Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Transmitting Sensitive Information between Servers

From: Chris Benedict <chrisbdaemon () gmail com>
Date: Mon, 8 Sep 2008 16:21:04 -0500
You should never transmit username and/or password in clear over any kind of network connection because it can be sniffed.
If you have to transmit the data then you should use some kind of encryption like SSL or IPSec. 

On Sep 8, 2008, at 11:48 AM, Basha, Arif wrote:



We have a policy to not pass user name/password, etc in clear between
servers within our DMZ.  Is this being too pedantic?

I would be interested to hear how others have this implemented?

Thanks.
Arif
Previous By Date Next
Previous By Thread Next

Current thread: