> What are the security implications of having an intranet 
> *not* secured using SSL when it is behind an existing beefy 
> hardware firewall?  I know it is standard practice to do so, 
> but what are the legit reasons for it?  The site in question 
> runs on a cluster of ColdFusion 5 boxes running Linux (unknown 
> distro) and Apache 1.3.x.   
> Would it be possible to snoop data on connections to these 
> servers and if so what tools would I use to do so?  Don't 
> worry about the legalities of answering this, I have full 
> authority to do so.

The security implication, whether it's a public or private site, is that
information is exchanged between the client and the server in plaintext, and
that anyone with physical access to any network segment used to exchange
that information can read it. The only difference between internet and
intranet sites here is the number of potential listeners on any given
network segment.

Any idiot with local administrative rights can use Ethereal, uh, I mean
Wireshark to read all of the data exchanged between his machine and other
machines. It's also usually pretty easy to use your network card's support
for promiscuous mode to read all of the data exchanged on that network
segment between other machines, although some network administrators are on
the lookout for NICs in promiscuous mode.

Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
 
Fig Leaf Software provides the highest caliber vendor-authorized
instruction at our training centers in Washington DC, Atlanta,
Chicago, Baltimore and Northern Virginia, or on-site at your location.
Visit http://training.figleaf.com/ for more information!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting,
up-to-date ColdFusion information by your peers, delivered to your door four 
times a year.
http://www.fusionauthority.com/quarterly

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:255091
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Reply via email to