Firewall Wizards mailing list archives
RE: RE: Online Security Services and Continous Risk Mana gement (fwd)
From: sean.kelly () lanston com
Date: Tue, 5 Sep 2000 11:03:27 -0400
From: R. DuFresne [mailto:dufresne () sysinfo com] For those currently letting others maintain various aspects of their network, perimeter, inner-soft-chewy-center, etc; Would you be concerned to find the company doing the maintainance work for you mostly via open text channels via the internet?
Yes, I would. Personally, I wouldn't be at all confortable with the idea that usernames and passwords with access to administrative functions were being sent "in the clear" across the internet. All it takes is one person somewhere in the middle listening to IP traffic and your network is compromised. Personally, I wouldn't allow external access to my firewall/routers at all (ie. restrict connections to the internal ports only) and I would turn off Telnet in favor of SSH. Telnet clients like SecureCRT can do both, and you gain a good deal of security for relatively little effort. Sean _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- RE: RE: Online Security Services and Continous Risk Mana gement (fwd) sean . kelly (Sep 05)