Re: Making the DB secure
От | Karl O. Pinc |
---|---|
Тема | Re: Making the DB secure |
Дата | |
Msg-id | 1119298308l.5631l.6l@mofo обсуждение исходный текст |
Ответ на | Re: Making the DB secure (Együd Csaba <csegyud@vnet.hu>) |
Ответы |
Re: Making the DB secure
|
Список | pgsql-general |
On 06/20/2005 01:45:48 PM, Együd Csaba wrote: > Hi Karl, > OK, I see the point. We are going to look around the VPN. So as a > conclusion: can we state, that, in addition to all the security > features > postgres provides, applying a VPN - with SSL and firewal - is enough > to > provide the necessary security? When it comes to security people are always the biggest problem. The above should give you the necessary technical means to call yourself "very secure". > The server will be a Linux(??) based system. The clients will run > Windows > XP. > Are Windows based clients able to cooperate with these kind of Linux > servers? Yes. We're getting off topic for the list here. I can't say I know enough offhand to do more than blather, so I'll do that. :) IIRC IPSec is built into the Linux kernel, and in theory XP has a built-in client, but I believe the client's interface is "unfriendly". If you find a good free IPSec XP client please let me know. IIRC, OpenVPN has XP clients. Your firewall may have clients. You could probably whip up a cygwin based openssh client to tunnel your traffic, although I don't know why you would given OpenVPN. There are many choices (including non-VPN ones other's have mentioned, like mediating database access via a web server.) As a VPN by definition bypasses your firewall don't allow more traffic than necessary through it. Karl <kop@meme.com> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein
В списке pgsql-general по дате отправления: