Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Risks of File Transfer on a Fully Switched Network

From: "Julian Y. Koh" <kohster () NORTHWESTERN EDU>
Date: Tue, 29 Nov 2005 13:47:39 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 14:27 -0500 11/29/2005, Sadler, Connie wrote:


I am being told that the risk of transferring sensitive files over our
InTRAnet is so low that we should not require encryption for these
internal file transfers. Transferring over the Internet in the clear is
clearly a problem, but are others willing to share your position on the
transmission of sensitive data in the clear internally (assuming a fully
switched network)??


It's totally possible to sniff traffic on a switched network, although the
varying methods may raise different levels of alarms and alerts.  I would
advise encrypting whenever possible.


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.3 (Build 2932)
Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html>

iQA/AwUBQ4ywWw5UB5zJHgFjEQJ1cgCgx79gFJ+CzBvcvByfJoYiVC+f3LsAoIdY
VyGSsF927YE8QUNlqWwBEb7H
=1ZQ8
-----END PGP SIGNATURE-----

--
Julian Y. Koh                         <mailto:kohster () northwestern edu>
Network Engineer                                   <phone:847-467-5780>
Telecommunications and Network Services         Northwestern University
PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
Previous By Date Next
Previous By Thread Next

Current thread: