TUN/TAP VPNs (cont)


OpenVPN
Uses standard OpenSSL algorithms
PKI session authentication
TLS cipher agreement/key exchange
EVP crypto interface,
Daemons have additional security measures (suid/sgid, chroot)
Supports compression
Ported to *BSD, Solaris, Mac OS X
Uses UDP port 5000 by default