[Details on the AT&T/NSA wiretapping]
coderman
coderman at gmail.com
Wed Apr 12 10:23:20 PDT 2006
On 4/12/06, Eugen Leitl <eugen at leitl.org> wrote:
> ...
> An interesting way to increase background encrypted traffic and
> bypassing NAT tunneling braindeadness is to package the crypto
> inside the consumer router brick.
>
> I've just reflashed a couple Linksys WRT54GS with OpenWRT,
> and OpenVPN and Tor are in the standard package depository
> (there are many others, including Asterisk). The hardware is
> so cheap that you could easily distribute preflashed
> routers to end users as authentication token and part
> of a darknet-like product.
this is an excellent idea. i've played with the old WRT54G's a little
bit and it is certainly an amenable piece of equipment for this kind
of tweaking. i've had problems trying to get too much on a single
unit as the flash space restrictions are tight but there is still
enough space to support a decent set of services (like openvpn and tor
as you mention).
> Some of the Linksys even have crypto accelerators (largely 3DES, I think).
> I'm not sure how much this is supported already.
this is the only other trouble i've had with them: the crypto bits
tend to get sluggish, esp. when negotiating EDH or generating keys.
(fortunately this isn't needed all too frequently)
i haven't looked at the GS but if they support WPA2 they should also
support AES; it would be nice if this AES engine could be used for
general offload in addition to WPA2 traffic :)
i'm going to have to get one to tinker with...
More information about the cypherpunks-legacy
mailing list