Domain: poptop.org
Stories and comments across the archive that link to poptop.org.
Comments · 13
-
Poptop
If you want good integration with windows (read: PPTP), and want to keep it on a nice cheap *nix box, try Poptop . Runs on most any *nix, entirely compatible with the builtin PPTP support in recent versions of windows. I've been running it for my own purposes (admittedly not on a "small business" scale, only one or two users) for years on a modest linux box and it hasnt given me any trouble connecting from WinXP or linux clients.
-
Re:Opensource list
Some corrections...
---
Sound Juicer ( http://www.burtonini.com/blog/computers/sound-juic er )
---
MusicPD ( http://www.musicpd.org/ )
---
Something went wrong after freenx.berlios.de...
http://freenx.berlios.de/ ) - Well made remote desktop solution, but no server for Windows atm.
21. Both PPTP and LT2P/Ipsec ones exist. Poptop ( http://www.poptop.org/ ) ... -
Why not use VPN?
My Wireless network at home is set up so the only thing anyone sees is my VPN ports open on my server. In order to get into my home network, you have to login to the VPN. So I have my authentication and encryption. The only problem is if I need to VPN into a customer site. Then I just use my desktop PC anyway. Works fine for me!
Here's a link to get you started! -
Linux based VPN gateways
Are cheap, easy to setup and mantain, highly flexible and very cost-effective.
Depending on what you're planning to do, you can use any of the several VPN implementations out there, just to name a few:
* PoPToP, a PPTP server, compatible with the VPN client that Windows has always has,
* vpnd, really easy to set up, ideal gw to gw VPN solution, seems a little outdated but works great over slow links,
* OpenVPN, a highly portable, flexible and multiplatform VPN solution, which supports gw to gw and gw to host style VPNs,
* etc. There is also LinVPN, FreeS/WAN / Openswan, et al
Best regards. -
Hrm....
(1) SMB:
The support is there fore most distros to use an AD server for authentication, (users, not groups, and the users must exist in the password file). On fedora, which I recommend as an alternate to RHEL (RedHat is the easiest to configure in this area imho), the command to look at is authconfig. Enter your domain, your primary and secondary servers, and your AD auth setup is done.
(2) VPN:
consider using PopTop as a pptp vpn server for linux. There is documentation available but there are also other ways of doing it
(3) Research:
Do some research. The Linux Documentation Project is a good source. But google is your friend as well. -
Palm Tungsten CThe Palm Tungsten C is (relatively) cheap now ($399/retail qty 1) and you can slip them into a ziplock bag (and use them that way, with the thumb-board). It will keep the units clean, protect the screen from scratching, and make it water resistant/spill proof. I do this when I'm working in less than clean/dry conditions.
They have WiFi (including WEP-128, and a VPN client compatible with Poptop), a graphical SSL web browser, an email client, and can even do SSH2. It's an Xscale 400MHz based PDA, so it may even run Linux some day.
:-) -
Rely on software not the hardware: always use VPN.Give that WiFI was crippled from birth I assume its clear even if its WEP-64. It would have been so easy to add DH key exchange plus strong crypto or use the SSL style encryption handshakes but no they invent their own. OK maybe I missed the fine technical details on WEP but its not exactly trused is it whereas SSLv3 (of a suitable key length and algorithm) is trusted.
So yes I have WEP and MAC filters turned on my Home Wireless but the Access Point (infrastructure mode) is on its own DMZ LAN and plugged into a Linux box. This Linux box has 3 Ethernets - the ADSL router and trusted LAN connections plus the Wireless LAN. The firewalling is all done via iptables configured using FWBuilder on a different Linux machine-I really recommend FWBuilder once you get into it.
The firewalling ONLY allows PPTP tunnels to be setup from WiFI clients. The Linux PPTP server is PoPToP on Linux side and standard PPTP client with WinXP on Laptop side. The laptop thus gets allocated a new IP address for the tunnel from within my trusted address space (so as to thus get through iptable filters OK) on the PPTP link and the laptop also uses this as its default gateway. BTW: Counterpane found flaws in how MS implemented PPTP not PPTP itself so I'm happy with PPTP for the moment and I use a separate (non-easy) password for the PPTP tunnel.
Wokflow is thus...powerup Laptop. Double-click Connect To Homelan (password is cached in dialog box on WinXP). Wait for handshacking and authentication and tunnel setup. Surf.
My next move has to be IPSec with FreeS/WAN but ideally certificate based. So for me WiFi security is just not relevant anymore because it'll always be more flexible to place the crypto burden inside software as opposed to using hardware devices.
-
Re:Should the owner of the Wireless AP be blamed?
-
Re:PPP?
> How would you manage to run PPP over IP?
Microsoft managed to do it. The protocol is called pptp and does just that. I know this is off topic, just wanted to point out that ppp over ip is totally doable.
http://www.poptop.org -
Re:Too much crud
A little correction: PoPToP is a PPTP server, not a pop3 server
:) -
Try PPTP
Works for me (although I've not gotten encryption running yet), works for linux, works for Win 95 and higher without installing extra tools. Full authentication and encryption support. This should get you going. It's similar to PPPoE, except I suspect it's a little less hated by sysadmins.
-
POPTOP? (Linux implementation)
Does anyone have any information regarding the Linux version of PPTP?
-
corrections, suggestions, etcFirst of all, the phrase "routing" is a misnomer. Web caching is something that happens on the application layer of the OSI model, layer 7, whereas "routing" refers to layer 3, which supplies IP routing for the TCP/IP protocol suite. What's broken is their caching, their cache server, or their proxying; pick a term.
Second, there's a lot of ways around it which involve tunnelling.
Tunnel to another box running a non-broken web cache. I used to tunnel my http traffic through ssh to my colocated boxes, which ran adzapper, and proxied through that.
Tunnel at the IP layer by running any IP-in-IP encapsulation. If you have some version of windows, for example, you might convince someone with a server to run a PPTP server for you somewhere and you could tunnel through that. There are even Free PPTP Servers for Linux available to help.
Find someone who runs a little proxier for their own net with socks, and bounce off their socks proxy. Someone you know no another ISP probably has Wingate or the like running, and if they allowed it (and on some older version, it will permit this by default), you could set your browsers SOCKS settings to bounce off their proxy server, and since SOCKS isn't on port 80, your ISP will probably ignore it.
There are also a number of things you might discuss with your ISP to resolve the issue.
Suggest that they switch to a less broken cache server. (Squid, anyone?)
Suggest that they exempt you specifically from the cache server by telling it to ignore your ip address.
Note that they have an obligation to make sure their caching software doesn't interfere with your browsing; so it will be necessary (and not cost-effective for them) for you to call for every problem you notice.
Obviously, you'll need to probably speak to a whole number of supervisors, and probably eventually get transferred to a "real engineer", and they will probably hack in a fix (like exempting you only) rather than truly deal with the problem.
If all else fails, then you may want to try issuing ultimatums, like, "If you can't fix this problem, then you can cancel my service." Tech support people are lazy, however, in some cases, and may just opt to cancel you. This is a harsh reality in the world of consumer bandwidth -- and it will be worse, soon, with bells closing their DSL lines to competition, meaning unless someone else builds a telephony infrastructure to you, you'll probably pick Cable vs 1 DSL provider, and if you don't like something at either of them, you're just out of luck.