Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Use Hamachi to create secure remote networks Network
I imagine that, like me, many people are stuck behind a firewall that you don't control, but you would like to access a computer outside of the firewall (either out -> in or in -> out). The best solution I've found this is a free product called Hamachi.

Hamachi runs on Mac OS, Windows, and Linux. With Hamachi, you can create a private virtual network that allows you to communicate amongst the various machines that have the Hamachi client installed. Unlike the Windows version, the Mac version is currently command line only, but can be fairly easily installed by following these instructions from the Hamachi forums. Note that you'll also have to install the OS X TUN/TAP driver.

[robg adds: I haven't tested this one. If you are going to do so, I would strongly suggest you check with your IT department first -- many companies, such as one of my previous employers, have very harsh policies when it comes to circumventing firewalls.]
    •    
  • Currently 2.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (2 votes cast)
 
[22,304 views]  

Use Hamachi to create secure remote networks | 5 comments | Create New Account
Click here to return to the 'Use Hamachi to create secure remote networks' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Use Hamachi to create secure remote networks
Authored by: Jargonwhat on Feb 01, '06 02:22:57AM

Hamachi is great... It's end-to-end secure and fast, and there will be an OS X version with a GUI coming out soon!



[ Reply to This | # ]
Please do consider using an alternative
Authored by: hopthrisC on Feb 02, '06 03:33:41AM

I must confess that the Himachi looks quite nice from the outside, but (and this is one big ugly "but") it has one grave flaw: nobody can verify that the software actually does what the developers claim it does.

The technology described on the Hamachi web site seems sound, and--if implemented properly--will keep your communication secure from third party eavesdroppers, but you have to trust the developers that they will not listen in on your connection.

They probably do not, but nobody can tell for sure. (for a discussion on this see also [1])

Bruce Schneier mentions this problem in the first paragraph of his essay "Snakeoil" [2]:

The problem with bad security is that it looks just like good security. You can't tell the difference by looking at the finished product. Both make the same security claims; both have the same functionality. Both might even use the same algorithms: triple-DES, 1024-bit RSA, etc. Both might use the same protocols, implement the same standards, and have been endorsed by the same industry groups. Yet one is secure and the other is insecure.
Many cryptographers have likened this situation to the pharmaceutical industry before regulation. The parallels are many: vendors can make any claims they want, consumers don't have the expertise to judge the accuracy of those claims, and there's no real liability on the part of the vendors (read the license you agree to when you buy a software security product).
This is not to say that there are no good cryptography products on the market. There are. There are vendors that try to create good products and to be honest in their advertising. And there are vendors that believe they have good products when they don't, but they're just not skilled enough to tell the difference. And there are vendors that are just out to make a quick buck, and honestly don't care if their product is good or not.

Again: the problem is not that Himachi is bad software, the problem is that you have to trust the developers implicitly.

I would not recommend Himachi to my clients. Instead I would recommend OpenVPN [3]. It might not be as easy to set up as Himachi, but it is fairly simple, has an extensive HOWTO, and most of all: it is open source.

  • [1] http://en.wikipedia.org/wiki/Talk:Hamachi
  • [2] http://www.schneier.com/crypto-gram-9902.html#snakeoil
  • [3] http://openvpn.org


[ Reply to This | # ]
Seems pretty secure to me...
Authored by: Nep2ne on Feb 03, '06 10:39:05PM

The mediation server is in place only to link the connections, that's it. Other than that, an encrypted network exists between the two, or however many points on the network.

More here:

http://hamachi.cc/security

Compared to OpenVPN, this is an absolute cake walk, and seems (to me at least) to offer the exact same thing: an encrypted network between two points, initiated by a connection to a mediation server. No traffic flows through their servers after the initial contact (read link for more).

But my problem doesn't rely on their security -- I really think they are doing the right thing -- but with the reliability of the mediation servers themselves, and whether or not some tens of thousands of gamers suddenly link up, killing all hope of me ever reaching my clients.

It's still in beta, and looks to be a while -- nonetheless, I think it holds promise.

And in terms of that GUI, don't hold your breath. I think it's months away. There is a guy working on a dashboard widget, but as of now it just mirrors what networks you are on and offers no functionality other than that.



[ Reply to This | # ]
Seems pretty secure to me...
Authored by: hopthrisC on Feb 06, '06 06:34:06PM
Seems pretty secure to me...
You have completely missed the point I was trying to make.

[ Reply to This | # ]
Seems pretty secure to me...
Authored by: slantyyz on Feb 07, '06 06:43:02AM

Steve Gibson of GRC research is a big fan. I don't know if you've ever used his Shields Up web site to test your firewalls and security, but he did an entire podcast (called Security Now) with Leo Laporte on how great Hamachi is.

He did some homework with the author of the application and uses it on all of his servers.



[ Reply to This | # ]