RE: [fw-wiz] Trust an IP? (IPTables)

• Previous message: Jyotish K Sen Gupta: "Re: [fw-wiz] PIX and IIS issue"
• In reply to: Daniel Linder: "Re: [fw-wiz] Trust an IP? (IPTables)"
• Next in thread: David Lang: "Re: [fw-wiz] Trust an IP? (IPTables)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Daniel Linder'" <dan_linder@yahoo.com>, <chris@devidal.tv>, <firewall-wizards@honor.icsalabs.com>
Date: Fri, 2 May 2003 23:20:49 +1200

> -----Original Message-----
> From: firewall-wizards-admin@honor.icsalabs.com
> [mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf
> Of Daniel Linder
> Sent: Thursday, 1 May 2003 3:46 p.m.
> To: chris@devidal.tv; firewall-wizards@honor.icsalabs.com
> Subject: Re: [fw-wiz] Trust an IP? (IPTables)
>
> > So is it safe to trust an IP to connect to one port,
> > ala the old r* tools? If not, what is a good alternative?
>
> If you trust that all the networking equipment between your backup
> server and the client is secure then you are reasonably safe.
>
> A better solution might be to setup some sort of authenticated VPN
> connection between the client and backup server. An IPSec/PPTP/L2TP
> VPN would be a much more secure way to achieve this.

This is a tricky question. I don't believe VPN will suit for backup
purposes because it'll add pretty big overhead and backups (usually)
need to be done as fast and reliable as possible.

Depending on your specific case, I would even recommend creating
physically separate network for backup purposes. With that you will get
high security as well as maximum bandwidth for backup jobs.

Even better solution is to use SANs, but they are expensive.

Best regards,

Bojan Zdrnja

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Jyotish K Sen Gupta: "Re: [fw-wiz] PIX and IIS issue"
• In reply to: Daniel Linder: "Re: [fw-wiz] Trust an IP? (IPTables)"
• Next in thread: David Lang: "Re: [fw-wiz] Trust an IP? (IPTables)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: How to digitize precious photos? ... I have seen on different posts that people trust an outside source to keep their photo's safe and I wondered about that. ... I use an online backup service that scans for new photos every night. ... (rec.photo.digital) Re: Deleted computer account ... Reboot and reinstall networking... ... > The tape backup device has been down for some time now, lack of funds, so ... >> Why don't you simply restore the server from a good backup and dispense ... >>>> This sounds like it might be a DNS issue on the workstation, ... (microsoft.public.win2000.active_directory) Re: Photo thumbnails have annoying icon on them, all of a sudden! ... and have no idea if it is safe to download this file. ... Download a program called ERUNT and ... set to backup my registry on every boot up... ... (microsoft.public.windowsxp.general) Re: Disaster recovered; now what? ... this boils down to trusting trust. ... backup software vendor to correctly store and restore what makes a system ... Do we trust the backup software and the db server or the ... Take a checksum snapshot just before the backup, ... (comp.sys.hp.mpe) Re: 137GB HD Limit in Recovery Console ... but it seems only to be for Windows XP in booted ... I deleted the partition. ... RC is supposed to be a last resort if even Safe Mode cannot ... The backup software ... (microsoft.public.windowsxp.help_and_support)