some of you have maybe heard of this.. BEST THING SINCE SLICED Bread!!!!!!!! almost no joke.. i have it running on A26 though you do have a couple steps to do BESIDES the README file install.. it mentions howto create a TUN .. you need to as knoppmyth has no "/dev/net/tun"

http://www.hamachi.cc/

its a FREE _almost_ ZERO config vpn using AES 256 so its HELL-a-secure and runs on windows, linux.. and soon mac.. it also.. need _NO_ ports open.. so it runs on companies with over protective IT admins.. anyway now i can manage my mythbox from work.. without ssh.. and port forwarding.. also works PERFECT with dialup.. .. has my vote to be included with knoppmyth.. but either way.. i will be using this for years!! This is a cool time to be alive. =)

edit: for alot of background about what it is.. listen to mr security himself (the guy who coined and discovered spyware) steve gibson, talking about it.
http://media.grc.com/sn/SN-018.mp3

A mate of mine has been using this for sometime on his Windoze box for gaming. Good to see it going to the Linux platform.

_________________
Girkers

Seems like an interesting package. Personally I have good experience with OpenVPN (http://www.openvpn.net). Also pretty straight forward to setup.

Be careful calling Mr. Gibson a security expert. Apparently his status is very debatable: See "Criticisms" and listed links at: http://en.wikipedia.org/wiki/Steve_Gibson

ahh wikipdia.. Criticisms on the internet?? http://www.usatoday.com/news/opinion/ed ... edit_x.htm

ahh well opinions are like armpits everyone has four or more for reference see the popularity of gentoo =)
i have been listening to steve for years and have never found any problems..

Good point! Wikipedia's credibility is debatable too.
The links mentioned in the wikipedia article about Steve Gibson I already read some time ago. They show Mr. Gibson stirs up emotions without always backing it with facts. That doesn't mean that when he raves about Hamachi, he's not right. Just for me it's not a major selling point, hence my reaction. But agreed always be critical on your Internet sources.

well anyone who raves about a security application with a built in "man in the middle" attack has to be questioned. Not that it makes the application less secure than say standard im or p2p, but the "server" you use to establish the connection (an thus knows the key) could belong do anyone since it's a p2p type application.

_________________
Have a question search the forum and have a look at the KnoppMythWiki.

Xsecrets

Doesn't work for me at work. Requires UDP traffic, so it's a no-go for me. Everything besides TCP/port 80/443 is blocked here.

Um, actually not so much. The way this works, when you create a machine profile (i.e. install the software), the server creates a public/private key pair, keeps the private key and gives the machine the public key. When you start creating the networks, the server only lets you in if you have a public key that matches the private key. So the only way a man in the middle attack will work is if the new guy has the private key. If that's true you were screwed anyway.

Yikes! That takes paranoid to a new level. Not even port 25 for email? Guess all you can do is surf the web all day.

And I do it enough to make up for all the other things I can't do.

still doesn't really matter as the entire tunnel has to be built through that server from both ends separately, so that server can easily grab all the data in an unencrypted form if someone were to hack that capability into it. that is the only way it can get around a NAT on both ends. Like I said the likelyhood of this happening is probably not great, but for the tinfoil hat types it's still there.

_________________
Have a question search the forum and have a look at the KnoppMythWiki.

Xsecrets

Well, that's not my understanding of the way this thing works. As I understand it, the public/private key is used to figure out who is *allowed* to build a tunnel between whom. The server is also used to figure out how the peers can talk and then the two peers setup the tunnel. The server isn't involved in the tunnel at all, and no data is ever sent to the server. The server is only faciliating the exchange, not participating in it.

thats exactly right.. As far as it not working.. i have had 1 of my setups where it didnt work as well.. hamachii says about 3-5 % of the networks wont be supported for whatever reason.. but when it works.. 4 out of 5 places for me.. it works perfect.. without opening or forwarding ports..