Absolutely Secure VPN Gateway


It's the most secure way to connect & now its free!

Connecting to secure systems over the Internet just got a whole lot safer and easier.

* Need to connect numerous service providers to different components on your network and
keep total control ?
* Need to provide easy access to busy staff members when they are away from the office ?
* Want to have access to your home computer when your overseas ?
* Worried about SpyWare and maintaining security ?
* Looking for a VPN solution that is quick and easy to install ?

Stop looking ! This is the perfect solution

Download your free copy from here:
http://www.ttc4it.co.nz/download/TTC...re-Gateway.zip

This is a VMware appliance so you'll need VM Player. You can download you free VM player
from here:
http://www.vmware.com/download/player/

Full documentation and support is available from here:
http://www.ttc4it.co.nz/cgi-bin/yabb/YaBB.cgi

Secure VPN Gateway from TTC enables you to connect to applications and network services,
secured behind a firewall, without compromising security.

At TTC we have developed a secure VPN system that is suitable for everyone to use. There
is no tricky installation and no client configuration. The whole product is can be up and
running within a few minutes of downloading. This save you time and allows you to get on
with business.

The Secure VPN Gateway just requires a dhcp server to provide it with a network address.
With this information it configures itself and tells you how to access the management web
page.

The VPN client package learns everything directly from the Secure VPN Gateway. Once
started, the person using the Secure VPN client, is presented with a menu of their
available network services. Access is as simple as clicking a start button.

Our key to security.
====================
Our extreme security comes from individually coded client packages that are generated for
each user by the Secure VPN Gateway. This builds unique digital keys directly into each
client package. The built-in digital key improves security beyond that of many VPN
clients because the user must have the correct client package (digital key), the correct
login name, and the correct password. The digital key is never typed and all network
communication is strongly encrypted, so “SpyWare” applications are unable to break the
security. This is of vital importance for people who use public computers to access
corporate or private resources.

The Secure VPN gateway is configured and managed from an administration web page where all
account setup functions are performed. Administrators can create, edit, delete, and
disconnect live users from this web page. Network link rules are defined and then
allocated to user accounts. Network link rules provide a network description of the
service that the user is connecting to. The rule definition allows the administrator to
use their own words to describe the link rule making it easily adaptable to ever users
level of understanding.

For example; “Bob's human resource files” or “Corporate internal e-mail server” rather
than cryptic strings of numbers.

Help is only a click away
=========================
http://www.ttc4it.co.nz/cgi-bin/yabb/YaBB.cgi

We have eliminated the most frustrating problem with downloaded software by putting all
the documentation and access to the software developers right at your fingertips.

This is done through a free bulletin board where users can read and download
documentation. They can also share their own experiences with using the software.
Posting issues and solutions for all users to share. Access to the bulletin board is
provided directly from the Secure VPN Client and the Administration web page.

To post a topic/question you just need to register first.

How was it built
================
This VMware appliance has been built on top of the outstanding freeware firewall,
Smoothwall Express. Written exclusively in Perl the TTC Secure VPN Gateway has been in
development and testing for the past 24 months.

It was intended to run on a standalone server but thanks to the efficient VMPlayer from
Vmware it can now be run under any environment where VMPlayer is supported. The most
significant market breakthrough here is the ability to deploy it as an application on a
Microsoft Windows system.

Vmware workstation has played a vital part in the development and testing of the TTC
Secure VPN Gateway. We are delighted to be able to offer this application

How to get started
==================
Once you have installed VMPlayer and downloaded the zip file “TTC-VPN-Secure-Gateway.zip”,
simply expand the zip file on the computer that will be hosting the VM-appliance.
Now start VMPlayer and open the VM appliance found under the TTC-VPN-Secure-Gateway
directory.

The appliance will start automatically. When it is up and running a page of information
will be displayed on the VMPlayer console. Press enter to make sure the information is up
todate.

The information on the console will show you three important details:
1.The external IP address of the Secure VPN Gateway.
2.The port forwarding rule to configure on your firewall (if you have one) to enable the
VPN clients to communication with the Secure VPN Gateway.
3.The URL for accessing the management web page.

For example:
============
Secure VPN Controller
My external IP address is 192.168.1.184
If I am behind a firewall please set a port forwarding rule on the firewall as follows:
inbound TCP port ==> TCP port : IP address
2227 ==> 2227 : 192.168.1.184
Then access my web management interface and change the settings for the “external
interface” to firewall's external IP address.
The URL for my web management interface is:
http://192.168.1.184:81/vpn_frame.html

When you access the management web page you will be prompted to login.

The default user name is : administrator
The default password is : admin123
(This can be changed from the “Manage the users of this page” menu option.)

Note# The full documentation and online help is available by clicking on the words “Click
here for help” at the top right of the screen.

After logging in to the web page as the administrator, use the menu on the left side of
your screen and click on “Change settings”. Make sure that the “External IP” address is
correct. If you will be accessing the Secure VPN Gateway through a firewall the “External
IP” should be set to the IP address that reaches the firewall from the Internet.

If you do not have a firewall then the “External IP” setting should be correct.

Now generate your first VPN Client kit by clicking on the Refresh keys icon for the
administrator. And confirm that you want to proceed. Now click on the red download symbol
to receive a copy of the administrator VPN client kit.

Congratulations, this client kit can now be used to connect to Secure VPN controller from
the Internet.

Now its time to “Click here for help” and download a copy of the Secure VPN documentation.
This will explain how to:
Use the VPN client.
Create VPN Link Rules
Create user accounts
Even how to change the logos to your own.

David Gempton <davidg@ttc4it.co.nz> wrote in news:447f7d6d@clear.net.nz:



If a man brags about his honesty, or a woman her virtue, avoid the former
and cultivate the latter.

IOW why the fuck should we trust you?

Regards,

"David Gempton" <davidg@ttc4it.co.nz> wrote in message
news:447f7d6d@clear.net.nz...
It's a joke: I've written to the website owner: and he's responded only that
it's Legitimate! Honest! I Promise! Ask me anyithing! And here's the website
with my non-existent documentation, all written by me!

Given the lack of documentation, source code, explanation of how it works,
and the apparent one-person operation, it's obvious that it's a start up
operation and lacks any pretense of code review that should be in place for
what is obviously a one-man operation, no one sane should be using it.

Also, since he's stated in his email to me that it "uses the OpenSSH"
protocol, I'm notifiying the OpenSSH authors that he's probably in violation
of the very limited OpenSSH licensing.

What a maroon!

I just double-checked the license of OpenSSH, which states:

* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
* As far as I am concerned, the code I have written for this software
* can be used freely for any purpose. Any derived versions of this
* software must be clearly marked as such, and if the derived work is
* incompatible with the protocol description in the RFC file, it must be
* called by a name other than "ssh" or "Secure Shell".

I wrote to the website's public info address: it's obviously a one-man
operation, since David Gempton himself wrote back to me with this. (I'm not
posting the entire letter, because it's generally considered rude to post
the complete contents of a private email to a public newsgroup, even though
it's probably nto a copyright violation as some fools complain if you do
so.)

This is a product that uses openssh protocols to provide encrypted
communication channels between clients - the secure gateway - and
network services on the same LAN as the secure gateway.

So I submit among its other weirdness, it's a violation of the very generous
OpenSSH license, since the software is closed source and makes no such
public notice. Moreover, since he's acting like this, I certainly wouldn't
want to use a security product from anyone this obviously such a fool. The
stuff obviously needs a complete public souce code publication to see just
what else he's done under the hood.

I've never heard of him before this crosspost to comp.security.ssh, where
I'm active. Can anyone here vouch for him? Was this just a really, really
bad mistake?, or what? The only stuff I see in groups.google.com from the
same name is from 1997 and 1998, also from New Zealand address, so it might
be the same guy. But it's not as if this is from a well-respected,
well-known poster.

Nico Kadel-Garcia
nkadel@comcast.net

Never trust anything Described in Capitalized Superlatives!

--
Richard Silverman
res@qoxp.net

Call me skeptical, but why would I want to risk using an unknown
security product? Why should I choose this over something like OpenVPN
which is also free and makes the source code available for review?

In article <07adnTeO3MlhM-LZRVn-gg@comcast.com>,
Nico Kadel-Garcia <nkadel@comcast.net> wrote:
Where to start??

- These are international newsgroups.

- Copyright law varies from jurisdiction to jurisdiction.

- Copyright law deals with the Rights To Copy (and to control when
copies are made.)

- In many jurisdiction, material is considered "published" if unrestricted
access to it is made available to even just one person in that
jurisdiction. For example, a letter sent to a *specific* (listed)
set of people is not usually considered to be "published", and
material made available only under NDA (Non-disclosure agreement)
{including in the course of employment} is not usually considered
"published", but if the material is made available without controls
(e.g., copies offered for public sale, a copy posted on the town
notice-board) then the material is usually considered "published".

- In many jurisdictions, publishing includes electronic dissemination

- In many jurisdictions, if a person submits an electronic document
to an automated copying mechanism, then that person is considered to
have made all of the copies that result without further human interaction

- Thus, in those jurisdictions, the action of posting a letter to
a Usenet newsgroup (which is, by definition, allowing uncontrolled access
to the letter) is considered to be one count of "publishing" the letter
for each automated copy that results -- even though only the person
only pressed "send" once.

- Hence, posting a letter to a Usenet newsgroup is considered by
many jurisdictions to be "copying" the letter and "publishing" it,
both done many times over. Therefore, the legal authority to post a
letter to Usenet is there considered a matter subject to Copyright law.
Copies are deemed to have been made, and the question then becomes
one of whether the poster had the legal right to make (trigger) those copies.

- Copyright law usually applies to "an original expression of an idea";
presuming that David Gempton did not use a form letter, his response
was likely sufficiently "creative" for copyright law to apply to the
parts of it that he himself phrased. Note that Copyright law does not
apply to the ideas themselves[*], only to the -expression- of them: the
actual words.[*] Exception: the entertainment industry especially is
increasingly pushing to restrict "derivative works" (originally
applicable only to translations and to substantial reproductions of the
original words...)

- We have by now established that Copyright law applies to the
situation [in many jurisdictions], and have reduced the question down
to one of whether the jurisdiction's local Copyright law would
permit the substantial reproduction of a previously-unpublished letter.

- The limits on reproduction vary from jurisdiction to jurisdiction.

-The US has its "Fair Use Doctrine" (which is not actually written
into law under that name); the boundaries of Fair Use are a bit
fuzzy in the USA, but case law has deemed copying of as little as
three lines of a short work to not be within the limits of Fair Use.
The publishing of large extracts of a longer work has rarely been
considered to be Fair Use except in cases of high Public Interest.
And increasingly, case law in the USA has been saying that even
in situations that were traditionally Fair Use (e.g., academic photocopying),
that if there is reasonable time available to ask permission for
the copying, that the permission must be sought [with some leeway
allowed for researched criticisms of a work whose author would likely
not grant copying permission in order to avoid the criticism.]
http://www.copyright.gov/title17/92chap1.html#106

- Canada does not have any equivilent to the Fair Use Doctrine;
the "Fair Dealing" clauses are quite limited, and
the suggested letter-posting activity would not fall within the boundaries
of any of them
http://laws.justice.gc.ca/en/C-42/23...tml#Section-29

- US case law is sufficiently fuzzy that one could perhaps talk about
"probability" of a copying being within the limits of Fair Use
(and thus not a copyright violation in the USA), but Canadian law is
much more rigid, and it would essentially only be meaningful to
speak of reproducing a letter being "probably" a copyright violation in Canada
if the probabilities being referred to were zero (i.e., "not") and
one (i.e., "decidedly so".)

- In other words, posting a private letter to Usenet "probably" IS
a copyright violation -- unless one wishes to play games like
"Oh, my IP is from the USA but I'm really in a country that doesn't
have a copyright law and doesn't recognize any other country's
copyright laws."


Perhaps, Nico, you were thinking of a different matter: not whether it
would -be- a copyright violation, but rather what the likely legal
-consequences- would be for that violation.

For example, in Canada, if the original letter author bothered to do
anything, the most -likely- result of posting of an informative letter
from a non-famous person, would be a $C200 fine plus court costs and a
lecture to Don't Do It Again. (Statutory $C50 per count, multiple
counts would be deemed, but the judge would have considerable leeway in
fixing the count; $C200 is about average for multiple count cases where
malicious publication is not established, sliding up to about $C800-
$C1000 if there were previous interpersonal spats but no monetary
gain from the publication.) Stronger penalties are definitely possible,
especially where there is monetary value involved, but the legal
standards of proof are also noticably higher than for the stat penalty.

Walter Roberson wrote:

Damn, no. The reason is a quite simple one: You cannot expect the sender
to be unwilling to allow publishment unless he explicitly stated so. By
posting a letter to someone you're actively putting it into public domain.

The reason why it's illegal under _zivil_ rights is that's an
unreasonable violation of privacy to publish someone else's private
information without even asking him first.

Sebastian Gottschalk wrote:
Hey, cut the crap guys, I want to buy this thing - does it work?!

Read this first:

http://www.schneier.com/tristrata.html

--
Richard Silverman
res@qoxp.net

"Sebastian Gottschalk" <seppi@seppig.de> wrote in message
news:4ebm8cF1djo7eU1@news.dfncis.de...
Off-topic, and I Am Not A Lawyer, but a followup. The questions of email and
Usenet copyright are quite old, and pretty well described at this antique
FAQ:

http://www.faqs.org/faqs/law/copyright/faq/part3/

In particular, this note makes sense to me:

3.8) Are Usenet postings and email messages copyrighted?

Almost certainly. They meet the requirement of being original works of
authorship fixed in a tangible medium of expression (see section 2.3).
They haven't been put in the public domain; generally, only an
expiration
of copyright or an unambiguous declaration by an author is sufficient to
place a work into public domain.

There is then considerably more detail about what constitutes a violation of
the existing copyright. My nose is completely clean due to the "fair use"
doctrine, for reasons better described there. Admittedly, this probably is
not New Zealand law, but I'm sticking with my own country's laws for
safety's sake.

Chuck wrote:

....good point!

Imhotep wrote:
Or pptpclient and poptop, both at sourceforge.net with the same benefits and
interoperability with Microsoft's built-in VPN tools.

On 2006-06-02, Nico Kadel-Garcia <nkadel@comcast.net> wrote:
Actually that's just the license for a subset of the files. The copyright
is held by a number of people (including, for recent Portable versions, me)
and while each file has its own license, a summary is available in the
file "LICENCE". It says, in part:

"The licences which components of this software fall under are as
follows. First, we will summarize and say that all components
are under a BSD licence, or a licence more free than that.

OpenSSH contains no GPL code."

[...]
Their use of OpenSSH is probably OK (I say "probably" because I'm not a
lawyer and am not the copyright holder of most of it).

A more interesting question is: what about the other components that
they use? They appear to be using at least the Linux kernel which most
definitely *is* GPLed (and most Linux-based systems use many other GPLed
components in addition to just the kernel).

I downloaded the zip file and it contains only vmware images and no source
code. Can someone who has run it confirm whether or not the source for
the GPL'ed (and LGPL'ed) parts is available?

(Followup-To: set)

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Rick Merrill wrote:

I wrote Secure VPN Gateway. It does work and in my opinion it works really well. I
believe that I have addressed some security issues that other products have not.

My reason for posting to these three news groups is that they all focus on Computer
security issues. I hoped that members of these groups would also be focused on security,
rather than GPL trivia.

My product needs to be tested, poked, and prodded by people that really know the security
field.

In particular I'd like to know answers to these questions regarding the Secure VPN Gateway:

1) Can you stage a man in the middle attack and successfully gain access to a users
network services ?

2) Using some sort of spy ware (and not one you've written just for this product) can you
automatically capture the ssh2 rsa file, username & password. Then use these to access any
network services on the VPN gateway ?

3) Can anyone crack the Secure VPN gateway with whatever means they like and then gain
access to any on the defined user network services ?

By "user network services" Im refering to the "Link rules" which are basic ssh port
forwarding details.

Please note - Im really looking for constructive information here so please provide full
details on how you managed to get around the security. I plan to use the information you
provide to make the product even more secure. If I use your ideas, I'd like to include
you in the product credits.

Regards
David Gempton. - Programmer (Not Lawyer

David Gempton wrote:

With no usable documentation, no published source code, and due to the lack
of published source code, a complete violation of the GPL license for any
GPL components such as glibc or a Linux kernel. It's a blackbox from an
unknown author with no previous large scale products, making outrageous
claims about being "Absolutely Secure VPN Gateway".

There's not even an installation guide: that's just pitiful. Without source
code, we have to assume to assume that the rest of your work is equally lax
and poorly thought out. Nothing personal against you, but that's not how you
engender the necessary trust in potential clients or users.

Then publish your source, or do what a closed source software company must
do: hire experts to review it. No one sane is going to vouch for it without
access to the source.

No, you're really not. You're looking for validation by some of the really
sharp people available here of your personal little black box security tool.
With no documentation and no source, this is like asking for a restaurant
review and not even showing people the menu, only showing them the sign on
the door.

I've just downloaded Smoothwall Express, and guess what? It's GPL Licensed,
and by failing to publish your source code to people using your software,
you're clearly in violation. I'm notifying them immediately.

Nico Kadel-Garcia
nkadel@comcast.net

all mail refused wrote:

I guess I was thinking along the lines of public Internet places (like Internet cafes)
where the spyware that may be installed is going to be more general. Like key-logging
software.

Im sure that given a little information about how my software handles security it would
not be difficult to write a very targeted application that could obtain a copy of the
security details.

This is an area that I am currently working on improving. My aim is to come up with a
connection model that mutates every time its used. So even if you get a copy of the
security details they will be of no use if you try and use them again.

- David Gempton.

Nico Kadel-Garcia wrote:

Never liked pptp and I am not a Windows user but, good point about them (and
sourceforge)...

Imhotep

"David Gempton" <davidg@ttc4it.co.nz> wrote in message
news:4485f81b$1@clear.net.nz...
Ahh. Security through obscrutityy, *AND* violation of the GPL of the
SmoothWall Express software you're pirating. (And you're blatantly in
violation of the GPL on their software, by your own admission of using it
and your failure to publish your source code along with your downloads.)

And this guy wonders why no one will take it seriously as the "ABSOLUTELY
SECURE VPN" he advertises it as. Sheesh!

On 2006-06-06, David Gempton <davidg@ttc4it.co.nz> wrote:
[...]
Copyright infringement and (lack of) license compliance in a product
that you are selling is "trivia"?

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.