LogMeIn Hamachi

LogMeIn Hamachi
	; Screenshot of the Windows version of Hamachi
Basic data
developer	LogMeIn Inc.
Current version	2.2.0.607 (for Windows , May 31, 2018) 0.9.9.9-20 (for Linux , June 20, 2006 & ; Mac OS X, June 20, 2006)
operating system	Microsoft Windows , Linux , Mac OS X
category	Virtual private network
License	Proprietary
German speaking	Yes
	www.vpn.net

LogMeIn Hamachi is an easy-to-configure, proprietary VPN client with an integrated instant messenger . Programs that otherwise only work via local networks can also be used via the Internet, for example computer games.

function

The connection between the individual computers is established with the help of a central server operated by the provider (mediation server) , bibi.hamachi.cc. If the server is not available due to a corresponding firewall rule or failure, no new connections are possible. Existing tunnels continue to function (tunnel persistence) .

The user data then flows via a peer-to-peer system between the individual computers and not centrally via Hamachi.

The IP addresses used for the tunnel come from the range 5.0.0.0/8. This public IP range was assigned by the IANA to the RIPE on November 30, 2010 , which leads to collisions with IP addresses on the Internet. If the Hamachi tunnel is active, Internet hosts in the network 5.0.0.0/8 cannot be reached. On November 19, 2012, LogMeIn panned to 25.0.0.0/8, which at that time was used exclusively by the UK Foreign Office, which is why the manufacturer of the tunnel software sees no problems here.

To avoid having to configure port redirections on the NAT router , a STUN- like NAT traversal technique is used, the exact functionality of which is kept secret.

At first there was only Hamachi for Microsoft - Windows platform, now beside one are Linux - and Mac version released. All versions are still in beta. The software is proprietary and, according to the developers, will remain unfree.

safety

Kerckhoffs' principle states that the security of a cryptographic process should only be based on the secrecy of the key and not on the secrecy of the algorithm itself. Since the program is closed source , the security cannot be determined by an audit . A description of the security architecture by the manufacturer is available in English.

The server, which is essential for the system to function and operated by the manufacturer, saves the user name, password, the statically assigned 25.0.0.0/8 IP address and a token used for authentication. In addition, the server can log the actual public IP address of the user, the start and duration of the connection and the other users involved for each tunnel established. There is also the possibility, for which there are no concrete indications, that further information is transmitted from the client to the server in the encrypted packets.

All participants in a tunnel have the same access to the computers of those involved as in a LAN, the NAT and firewall functions of upstream routers are bridged. Therefore, appropriate measures must be taken to avoid potential security problems that result from this.

use

In addition to the VPN function, which also facilitates the use of network games, the program also enables texts and files to be exchanged between the connected computers. It is Z. B. also suitable to create servers to play games.

Press

Ahlers, Ernst: The network in the network - securely stretch your own LAN through the Internet . In: c't 7/2006, p. 104: The private network: system choice.

"With all the convenience you have to be aware that you are entering into a relationship of trust with the operator when you use it. The source code of the client tools is not disclosed."

Web links

Hamachi official website

Individual evidence

↑ http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml
↑ Archived copy ( memento of the original from March 25, 2015 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / b.logme.in
↑ Hamachi Security White Paper ( Memento of the original from October 21, 2007 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. (PDF file; 309 kB) @1@ 2

↑ Secure your own LAN across the Internet. heise online kiosk - c't archive, 7/2006, page 104 (subject to a charge) ( Memento from December 12, 2006 in the Internet Archive )

[1] ttp://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml

[2] Archived copy ( memento of the original from March 25, 2015 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / b.logme.in

[3] Hamachi Security White Paper ( Memento of the original from October 21, 2007 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. (PDF file; 309 kB) @1@ 2

[4] Secure your own LAN across the Internet. heise online kiosk - c't archive, 7/2006, page 104 (subject to a charge) ( Memento from December 12, 2006 in the Internet Archive )