Security Basics mailing list archives
Re: internet banking security
From: Barrie Dempster <barrie () reboot-robot net>
Date: Mon, 17 Oct 2005 20:27:31 +0100
On Mon, 2005-10-17 at 14:45 +0430, Muhammad Aslam wrote:
I agree with you but we want some preliminary information about ebanking security systems and different steps in making it secure and reliable.
So what specifically are you asking ? A banking system can be put together in a variety of different ways and until you have specifics we could talk about building secure Windows systems or writing secure code. It's very wide, what are your actual worries - give us questions to answer, otherwise we could just talk for pages on random security topics.
Exactly we are outsourcing this project but prior doing so , we want to get enough information so that we will be in the loop whatever happening and what the security company will suggest us in going online.
What do you need information on ? "Ebanking security" is very wide, do you want to know about development environments, security policies, OS hardening, OS choices ?
It seems like you are ready to just grab the software and security advice we give here and dive into building the system, very bad idea.Which we are also not going to do as we are aware of the magnitude of responsibility is invovled and as i mentioned we are going to outsource the project.
Do you want us to just tell you everything there is to know about security or do you have _specific_ queries ? Like I said in my first email your question can be answered in hundreds of different ways, can you please give us more specific questions. "What are the security implications of creating an ebanking system as a 3 tier web app based on PHP/IIS/MySQL?" "What sort of policy documents should we prepare for an ebanking system (for internal and customer use) ?" These are very different questions and we could discuss either of them in response to your original query and they may not even come close to what it is you need. Can you _please_ explain exactly what your issues are so we can offer help. -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3
Attachment:
smime.p7s
Description:
Current thread:
- internet banking security Muhammad Aslam (Oct 12)
- Re: internet banking security Barrie Dempster (Oct 13)
- Re: internet banking security Muhammad Aslam (Oct 18)
- Re: internet banking security Barrie Dempster (Oct 18)
- Re: internet banking security ework0 (Oct 18)
- Re: internet banking security Brian Smith (Oct 21)
- Re: internet banking security Muhammad Aslam (Oct 18)
- Re: internet banking security Barrie Dempster (Oct 13)
- RE: internet banking security Rocky Heckman (Oct 17)
- Re: internet banking security crazy frog crazy frog (Oct 18)
- Re: internet banking security xyberpix (Oct 18)
- Re: internet banking security Barrie Dempster (Oct 26)
- Re: internet banking security Stacey Blanc (Oct 27)
- RE: internet banking security Mark Brunner (Oct 27)
- Re: internet banking security xyberpix (Oct 18)