How secure are wanproxy endpoints?

Juli Mallett juli at
Fri Oct 26 00:05:43 PDT 2012

It depends on the environment and what sorts of adversaries you're
concerned with.  Going over SSH or TLS gives useful and known security
properties for situations when you're going over the public Internet
or otherwise don't trust your network.  That said, WANProxy traffic is
exactly as sensitive as the traffic it's optimizing, so if you're
comfortable having your session go in the clear without WANProxy, then
having it go in the clear with WANProxy is not much different.  The
bigger concern is whether a malicious third-party can connect to your
WANProxy instance themselves.  That's where SSH is very useful, but
you might also find ipsec or even just a firewall to be useful.

I typically use WANProxy over SSH, or these days as an SSH proxy, but
when I'm using a trusted network and WANProxy is helping me workaround
a slow or lossy link, I don't take any security precautions at all.

On Thu, Oct 25, 2012 at 11:59 PM, Tiernan O'Toole
<tiernan at> wrote:
> Morning all.
> Just started playing with wanproxy, and have opened some ports to point
> directly at the server... But now I wonder about security. Since there is no
> authorization between end points, what is the security model? Should they
> always go over SSH? How do you secure yours?
> Sent from my HTC
> _______________________________________________
> wanproxy mailing list
> wanproxy at

More information about the wanproxy mailing list