Firewall Wizards mailing list archives
RE: Trust an IP? (IPTables)
From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Fri, 2 May 2003 23:20:49 +1200
-----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Daniel Linder Sent: Thursday, 1 May 2003 3:46 p.m. To: chris () devidal tv; firewall-wizards () honor icsalabs com Subject: Re: [fw-wiz] Trust an IP? (IPTables)So is it safe to trust an IP to connect to one port, ala the old r* tools? If not, what is a good alternative?If you trust that all the networking equipment between your backup server and the client is secure then you are reasonably safe. A better solution might be to setup some sort of authenticated VPN connection between the client and backup server. An IPSec/PPTP/L2TP VPN would be a much more secure way to achieve this.
This is a tricky question. I don't believe VPN will suit for backup purposes because it'll add pretty big overhead and backups (usually) need to be done as fast and reliable as possible. Depending on your specific case, I would even recommend creating physically separate network for backup purposes. With that you will get high security as well as maximum bandwidth for backup jobs. Even better solution is to use SANs, but they are expensive. Best regards, Bojan Zdrnja _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Trust an IP? (IPTables) Daniel Linder (May 01)
- RE: Trust an IP? (IPTables) Bojan Zdrnja (May 02)
- <Possible follow-ups>
- Re: Trust an IP? (IPTables) David Lang (May 01)
- Re: Trust an IP? (IPTables) Paul Robertson (May 01)