Firewall Wizards mailing list archives
Re: RE: Online Security Services and Continous Risk Management (fwd)
From: Michael Williams <mike () netxsecure net>
Date: Wed, 06 Sep 2000 10:11:31 +1200
"R. DuFresne" wrote:
For those currently letting others maintain various aspects of their network, perimeter, inner-soft-chewy-center, etc; Would you be concerned to find the company doing the maintainance work for you mostly via open text channels via the internet? <open text channels meaning; regular telnet/ftp/tftp seesion, no encryption, no direct, closed back channel (i.e. dedicated circut)> Have the issues of sniffers and IP spoofing become a non-worry these days really? How many out there are aware of other companies providing outsourced maintainance of the networking services of others, doing so with the same disregard for eavsdropping and potential compromise as described above?
Yes if I was the customer I would be very concerned, we do remote maintenance and support for mixed platform firewall and proxy servers and would *never* allow open text channels!, strong encrypted SSH tunnels with RSA authentication into trusted hosts and TCP forwarding does everything we need and provides the security our customers expect. The real problem seems to be more of a lack of understanding about security issues at the management level where decisions are made, so often the focus seems to be on getting a wide area type link working over the Internet as the achievement rather than an auditable secure level connection that is then monitored on a regular basis. Mike. -- Michael A. Williams NetXSecure NZ Limited, www.netxsecure.net Ph.+64.9.278.8348, Fx.+64.9.278.8352, Mb.+64.21.99.5914 _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- RE: Online Security Services and Continous Risk Management (fwd) R. DuFresne (Sep 05)
- Re: RE: Online Security Services and Continous Risk Management (fwd) Michael Williams (Sep 06)