RE: RE: Online Security Services and Continous Risk Mana gement (fwd)

[sean.kelly () lanston com]

> From: R. DuFresne [mailto:dufresne () sysinfo com]
>
> For those currently letting others maintain various aspects of their
> network, perimeter, inner-soft-chewy-center, etc;  Would you 
> be concerned to find the company doing the maintainance work for you 
> mostly via open text channels via the internet?

Yes, I would.  Personally, I wouldn't be at all confortable with the idea
that usernames and passwords with access to administrative functions were
being sent "in the clear" across the internet.  All it takes is one person
somewhere in the middle listening to IP traffic and your network is
compromised.  Personally, I wouldn't allow external access to my
firewall/routers at all (ie. restrict connections to the internal ports
only) and I would turn off Telnet in favor of SSH.  Telnet clients like
SecureCRT can do both, and you gain a good deal of security for relatively
little effort.


Sean

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards