RE: RPC over HTTP security

From: Beauford, Jason (jbeauford_at_EightInOnePet.com)
Date: 01/28/05

Next message: LordInfidel: "RE: RPC over HTTP security"

Previous message: Monty Ree: "what is the good way against reverse telnet?"
Maybe in reply to: sf_mail_sbm_at_yahoo.com: "RPC over HTTP security"
Next in thread: LordInfidel: "RE: RPC over HTTP security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 28 Jan 2005 14:54:42 -0500
To: <security-basics@securityfocus.com>

Only thing I can find..

http://www.thoughtcrime.org/ie.html

Never knew SSL was so secure.. Glad you made me look!

JMB
-----Original Message-----
From: Eric McCarty [mailto:eric@piteduncan.com]
Sent: Friday, January 28, 2005 12:35 PM
To: Kevin Doheny; Shawn Wall; sf_mail_sbm@yahoo.com;
security-basics@securityfocus.com
Subject: RE: RPC over HTTP security

Your joking right.

"SSL in and of itself provides very little security"

That's why most of the internet uses it right?.

Your gonna have to back up statements like yours with some serious
factual backing otherwise your comments will be discarded as B.S coming
form someone who doesn't know what they are talking about.

-----Original Message-----
From: Kevin Doheny [mailto:kdoheny@CNP.net]
Sent: Friday, January 28, 2005 5:06 AM
To: Shawn Wall; sf_mail_sbm@yahoo.com; security-basics@securityfocus.com
Subject: RE: RPC over HTTP security

SSL in and of itself provides very little security... Way to easy to
hack. Look into a Neoteris (now Juniper) SSL VPN/Proxy. This way evil
hack3r can not ride the SSL stream into your network and past any IDS or
IPS systems.

Kevin

-----Original Message-----
From: Shawn Wall [mailto:sjwall@shaw.ca]
Sent: Wednesday, January 26, 2005 11:04 PM
To: sf_mail_sbm@yahoo.com; security-basics@securityfocus.com
Subject: RE: RPC over HTTP security

Are you using Exchange? Why not use OWA and secure it with SSL?

shawn

-----Original Message-----
From: sf_mail_sbm@yahoo.com [mailto:sf_mail_sbm@yahoo.com]
Sent: Wednesday, January 26, 2005 6:03 AM
To: security-basics@securityfocus.com
Subject: RPC over HTTP security

Hi List,
We are thinking about deploying RPC over HTTP to access email from the
Internet

Wanted to get some information on the technology and the security
implications of same

Not much info from Microsoft's site

any help would be greatly apreciated

Thanks,
Ronish

Next message: LordInfidel: "RE: RPC over HTTP security"

Previous message: Monty Ree: "what is the good way against reverse telnet?"
Maybe in reply to: sf_mail_sbm_at_yahoo.com: "RPC over HTTP security"
Next in thread: LordInfidel: "RE: RPC over HTTP security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: RPC over HTTP security
... Subject: RPC over HTTP security ... probably trillions of dollars are transacted via SSL. ... not offer the server much security, if anything it reduces it for the server ...
(Security-Basics)
Re: RPC over HTTP security
... We ran OWA with SSL, didn't mean our server didn't get owned by a hacker. ... Subject: RPC over HTTP security ...
(Security-Basics)
RE: RPC over HTTP security
... Why not use OWA and secure it with SSL?" ... SSL does not provide Authentication, correct, but it does ... Subject: RPC over HTTP security ...
(Security-Basics)
RE: RPC over HTTP security
... SEF 7? ... Subject: RPC over HTTP security ... SSL in and of itself provides very little security... ...
(Security-Basics)
rpcssl version 0.1
... Announcing release 0.1 of librpcssl, a C library for making RPC (remote ... procedure calls) using SSL for security. ... authentication mechanisms. ... support for strong encryption and authentication, ...
(comp.os.linux.announce)