mailing list archives
Re: General security question
From: Frederick M Avolio <fred () avolio com>
Date: Sat, 11 Nov 2000 13:35:54 -0500
Sounds like you need to hire an expert. No, I'm not trying to sell you my
services. I'm pointing out from my years of experience on the Internet that
getting the advice you need from an Internet mailing list often proves the
old saying "you get what you pay for."
Marcus warned you, "as a general rule, a VPN is useless if you don't know
anything about the security at the other end. Indeed, the whole notion
of doing a secure transaction/data transfer to a site where you don't
know anything about the security is kind of dubious." And then he did make
some recommendations because he's a nice guy and you asked.
But let's briefly expand on what Marcus was pointing out by asking a
question. Why do you want a VPN? One answer might be, "to keep the
transactions details confidential." If that is your main purpose, then you
need more than a VPN. As Marcus hinted, there is more to worry about than
the transaction flow over the Internet. Since you know nothing about the
other side's security, then you must assume the worst. If you assume the
worst, the transaction will be vulnerable to interception everywhere
including on the other side's network. If this is your concern, you must
know the state of their network security.
"Oh," you may reply," we're really interested in limiting our legal
liability." In that case, deploy a VPN top show a best effort on your part.
But know that your transaction may not be secure.
Avolio Consulting, Inc.
16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US
+1 410-309-6910 (voice) +1 410-309-6911 (fax)
firewall-wizards mailing list
firewall-wizards () nfr com
Re: General security question Paul Alukal (Nov 15)