[HamWAN PSDR] Encryption issues

Nigel Vander Houwen nigel at nigelvh.com
Thu Oct 31 14:00:46 PDT 2019 

Scott,

As Kenny suggested, assuming your Winlink traffic is good, you can use the firewall features of the modem itself to prevent windows/etc from talking out, by just allowing the traffic you need.

Nigel

> On Oct 31, 2019, at 13:11, Kenny Richards <richark at gmail.com> wrote:
> 
> Scott,
> 
> You are asking some questions which have come up several times and I don't think we have ever really successfully answer them.
> 
> Re: Window10 Chattyness: You could put a firewall between the Windows10 box and the HamWAN radio, blocking anything which wasn't directed to WinLink systems. (After turning off as much of the auto-updates and other phone home things as you can in Windows) I agree that nearly all this is over TLS connections now.
> 
> I don't have a good suggestion for the call into the Winlink CMS system, unless there is some kind of proxy you can put in the middle. Maybe you stick the logs on a server some where and make them available, so you are not obfuscating anything going over the link? (giant hack)
> 
> 73,
> Kenny
> 
> On Thu, Oct 31, 2019 at 11:52 AM Scott Currie <scott.d.currie at gmail.com <mailto:scott.d.currie at gmail.com>> wrote:
> Hi Gang,
> I'm in the process of re-building my Winlink Gateway, with the intent to move it to the local fire station hose tower (a much better location). I am planning to use the data ring for access to the Winlink system, and the site does have coverage from Tiger. 
> 
> I have two problems, I think....
> First, I think that "RMS Packet", the server application, has switched to an SSL connection to the Winlink CMS system. I believe they do still support the non-SSL port, so I think I can force that using the hosts file. 
> 
> The bigger problem is that this will be running on a Win10 host to support the Vara FM protocol, which is currently Windows only. Win10 tends to be rather "chatty", and I suspect (though I have not confirmed) that most of it's background noise is SSL/TLS. Has anyone looked at this, and can Win10 be made to "shutup"?
> 
> I suppose I could run LinBPQ on a RasPi as the main gateway, and just use the Win10 box as a modem on an isolated segment, but that seems like a lot of work.
> 
> Thoughts?
> 
> -- 
> -Scott
> _______________________________________________
> PSDR mailing list
> PSDR at hamwan.org <mailto:PSDR at hamwan.org>
> http://mail.hamwan.net/mailman/listinfo/psdr <http://mail.hamwan.net/mailman/listinfo/psdr>
> _______________________________________________
> PSDR mailing list
> PSDR at hamwan.org
> http://mail.hamwan.net/mailman/listinfo/psdr

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.hamwan.net/pipermail/psdr/attachments/20191031/11744653/attachment.html>

More information about the PSDR mailing list