Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Transmitting Sensitive Information between Servers

From: "Thevendriya, Arvind" <athevendriya () sabercorp com>
Date: Mon, 8 Sep 2008 17:22:25 -0400
Arif,

How are you passing the credentials?

What is the platform of the server? Windows or UNIX?

If UNIX you can the credentials using SSH version 2.


Regards,
 
Arvind Thevendriya
Network Engineer


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Ben Preston
Sent: Monday, September 08, 2008 12:32 PM
To: Basha, Arif
Cc: security-basics () securityfocus com
Subject: Re: Transmitting Sensitive Information between Servers

On Mon, Sep 8, 2008 at 10:48 AM, Basha, Arif <abasha () apa org> wrote:


We have a policy to not pass user name/password, etc in clear between
servers within our DMZ.  Is this being too pedantic?

I would be interested to hear how others have this implemented?

Thanks.
Arif






I don't think it is too much to ask for.  There are secure methods for
this, whatever the transport; stunnel, encrypted data piped over
netcat, https, sftp/scp...

-- 

Ben
Previous By Date Next
Previous By Thread Next

Current thread: