Security Basics mailing list archives
Re: Transmitting Sensitive Information between Servers
From: Chad Perrin <perrin () apotheon com>
Date: Mon, 8 Sep 2008 18:52:52 -0600
On Mon, Sep 08, 2008 at 02:31:53PM -0500, Nathaniel Hall wrote:
Basha, Arif wrote:We have a policy to not pass user name/password, etc in clear between servers within our DMZ. Is this being too pedantic? I would be interested to hear how others have this implemented? Thanks. ArifI don't think that is unreasonable. I have a pretty strict belief that no sensitive information (PII or logon credentials) should be passed in the clear, even if it is within a closed network. I have always setup SSL connections or, where SSL is not possible, a script that keeps an SSH tunnel open. I have been very successful with my SSH tunnel scripts that restart the tunnel of it is ever closed or fails.
Agreed. I don't use telnet even on my own personal network at home. I use SSH instead. -- Chad Perrin [ content licensed PDL: http://pdl.apotheon.org ] Jon Postel, RFC 761: "[B]e conservative in what you do, be liberal in what you accept from others."
Attachment:
_bin
Description:
Current thread:
- DMZ Web Servers Lafosse, Ricardo (Sep 05)
- Re: DMZ Web Servers Rob (Sep 08)
- Re: DMZ Web Servers Adriel Desautels (Sep 08)
- <Possible follow-ups>
- Re: DMZ Web Servers David Glosser (Sep 08)
- RE: DMZ Web Servers Lafosse, Ricardo (Sep 08)
- Re: DMZ Web Servers Adriel Desautels (Sep 08)
- Transmitting Sensitive Information between Servers Basha, Arif (Sep 08)
- Re: Transmitting Sensitive Information between Servers Ben Preston (Sep 08)
- RE: Transmitting Sensitive Information between Servers Thevendriya, Arvind (Sep 08)
- Re: Transmitting Sensitive Information between Servers Nathaniel Hall (Sep 08)
- Re: Transmitting Sensitive Information between Servers Chad Perrin (Sep 10)
- Re: Transmitting Sensitive Information between Servers Ansgar Wiechers (Sep 08)
- Re: Transmitting Sensitive Information between Servers Chris Benedict (Sep 08)
- Re: Transmitting Sensitive Information between Servers Chad Perrin (Sep 10)
- RE: Transmitting Sensitive Information between Servers David Gillett (Sep 11)
- Re: DMZ Web Servers Rob (Sep 08)
- TrueCrypt Basiru Ndow (Sep 10)
- Re: TrueCrypt Marc-André Laverdière (Sep 11)