Educause Security Discussion mailing list archives
Re: Risks of File Transfer on a Fully Switched Network
From: Ken Connelly <Ken.Connelly () UNI EDU>
Date: Tue, 29 Nov 2005 14:00:50 -0600
Fully-switched is not much more secure than old-fashioned shared hubs. We allow unencrypted transfers *only* over networks that reside completely (all switches and router connections) within our computer room and completely under our control. If end-users have access to a switch port on one of the networks in question, they can see every byte if they want to. - ken Sadler, Connie wrote:
I am being told that the risk of transferring sensitive files over our InTRAnet is so low that we should not require encryption for these internal file transfers. Transferring over the Internet in the clear is clearly a problem, but are others willing to share your position on the transmission of sensitive data in the clear internally (assuming a fully switched network)?? Thanks... Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC Director, IT Security, Brown University Box 1885, Providence, RI 02912 Connie_Sadler () Brown edu Office: 401-863-7266 PGP Key: _http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB_ <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB> _http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB_ <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB> PGP Fingerprint: DA5F ED84 06D7 1635 4BC7 560D 9A07 80BA 91E3 8EFB
-- - Ken ================================================================= Ken Connelly Systems and Operations Manager, ITS Network Services University of Northern Iowa Cedar Falls, IA 50614-0121 email: Ken.Connelly () uni edu phone: (319) 273-5850 fax: (319) 273-7373 It's much more important to know what you don't know than what you do know!
Current thread:
- Risks of File Transfer on a Fully Switched Network Sadler, Connie (Nov 29)
- <Possible follow-ups>
- Re: Risks of File Transfer on a Fully Switched Network Julian Y. Koh (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Ken Layng (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Ken Connelly (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Russell Fulton (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Richard Gadsden (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network David Gillett (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Chad McDonald (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network wcon (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network jack suess (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Dunker, Mary (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Gary Flynn (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Gary Dobbins (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Huba Leidenfrost (Nov 30)
(Thread continues...)