Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Advanced Security

Re: Advanced Security

From: Brian Peasland <dba_at_nospam.peasland.net>
Date: Wed, 13 Sep 2006 02:53:49 GMT
Message-ID: <J5IG1w.84B@igsrsparc2.er.usgs.gov> 





> The referenced document you sent contains the following quote:

> 

> Over the Internet and in wide area network environments, both public 

> carriers and private networks route portions of their network through 

> insecure land lines, vulnerable microwave and satellite links, or a 

> number of servers— exposing valuable data to interested third parties. 

> In local area network environments within a building or campus, the 

> potential exists for insiders with access to the physical wiring to view 

> data not intended for them, and network sniffers can be installed to 

> eavesdrop on network traffic.

> 

> How can a person in Washington intercept traffic between Atlanta and 

> Augusta?




I think the referenced document says it all. If you are routing through 
a public network, then you have no definitive control over who can see 
your packets. A person in Washington may not be able to intercept 
traffic between Atlanta and Augusta. But how about an unauthorized 
person in Atlanta? The point is not to limit what the person in 
Washington sees, but to limit what any unauthorized person sees, 
*regardless of location*. And are you sure of the channels your packets 
are traversing through? In many cases, the network is handed over to 
some ISP at some point. What if the ISP uses satellite transmissions? 
What if the end user is on a cable modem and everyone in his node can 
see his network communications? These are the reasons that VPN was 
created...to safeguard traffic from an authorized individual to a 
company's internal network, regardless of who may be listening in. And 
let's assume that you can safely assert that only your company's 
employees have access to the network traffic as the communications occur 
only in your company's intranet. One of the biggest threats of company 
data is from the *inside*, not the outside world. A disgruntled employee 
may have unfettered access to all sorts of things, just because they are 
an employee, or a recently terminated employee. Should that person who 
has access, and in some cases the knowledge to use that access, be able 
to see the unencrypted data?



Cheers,


Brian



-- 
===================================================================

Brian Peasland
dba_at_nospam.peasland.net
http://www.peasland.net

Remove the "nospam." from the email address to email me.


"I can give it to you cheap, quick, and good.
Now pick two out of the three" - Unknown


Received on Tue Sep 12 2006 - 21:53:49 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US