Hi Herbert, Monday, June 26, 2006, 8:53:09 PM, you wrote: > On Mon, 2006-06-26 at 21:47 -0300, Gerhard Fiedler wrote: >> Herbert Graf wrote: >> >> > Since the router with VPN is their only connection to the rest of the >> > internet only physical access can bypass it (unless they manage to hack >> > the VPN router, possible, but easy enough to secure). >> >> I think this may be a downside of this approach. Patrick talked about young >> boys with technical inclinations... I think it won't be long before one >> finds out how to bypass the VPN router and hook up a computer directly to >> the unfiltered internet on the WAN side of the router. Of course, if a >> password is needed, then this may work. > Obviously, physically securing the hardware is an issue, but I don't see > that as a big issue. That password barrier sould be a good deterrent. I'm a bit uncertain, however, what device would require a password - do modems themselves allow the requiring of passwords? It's been a while since I've tried it, but IIRC, I was able to connect my laptop directly to my broadband modem and surf the net. >> This is basically the same as the satellite operator offer, with the >> difference that with the satellite solution, there is no unfiltered >> internet at the individual locations. > But a benefit here is cost and ISP transparency. I'm a big believer in > never setting something up that limits you to a particular ISP. By using > a VPN solution and your own box you are ISP neutral, if they raise rates > you can go to their competition with little issue. Cost is a big benefit > as well since aside from the upfront cost (which isn't trivial, I > admit), there is only the cost of administration, but can be very cheap > since there's only one thing to configure. I like the idea of ISP transparency - some colonies can only get an expensive satellite connection, while others would be able to choose a less expensive connection. The tradeoff is, then, lower bandwidth vs. ISP transparency. -- Best regards, Patrick Murphy James Valley Colony -- http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist