[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Thu, Dec 26, 2013 at 7:05 AM, Matej Kovacic <[email protected]> wrote:
> ...
> this might be of interest to you:
> https://code.google.com/p/badvpn/
> ...
> The VPN part of this project implements a Layer 2 (Ethernet) network
> between the peers (VPN nodes).

i love the concept of L2 VPNs; so pure in theory.
(AppleTalk and IPX over WAN? no problem!)

in practice they need a lot of careful implementation and
configuration.  the attack surface for tap vs. tun is very different;
many services handling broadcast traffic assume a trusted local
network environment.

all of the security features listed on the wiki are related to
transport / authentication rather than endpoint service
considerations.  this should be remedied.

looks interesting! perhaps i can play around with it soon...

best regards,