Could someone please help break this down for me so that even the most clueless of project managers could understand?
What are the security implications of having an intranet *not* secured using SSL when it is behind an existing beefy hardware firewall? I know it is standard practice to do so, but what are the legit reasons for it? The site in question runs on a cluster of ColdFusion 5 boxes running Linux (unknown distro) and Apache 1.3.x. Would it be possible to snoop data on connections to these servers and if so what tools would I use to do so? Don't worry about the legalities of answering this, I have full authority to do so. Thanks. -- Damien McKenna, husband, father, geek. [EMAIL PROTECTED] - http://www.mc-kenna.com/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:255058 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
