[lug] security question

Bear Giles bgiles at coyotesong.com
Thu Jun 3 10:22:15 MDT 2010


You still want defense-in-depth.  Always design a system so the attacker can
get one piece of information of his choice.  (Two unrelated pieces of
information if you want to be really serious.)  That's one reason why I like
an encrypted VPN over scp - you could put the actual network encryption on a
dedicated box that the security team has access to, not the sysadmin.  These
may be the same people in smaller organizations but you've still identified
separate roles.

(In this case the dedicated box has a very simple router.  It has one VPN
connection to the system producing the data and a separate VPN connection to
the rest of the world.)



On Thu, Jun 3, 2010 at 9:47 AM, George Sexton <georges at mhsoftware.com>wrote:

> You have to weigh whether the additional security of using SSH to move
> already encrypted data is superior to using a simpler protocol.
>
> For example, if the data is strongly encrypted you could just use a simple
> web server to host the data. It cuts out the SSH side and a lot of
> complexity. The argument against that is that "anyone" could download the
> encrypted data. What would they then do with it?
>
> To rephrase it, is the "superior security" of ssh worth the risk of a
> larger
> attack surface?
>
> George Sexton
> MH Software, Inc.
> 303 438-9585
> www.mhsoftware.com
>
>
> > -----Original Message-----
> > From: lug-bounces at lug.boulder.co.us [mailto:lug-
> > bounces at lug.boulder.co.us] On Behalf Of Kevin Kempter
> > Sent: Wednesday, June 02, 2010 12:00 PM
> > To: Boulder (Colorado) Linux Users Group -- General Mailing List
> > Subject: [lug] security question
> >
> > Hi all;
> >
> > we're moving on a service where we'll need to have a component within
> > our
> > clients' networks that will deliver data back to us for
> > analysis/processing.
> > Security is a big concern.  We're thinking of something like this:
> >
> > 1) setup ssh keys onto a cloud server (or a dmz box) for each client
> >
> > 2) have each client's local processing ssh the data file (zipped and
> > encrypted) to the cloud server where the umask for the connecting user
> > will
> > be 0477 thus they cannot do anything, and we'll have a process that
> > gets
> > called that accepts data from stdin and writes to a file
> >
> > We'd like to deploy reasonably sufficient security while at the same
> > time keep
> > it as simple as possible. We're open to the delivery server being
> > either a
> > dmz box within our network or a cloud server for security
> >
> >
> > Here's my questions:
> >
> > 1) thoughts on the above approach?
> >
> > 2) thoughts on alternate approaches?
> >
> > Thanks in advance...
> >
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > Join us on IRC: irc.hackingsociety.org port=6667
> > channel=#hackingsociety
>
>
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20100603/2df86acd/attachment.html>


More information about the LUG mailing list