|
Security Basics
mailing list archives
RE: Transmitting Sensitive Information between Servers
From: "Thevendriya, Arvind" <athevendriya () sabercorp com>
Date: Mon, 8 Sep 2008 17:22:25 -0400
Arif,
How are you passing the credentials?
What is the platform of the server? Windows or UNIX?
If UNIX you can the credentials using SSH version 2.
Regards,
Arvind Thevendriya
Network Engineer
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Ben Preston
Sent: Monday, September 08, 2008 12:32 PM
To: Basha, Arif
Cc: security-basics () securityfocus com
Subject: Re: Transmitting Sensitive Information between Servers
On Mon, Sep 8, 2008 at 10:48 AM, Basha, Arif <abasha () apa org> wrote:
We have a policy to not pass user name/password, etc in clear between
servers within our DMZ. Is this being too pedantic?
I would be interested to hear how others have this implemented?
Thanks.
Arif
I don't think it is too much to ask for. There are secure methods for
this, whatever the transport; stunnel, encrypted data piped over
netcat, https, sftp/scp...
--
Ben
 By Date 
By Thread
Current thread:
- Re: DMZ Web Servers, (continued)
|
Intro
