On Wed, Oct 15, 2014 at 4:47 PM, Kevin Chadwick <ma1l1i...@yahoo.co.uk> wrote: > On Sat, 11 Oct 2014 13:38:49 -0400 > Ian Grant wrote: > >> No, the "pre-shared keys" are communicated over the VPN, as are the >> keys which encrypt the VPN's own data as it appears in the actual TCP >> packets which carry the tunnel through which the VPN operates. > > Perhaps I have missed something but if you have a ssh tunnel or > something then just put that in front of the service without increasing
Moved to misc. Yes, you missed something: the point :-) The idea is that the existence of this entire 'ultranet' is undetectable by even someone snooping all national traffic. So a TCP port 80 connection looks to the snooper _exactly_ like an HTTP connection handshake. Only the ISN and the source address mark the connection as 'ultra' and take it into a back room where it connects to the real network. If the snooper tries to connecto to that port they the same HTTP service that all the other muggles see. Ian
