Hackers, consultants embrace free security tool

When IT security consultants attend hacker conferences, they have high expectations for finding open-source security tools that have been tested in hostile environments.

One tool that met the standard for hacker information technology consultants is the Linux FreeS/WAN project, free, open-source Linux-based server software that uses strong encryption to create secure data tunnels between any two points on the Internet — a badly needed alternative to expensive, proprietary virtual private networks (VPNs).

FreeS/WAN uses the proposed IPsec protocol, an interoperable global standard for securing IP connections. It automatically encrypts data packets at 6Mbps. and creates secure gateways in a VPN without modifying the operating system or application software. A PC running FreeS/WAN can set up a secure tunnel in less than a second.

The software generated strong interest among the 1,800 hackers who attended the Chaos Communication Camp, the Chaos Computer Club’s first international hacker conference held outside Berlin last weekend. Among the attendees was Kurt Seifried, an independent security consultant from Edmonton, who uses FreeS/WAN to create secure networks for corporate customers.

Seifried said he is encouraged by a recent announcement by the Ontario Information and Privacy Commission that pointed out that the Internet is insecure and urged everyone to learn to use strong encryption. “Encryption is no good unless the majority of people use it,” he said.

Seifried said he implemented FreeS/WAN with a retail client, Best Computers, in Edmondton, which needed a system to let stores securely access inventory in real time. He looked at the PPTP network protocol for Windows NT servers but decided it was too insecure.

“PPTP is a total disaster. L0phtcrack (a hacking tool) just goes through it like a buzz saw,” said Seifried, who has posted a 177-page guide to Linux security on the Web.

Instead, Seifried used FreeS/WAN to connect client machines on either side of two firewalls. He said it created a negligible load on the network and could be run on cheap US$500 PCs with two network cards to create a gateway. The system costs $3,000 in hardware for five locations, as opposed to $15,000 for a commercial VPN, Seifried said.

FreeS/WAN’s biggest drawback, according to Seifried, is that the last stable release is several months old and it doesn’t work with the new Linux kernel Version 2.0. He advised users to examine several FreeS/WAN snapshots and recommended the June 14 snapshot.

Speaking in a camp workshop, FreeS/WAN developer Hugh Daniels said his software is especially useful for e-commerce, banking and financial interests that are losing money to theft and fraud.

“The entire finance system of the world leaks like a sieve,” Daniels said. “Our goal is transparent encryption.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now