Bad rap for Back Orifice 2000?
July 21, 1999
10 tips to lock up Linux
June 3, 1999
Free software fights Net snoopers
April 30, 1999
Unix and Linux: Similar technologies, different career prospects
April 16, 1999

Reporter's notebook: Hackers on holiday
Hackers take a holiday
(PC World Online)
Group offers free Linux-based encryption software
(Network World Fusion)
Hacking group reveals an Internet protocol security glitch
Hacking your way to an IT career
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

Linux FreeS/WAN Web page
Chaos Communication Camp Web site
Chaos Computer Club Web site
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.