RE: General security question

["Jensen, Greg" <Greg_Jensen () NAI com>]

Don't exclude PGP E-business Server. This allows you to utilize the
encryption strength of PGP with FTP.  You can schedule batch transactions
that will automaticly encrypt to individual's private keys, or based on SDA
(Self Decrypting Archives) using shared secrets. 

This is one of the hotest encryption products on the market for encrypting
and securely transmitting data from point A to point B.  Unlike SSL or VPN,
sure, the data is encrypted in route, but PGP will also keep the data
encrypted AFTER it has arrived at it's destination and will only be
decrypted when the recipiant wants it to be decrypted.

www.pgp.com

-----Original Message-----
From: Marcus J. Ranum
To: TDyson () sybex com; firewall-wizards () nfr com
Sent: 11/11/00 9:29 AM
Subject: Re: [fw-wiz] General security question

TDyson () sybex com wrote:
> We are debating communication protocols: sockets connection or ftp.

I'd strongly recommend you look at using SSH and SCP (Secure Copy)
It doesn't have FTP's horrible security properties and it provides link
level encryption and public keys as an option. There are free versions
available for download, so it's hard to beat the price. See
www.openssh.org
for details.

mjr.

---
Marcus J. Ranum     Chief Technology Officer, NFR Security, Inc.
Work: http://www.nfr.com
Play: http://pubweb.nfr.net/~mjr


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards