[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: networking

On Thu, 16 Sep 1999, alex wrote:

> > I'm no security guru, but securing communications between
> > OpenBSD servers is easily done with IPsec.
> > 
> > No you can use any service between the machines without fear
> > of sniffers. Besides, IPsec in OpenBSD works very good, and is
> > kinda fun setting up.
> Thanks for the tip, I appreciate it.
> I'm not a security guru either, so this is probably a dumb question,
> but don't you still have the same problems with services like NFS that
> you had before?  If I use IPsec to encrypt the traffic between a linux
> box and an openbsd box, and if they're sharing files with NFS, and if
> the linux box gets cracked, doesn't that put my openbsd box in danger?
If the Linux box gets cracked someone can do what you allow the Linux box
to do against the OpenBSD, there is no way around that.
As a sysadmin you simply have to keep the servers as secure as possible,
setting up all services they use as securily as possible.

If there is someting you don't trust, see if you can place it on a box
not so vital to your business.