Security Basics mailing list archives
Re: Encrypting data on fileserver
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 16 May 2006 13:18:58 +0200
On 2006-05-15 Christian.Assfalg () bc boehringer-ingelheim com wrote:
You can, depending on the OS, encrypt the data on the disks itself. This would be transparent to the clients, because the fileserver would decrypt the data. In effect, this would only protect the data against someone stealing your disk drives. I don't think this is an isue?
If it was, then indeed filesystem or harddisk encryption would be the appropriate countermeasure.
More interresting would probably be to encrypt the data over the network. I guess this should at least be possivle via ssh tunnel or so. This would protect the data against someone sniffing on your network.
That depends on what protocol is used for accessing the shares. Many network filesystems use not only TCP ports but also UDP ports and can therefore not be tunneled through SSH. A VPN would be a more fitting solution there. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- AW: Encrypting data on fileserver Christian . Assfalg (May 15)
- Re: Encrypting data on fileserver Ansgar -59cobalt- Wiechers (May 16)