|
|
#1
November 22nd, 2011, 06:31 PM
|
||||
|
||||
OpenVPN-NL released.
Dutch IT security company FoxIT, has released it's version of OpenVPN.
OpenVPN-NL is used by the Dutch government for confidential communication. It has been developed at the request of the NBV, part of the Dutch Intelligence and Security Service (AIVD). One of FoxIT founders, Ronald Prins has an academic and professional background in encryption and has worked for the AIVD previously. The main reasons for developing were; -The product (OpenVPN) allows many insecure configurations, such as turning off encryption, or the use of outdated cryptographic functions in security critical places. -The trust to be put in the supply chain of the software is not warranted. The Dutch government simply cannot verify whether all the versions and releases out in the wild are legitimate (i.e. secure and uncompromised) versions of OpenVPN. The difference is that OpenSSL has been changed for PolarSSL; encryption has been changed from BF-CBC/SHA1 to AES-256-CBC/SHA256 (with no other options available). Also, the OpenVPN code has been scrutinized, resulting in removing some 8000 lines of code (insecure and less secure options) and adding 4000 new lines of code (hardening). OpenVPN-NL has been certified as NLNCSA criteria Level 2/NATO 'Restricted' classification. OpenVPN-NL is available for Windows, Ubuntu, Suse Enterprise, Redhat Enterprise and Debian. It's open source so available to everyone; source code link More details and DL location can be found at FoxIT website link.
__________________
ROMANES EUNT DOMUS |
|
#2
November 23rd, 2011, 04:20 PM
|
||||
|
||||
|
Re: OpenVPN-NL released.
Thanks for this. I'd love to hear more about it from somebody qualified to dissect that code. Is this thing ready to use, or is it still flawed/buggy, and more like a beta? I really want to try it out but I want to know more about it first.
__________________
XP Pro SP3: Comodo FW/D+ 5.10 ▪ Sandboxie 3.76 ▪ VT Hash Check 1.01 ▪ OpenVPN 2.2.1 ▪ VirtualBox |
|
#3
November 23rd, 2011, 07:06 PM
|
||||
|
||||
|
Re: OpenVPN-NL released.
^It's definitely final.
You can read a bit more about it yourself in the english version PDF available here (bottom page; 'Inzetadvies OpenVPN-NL versie 1.0' (232 Kb). ('Inzetadvies' means 'deployment advice'). I'm sure OpenVPN-NL will be dissected&scrutinized thoroughly but it will likely take a couple of days/a week before reviews pop up. In the mean time, PolarSSL seems quite glad having been chosen for this project link
__________________
ROMANES EUNT DOMUS |
|
#4
December 24th, 2011, 06:59 AM
|
||||
|
||||
|
Re: OpenVPN-NL released.
I'm still really interested in hearing more about this. I have the site favorited and check it out once in awhile. I tried it out for myself, but I just get this error message:
"This application has failed to start because MSVCR100.dll was not found. Re-installing the application may fix this problem."
__________________
XP Pro SP3: Comodo FW/D+ 5.10 ▪ Sandboxie 3.76 ▪ VT Hash Check 1.01 ▪ OpenVPN 2.2.1 ▪ VirtualBox |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
