> What are the security implications of having an intranet > *not* secured using SSL when it is behind an existing beefy > hardware firewall? I know it is standard practice to do so, > but what are the legit reasons for it? The site in question > runs on a cluster of ColdFusion 5 boxes running Linux (unknown > distro) and Apache 1.3.x. > Would it be possible to snoop data on connections to these > servers and if so what tools would I use to do so? Don't > worry about the legalities of answering this, I have full > authority to do so.
The security implication, whether it's a public or private site, is that information is exchanged between the client and the server in plaintext, and that anyone with physical access to any network segment used to exchange that information can read it. The only difference between internet and intranet sites here is the number of potential listeners on any given network segment. Any idiot with local administrative rights can use Ethereal, uh, I mean Wireshark to read all of the data exchanged between his machine and other machines. It's also usually pretty easy to use your network card's support for promiscuous mode to read all of the data exchanged on that network segment between other machines, although some network administrators are on the lookout for NICs in promiscuous mode. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore and Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:255091 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
