Hey!
From: Alon Brodski (abrodski_at_delete.012.net.il)
Date: 06/22/04
- Next message: A.Design: "How can I Hide the programs title"
- Previous message: StasCOM \(rus\): "Help with upgrading PC and Win XP."
- In reply to: Bob Willard: "Re: Cable modem question,PLEASE!"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 23 Jun 2004 00:12:22 +0200
Hey Bob!
What I meant was not if VPN over a specific connection vs.cleartext on
another one,but on the SAME kinda connection.
Again...physically it's the SAME infrustructure-cables.Same cable Co.Unlike
in the US (where from what I know every broadband cable modem user gets
automatically valid ext.IP address from cable Co.,that basically gets a pool
of addresses from ISPs)...Here there's a choice...Either you get a Dial Up
VPN connection to ISP and from ISP you get ext.IP address and you get an
internal 172.2x.xx.xx address from cable Co. OR...you use the "american"
way. It's a BIG issue now here,'cos local ISPs try to B.S. the customers to
switch to Open access VPN Dial up connection from the "american" one.From
ISP' s point of you-it saves them pool of IP addresses.
Plus gives a CONTROL over what their custs do.Otherwise the Cable Co. has
that control.
What we- ISP tell the people that it's safer for THEM to have Open Access
VPN connection,'cos in this case they would get a temp.IP address and
hackers would less likely to get a control over their PC's.
Here I agree with the policy (more or less).What is unclear to me is:from a
connection standpoint locally...is there any difference...
-- Thanks in advance, Yours truly, Alon Brodski "Bob Willard" <BobwBSGS@TrashThis.comcast.net> wrote in message news:u%23bF5h6VEHA.3024@TK2MSFTNGP09.phx.gbl... > Alon Brodski wrote: > > > hey! > > > > Thanks for your explanation! > > Here in Israel I'm not too worried about american government agencies...I > > had to f*ck around with one (INS) for over 5 years by being an illegal alien > > (who never took flying lessons :-) ). > > > > So if I understood it right...Having PPTP/L2TP (VPN) connection between me > > and my ISP is actually safer on that part of Interne traffic here locally?So > > it means that regular (Not Dial Up-VPN) MPLS connections where you get an > > external IP address directly from a cable company is less secure? Here I get > > first a 172.xx.xx.xx address from a local cable company and then when I > > connect to ISP I get also a 80.xx.xx.xx that I use to get online > > > > And you meant that the only way to provide a really SECURE Internet > > connection is by using SSL (port 443)? > > And the rest is basically a naked info? > > > > Alon > > > > "Bob Willard" <BobwBSGS@TrashThis.comcast.net> wrote in message > > news:Ozp0PwiVEHA.1356@TK2MSFTNGP09.phx.gbl... > > > >>Alon Brodski wrote: > >> > >> > >>>Hey! > >>> > >>>Thanks for your help! > >>> > >>>Well,to be honest I'm not worried about Internet at very least.I have > > > > real > > > >>>life worries to worry about.... > >>>My little baby girl half the globe away from me and my kidney stones :-) > >>>And also in my immidiate neighborhood noone has cable Internet...Buying > > > > and > > > >>>selling drugs here is what most people do in their free time :-) > >>>I was just curious purely from technological point of view. > >>>What do you mean by "cleartext"? Unencrypted? And how I can encrypt > > > > every > > > >>>transaction over the Internet. > >>>Like what I download and what sites I visit....I do use VPN to access my > > > > ISP > > > >>>(that I also work for)...Meaning that here in Israel those who use cable > > > > to > > > >>>access Internet have Open Access Dial up VPN connection (PPTP or > > > > L2TP).And > > > >>>no IPSec 'cos ISP doesn't support it.So in this case...what could be > > > > done, > > > >>>if anything? > >>> > >>> > >> > >>Cleartext is another word for unencrypted. > >> > >>There is no way to encrypt everything that goes over the net, because > >>encryption relies on having the source node and the target node have > >>an agreement about the encryption mechanism before the encrypted > >>message is sent. But, since many nodes do not support encryption at > >>all, there is no way to get them to understand encrypted messages > >>that you send and no way to get them to send encrypted messages to > >>your node. > >> > >>Using VPN between your PC and your ISP is a good start since that > >>protects your data over the "last mile". I don't think there is > >>any general way to guarantee that nobody monitors traffic that is > >>forwarded by your ISP between your PC and other internet nodes. > >> > >>In the USA, certain government groups are rumored (just a rumor, > >>and you didn't hear it from me) to have the ability to monitor ISP > >>traffic; but the only agencies with that ability are those with > >>TLAs in which the last letter is a vowel, and the only departments > >>with that ability are those with TLAs in which the first letter > >>is "D". > >>-- > >>Cheers, Bob > > Apparently, I failed the clarity test twice. Let me try again. > > 1. VPN encrypts data between the two ends of any logical connection. > Using VPN between your PC and your ISP is much better than sending > cleartext (unencrypted data), particularly if the data goes over > some shared media, such as a broadband cable. > > I have no idea whether VPN over one specific connection is > better than cleartext over another specific connection; I don't > think there is any generic way to answer that question. > > 2. SSL (port 443) is certainly not the only way to provide a secure > connection. SSL is just one such secure transport; albeit a standard. > -- > Cheers, Bob >
- Next message: A.Design: "How can I Hide the programs title"
- Previous message: StasCOM \(rus\): "Help with upgrading PC and Win XP."
- In reply to: Bob Willard: "Re: Cable modem question,PLEASE!"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
