Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: General security question
From: Frederick M Avolio <fred () avolio com>
Date: Sat, 11 Nov 2000 13:35:54 -0500

Sounds like you need to hire an expert. No, I'm not trying to sell you my services. I'm pointing out from my years of experience on the Internet that getting the advice you need from an Internet mailing list often proves the old saying "you get what you pay for."

Marcus warned you, "as a general rule, a VPN is useless if you don't know
anything about the security at the other end. Indeed, the whole notion
of doing a secure transaction/data transfer to a site where you don't
know anything about the security is kind of dubious." And then he did make some recommendations because he's a nice guy and you asked.

But let's briefly expand on what Marcus was pointing out by asking a question. Why do you want a VPN? One answer might be, "to keep the transactions details confidential." If that is your main purpose, then you need more than a VPN. As Marcus hinted, there is more to worry about than the transaction flow over the Internet. Since you know nothing about the other side's security, then you must assume the worst. If you assume the worst, the transaction will be vulnerable to interception everywhere including on the other side's network. If this is your concern, you must know the state of their network security.

"Oh," you may reply," we're really interested in limiting our legal liability." In that case, deploy a VPN top show a best effort on your part. But know that your transaction may not be secure.

Avolio Consulting, Inc.
16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US
+1 410-309-6910 (voice) +1 410-309-6911 (fax)

firewall-wizards mailing list
firewall-wizards () nfr com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]