[BBLISA] Firewall question #2
A Page in the Life of ...
dkap at haven.org
Fri Mar 12 11:52:26 EST 2004
-=> Delivered-To: bblisa at bblisa.org
-=> From: miah <jjohnson at sunrise-linux.com>
-=> Content-Disposition: inline
-=> User-Agent: Mutt/1.4.2i
-=>
-=> I hope your using some sort of token based auth then, because a keyboard sniffer will ruin all of that.
Smart cards, and SecureID are your friends, as well as OTP.
-=> On Fri, Mar 12, 2004 at 11:14:09AM -0500, A Page in the Life of ... wrote:
-=> > I think, with all due respect to the arguement, that BOTH should be the
-=> > answer.
-=> >
-=> > Having both a crunchy outside AND a crunchy center should be the call of
-=> > the day.
-=> >
-=> > You also should encrypt all your traffic. SSH to other machines, mail
-=> > should be using STARTLS, both for authenticaton, and to encrypt content.
-=> > IM traffic should be encrypted end-to-end, CVS should be used to share
-=> > documents, and done over SSH, et al.
-=> >
-=> > The less there is to sniff, and the less there is unauthenticated, the less
-=> > there is for the virus folks to play with. If you have suspenders and a
-=> > belt, it takes a much more traumatic event to pants you.
-=> >
-=> > -dkap
-=> >
-=> > P.S. There are two levels of paranoia. Complete, and insufficient.
-=> >
More information about the bblisa
mailing list