Jump to content
RESET Forums (homeservershow.com)
rheo

WHS 2011 - rdp remote access

By rheo, in Remote Access

Recommended Posts

revengineer    20

revengineer
Posted

Https and vpn are based on similar ssl technology and if you use vulnerable libraries you are screwed either way.

Share this post

Link to post
Share on other sites

jmwills    284

jmwills
Posted

I'll trust VPN over SSL.

Share this post

Link to post
Share on other sites

Jason    73

Jason
Posted

With WSE12R2 I just RDP to the server using the remotewebaccess.com Remote Gateway for HTTPS encryption. Or VPN via SSTP to server and RDP using the LAN IP. I think they're both HTTPS really?

Share this post

Link to post
Share on other sites

jmwills    284

jmwills
Posted

VPN is tunneling.  The entire session is encrypted and more secure than SSL (also known as TLS)

Share this post

Link to post
Share on other sites

dataoscar    0

dataoscar
Posted

VPN is tunneling. The entire session is encrypted and more secure than SSL (also known as TLS)

How is VPN more secure than SSL? You are overgeneralizing. Both are a set of technologies that use encryption ciphers to accomplish similar behaviors. There are VPN products that use SSL to do the tunneling.

 

 

 

Sent from my Nexus 4 using Tapatalk

Share this post

Link to post
Share on other sites

jmwills    284

jmwills
Posted

Heartbleed

Share this post

Link to post
Share on other sites

ikon    438

ikon
Posted

How is VPN more secure than SSL? You are overgeneralizing. Both are a set of technologies that use encryption ciphers to accomplish similar behaviors. There are VPN products that use SSL to do the tunneling.

 

Sure they both use ciphers, but the exact ciphers they use, and how they're used, are critical factors in how secure they are. I think we can safely assume jmwills is NOT using a VPN based on SSL (let's face it, SSL-based VPN is relatively new compared to others).

Share this post

Link to post
Share on other sites

dataoscar    0

dataoscar
Posted

Sorry but heartbleed was due to a bug, so rather a bad implementation of a standard. 

 

I am trying to discern between the broad statement that "vpn is more secure than ssl" . 

 

At the core of the matter, both are using encrypted tunnels. SSL is just encrypting the HTTP protocol. 

Share this post

Link to post
Share on other sites

jmwills    284

jmwills
Posted

When you use https, your browser (acts as a SSL client) will only encrypt this connection to the webserver.

 

When you use VPN, you need a special client and establish a tunnel between the client and the server. Then you can configure which traffic goes through the tunnel. This can be everything or just your http traffic.

Share this post

Link to post
Share on other sites

ikon    438

ikon
Posted

Hmmmm, I don't think I would agree that SSL is creating a 'tunnel'. In the VPNs I've set up, there are actually 4 IP addresses used: one for the server, one for the client, and one for each end of the virtual tunnel. IOW, the tunnel is its own VLAN. AFAIK, SSL doesn't do that.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing


×
×
  • Create New...