Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can you use IPsec on a tcp connection programmatically instead of doing user-level SSL/TLS?

Tags:

ssl

ipsec

I'm not trying to setup a VPN. I want to secure tcp sessions between services that might be implemented in either user-mode or as kernel daemons. If it weren't for the kernel requirement, TLS would probably suffice.

First target would be Linux; pointers to any example code in user or kernel mode would be dandy if there are any.

All the existing examples I've found are about creating VPNs and use a bunch of static configuration in protected directories, all of which I'd like to avoid. I imagine I'd looking at setsockopt things to define keys before listening and connecting, but have so far found nothing.

like image 422
dbrower Avatar asked Jul 10 '15 21:07

dbrower

People also ask

Why would you use IPsec Instead of SSL How are they different?

The main difference between IPsec and SSL VPNs is the endpoints for each protocol. While an IPsec VPN allows users to connect remotely to an entire network and all its applications, SSL VPNs give users remote tunneling access to a specific system or application on the network.

Which method is better for VPN IPsec or SSL based?

When it comes to corporate VPNs that provide access to a company network rather than the internet, the general consensus is that IPSec is preferable for site-to-site VPNs, and SSL is better for remote access.

What is the difference between IPsec and SSL TLS?

In other words, IPsec VPNs connect hosts or networks to a protected private network, while SSL/TLS VPNs securely connect a user's application session to services inside a protected network. IPsec VPNs can support all IP-based applications. To an application, an IPsec VPN looks just like any other IP network.

Can you use IPsec and TLS?

IPsec and SSL/TLS function at different layers of the OSI model, but both can be used for VPNs.

1 Answers

VPN will just offer you secure tunnel for your communication also this comes with price of slow connection or overhead. IF you are looking for Ipsec be ware that programatically trying to get a secure and chaning IP itself comes with the same price of large overhead for communication. It is important to know that what is your specific need. Like if you are not bothered about overhead or extra cost, you can definitely go ahead do IPSec at Network layer. But if you are worried about the performance issues or you want less overhead in your communication SSL/TLS is better for offering you desired security.

like image 196
Jitesh Yadav Avatar answered Oct 22 '22 09:10

Jitesh Yadav
Sign in to Comment

Related questions

Using a self-signed certificate
How do I use SSL certificates with HttpWebRequest in C#?
Android - Video streaming over local HTTPS server: SSL certificate rejected
How to get an IPhone or IPad (iOS 5.x) to properly recognize my certificate root authority
SSL/TLS protocols and cipher suites with the AndroidHttpClient
Can't turn off Facebook Secure Browsing
calling https://www.facebook.com from oracle utl_http with wildcard certificates
Python-ldap set_option not working on Yosemite
Cocoapods, fail to use pod setup and pod install

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!