Uma solução segura e escalável para Acesso Remoto VPN
Abstract
This work presents a remote access VPN solution using FreeS/WAN software, an Open Source implementation of the IPSec protocol for Linux. This solution wants to address authentication, remote system configuration and intermediary traversal requirements present in common remote access scenarios using IPSec. Due to the significant market share occupied by Microsoft products, some integrated Windows based VPN client solutions are also discussed.
References
de Rezende, E. R. S. and de Geus, P. L. (2002). Análise de Segurança dos Protocolos utilizados para Acesso Remoto VPN em Plataformas Windows. In IV Simpósio sobre Segurança em Informática, page Disponível em CDROM, S. José dos Campos, SP, Brazil.
Harkins, D. and Carrel, D. (1998). The Internet Key Exchange (IKE). Internet Engineering Task Force, RFC 2409.
Kaufman, C. (2003). Internet Key Exchange (IKEv2) Protocol. Internet Engineering Task Force, Internet Draft.
Kent, S. and Atkinson, R. (1998). Security Architecture for the Internet Protocol. Internet Engineering Task Force, RFC 2401.
Kivinen, T., Swander, B., Huttunen, A., and Volpe, V. (2003). Negotiation of NAT-Traversal in the IKE. Internet Engineering Task Force, Internet Draft.
Patel, B., Aboba, B., Kelly, S., and Gupta, V. (2003). Dynamic Host Configuration Protocol Configuration of IPsec Tunnel Mode. Internet Engineering Task Force, RFC 3456.
Pereira, R., Anand, S., and Patel, B. (1999). The ISAKMP Configuration Method. Internet Engineering Task Force, Internet Draft.
Piper, D. (1998). The Internet IP Security Domain Of Interpretation for ISAKMP. Internet Engineering Task Force, RFC 2407.
Steffen, A. (2003a). Virtual Private Networks Coping with Complexity. In 17th DFN-Workshop on Communications Networks.
Steffen, A. (Acesso em: 20/11/2003b). X.509 FreeS/WAN Patch – Instalation and Configuration Guide. Disponível em: <http://www.strongsec.com/freeswan/>.
Strasser, M. (Acesso em: 20/11/2003). DHCPv4 Configuration of IPSec Tunnel Mode HOWTO. Disponível em: <http://www.strongsec.com/freeswan/dhcprelay/>.
Harkins, D. and Carrel, D. (1998). The Internet Key Exchange (IKE). Internet Engineering Task Force, RFC 2409.
Kaufman, C. (2003). Internet Key Exchange (IKEv2) Protocol. Internet Engineering Task Force, Internet Draft.
Kent, S. and Atkinson, R. (1998). Security Architecture for the Internet Protocol. Internet Engineering Task Force, RFC 2401.
Kivinen, T., Swander, B., Huttunen, A., and Volpe, V. (2003). Negotiation of NAT-Traversal in the IKE. Internet Engineering Task Force, Internet Draft.
Patel, B., Aboba, B., Kelly, S., and Gupta, V. (2003). Dynamic Host Configuration Protocol Configuration of IPsec Tunnel Mode. Internet Engineering Task Force, RFC 3456.
Pereira, R., Anand, S., and Patel, B. (1999). The ISAKMP Configuration Method. Internet Engineering Task Force, Internet Draft.
Piper, D. (1998). The Internet IP Security Domain Of Interpretation for ISAKMP. Internet Engineering Task Force, RFC 2407.
Steffen, A. (2003a). Virtual Private Networks Coping with Complexity. In 17th DFN-Workshop on Communications Networks.
Steffen, A. (Acesso em: 20/11/2003b). X.509 FreeS/WAN Patch – Instalation and Configuration Guide. Disponível em: <http://www.strongsec.com/freeswan/>.
Strasser, M. (Acesso em: 20/11/2003). DHCPv4 Configuration of IPSec Tunnel Mode HOWTO. Disponível em: <http://www.strongsec.com/freeswan/dhcprelay/>.
Published
2004-05-10
How to Cite
REZENDE, Edmar R. S. de; GEUS, Paulo L. de.
Uma solução segura e escalável para Acesso Remoto VPN. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 4. , 2004, Gramado.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2004
.
p. 36-47.
DOI: https://doi.org/10.5753/sbseg.2004.21224.
