Yavipind 0.9.6

Operating systemsOS : Linux / BSD
Program licensingScript Licensing : GPL - GNU Public License
CreatedCreated : May 30, 2007
Size downloadDownloads : 3
Program licensing
Thank you for voting...

Yavipind is a secure tunnel aka 2 peers securely ...

yavipind by Jerome Etienne is a secure tunnel aka 2 peers securely forwarding packets toward each other. It forwards any kind of packet (IPv4, ipv or other) sent over the virtual point-to-point device (e. g. tun0). It fully runs in linux userspace.
Features:Network efficiency:
- small packet overhead: 26bytes (e. g. ESP with DES MD5 is 32byte)
- Packet compression: Forwarded packets may be compressed using deflate (gzip). (WORK: add stat about efficiency)
- NAT compatible: yavipin's tunnel may be establish over NAT as all packets of a tunnel are sent over a single UDP/IPv4 connection. Moreover the peer unreachability detection periodically send packets which prevent the NAT engine from timing out the connection state.
- Peer unreachabilty detection: If the other peer becomes unreachable, it will be detected. It is done ala IPv6 neighbours discovery (rfc2461. 7).
- Gracefull shutdown: If a peer purposely stops, it will notify the other which is immediatly aware of it.
Usage's simplicity:
- Fully in userspace: No need to recompile the kernel
- reuse existing tools: As yavipin use a virtual device, it is possible to apply to the tunnel any tool designed for network device. For example, it is possible to set up a firewall using ipchains/netfilter or to do traffic shapping using the kernel's traffic control (see tc).
Security's strength:
- packet security: each packet exchanged during the connection is encrypted using blowfish CFB and authenticated with HMAC-MD5 96bits.
- protection against packet replay: It uses strict anti-replay and no packet can be accepted twice. A eavedropper can't take a packet, keep it for a while and make it accept a second time by the destination.
- Efficient session key renewal: It uses hash chains for efficiency. It allows smooth key transition not to cause any packet loss during the renewal. It provides forward secrecy inside the connection.
- Protect DoS ala TCP syn : It uses cookie exchange (rfc2522. 3) during the connection establishement.
- Forward secrecy : Even if the attacker cracks the box, he won't be able to decrypt network traffic older than a given delay (default 10min). The diffie-hellman private key and the session key are periodically renewed and securely erased from memory.

Yavipind 0.9.6 scripting tags: packet, data security, packets, tunnel, ipv, key, yavipind, connection, security system, encrypted, encrypted connection. What is new in Yavipind 0.9.6 software script? - Unable to find Yavipind 0.9.6 news. What is improvements are expecting? Newly-made Yavipind 0.10 will be downloaded from here. You may download directly. Please write the reviews of the Yavipind. License limitations are unspecified.