Subj : fsxNet Feedback (ZeroTier) To : Oli From : deon Date : Mon May 17 2021 10:07 am Re: fsxNet Feedback (ZeroTier) By: Oli to deon on Sun May 16 2021 03:43 pm d>> Anybody outside of the network cant get to our systems and do stuff d>> (which is the script kiddies reference I made when I started this thread). Ol> So you propose everything should happen within the VPN? No open BBS / binkp ports to the real Internet? No, its not an all or nothing. As an example, my hub is connected to a ZeroTier VPN for another net, but folks can still get to it for FSX. You can *choose* to connect to the VPN or not. I doubt we would see the day that you are forced to join a VPN for folks to interact with your BBS. My suggestion was to use the technology to obtain a benefit or two - some of those benefits I think are useful - I'm not suggesting that everybody thinks the same. The benefits were: * Securing transmission * Adding some privacy to connections between systems - which can extend to the user logging in telnet and the EMSI/BINKP exchanges of mail/files. * By definition of the above, reducing the "script kiddies" from bashing ports * And, to achieve all of the above, is just a client that needs to be installed. I know I would close my binkp/emsi to public interfaces if access to those services was a "standard" via a virtual network. I just makes sense to me. d>> So in the case of a "network" setup for "fsx" - the network admin would authorise nodes to access the "fsx" network (I would suggest based on d>> their application to join the network) - and de-authorise them when they leave the network. Ol> -1 If there was an FSX "VPN", I dont see a reason to allow folks on that VPN if there are not part of FSX - so I dont understand your '-1' thinking. d>> We are still strangers here, but we are a list of known strangers and we can identify who is doing something in appropriate on the network and d>> take action if that is deemeed the right response. Ol> -1 Likewise, I dont understand your thinking. It would be easier to identify if somebody was doing something inappropriate on the network, and an easy way to address it. I'm wondering if your concern is to do with the fact that you can be removed from the network by somebody who "manages it" if your conduct was determined to be unappropriate? Ol> there are other ways for encryption, which fit the FTN model better. Sure, suggest some - since I think this discussion started by your comments around privacy and security. ....лоеп --- SBBSecho 3.14-Linux * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116) .