hi Pieter,
that is exactly why i would layer it from layer 3 on up. if
i thought i could reasonably add layer 2 to the pot i would;-)
i have always believed in all things to "Defend in Depth"
Regards,
[EMAIL PROTECTED]
>Hi, Remember
>1)PGP- is application level
>2) SSL or TLS - is Transprt level
>3) IPSec - is Network level
>may be a combination of above.
>How lower the level how more secure and less change
>of tunneling (like with SSL one can tunnel under it).
>
>
>----------
>> From: dreamwvr <[EMAIL PROTECTED]>
>> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
>> Subject: Secure FTP approach
>> Date: Saturday, July 17, 1999 7:53 PM
>>
>> hi,
>> well for one since ftp is not really that secure i would consider
>> a combination of there three ideas with plenty of room for
>improvements;-)
>> first use a SSL enabled client like SSLtelnet since you are opposed to
>> SSH. myself i prefer TeraTerms SSL client as it is free as a bird for
>> windows world and just ssh from the command line for *mix world. but lets
>> keep on track on the SSL idea.. then you might consider since there is
>> such a limited amount of people is using PGP which has plenty of windows
>> clients available for use including eudora addon that is just fine:-)
>> then create a script to encrypt the files on a per UID connecting if
>> you prefer it really doen't matter as long as you have the secret key
>> and it is secure. SSL will preserve connection security and deny man
>> in mid attacks as well as replay. PGP will prevent the deciphering of
>> the data by anyone other than the intended reciever. send then a floppy
>> with the proper key(s) and note that even if the key is stolen they will
>> still need the passphrase. then make certain that the key has a finite
>> shelf life per se. then if this still is not satisfactory look into
>> a turnkey solution like Everlink which i am a distributor for so would
>> be more than happy to assist you. it provides encrypted real time
>> communications
>> peer to peer. as well as person to person ftp of files, secure email and
>> secure web. E-link would be a good turnkey so it depends on what
>> approach you are most confortable with.
>> Regards,
>> [EMAIL PROTECTED]
>> Reuters, London, February 29, 1998:
>> Scientists have announced discovering a meteorite which will strike the
>> earth in March, 2028. Millions of UNIX coders expressed relief for being
>
>> spared the UNIX epoch "crisis" of 2038.
>> _______________________________________________________________________
>>
>> ************** DREAMWVR.COM - TOTAL INTERNET SERVICES ****************
>> TOTAL DESIGN - DEVELOPMENT - INTEGRATION - SECURITY - Click Here..
>> <http://www.dreamwvr.com/services/MAX_SEC.html>
>> DREAMWVR.COM - The Console of Many... 90 Topics Covered
>> <http://www.dreamwvr.com/dynamicduo.html> <mailto:[EMAIL PROTECTED]>
>> -> Linux-Mandrake Solution Provider and North American Distributor <-
>> <http://www.dreamwvr.com/mandrake/mandrake-main.html>
>> "===0 PGP Key Available
>> *************** "As Unique as the Company You Keep." *****************
>> ________________________________________________________________________
>>
>>
>>
>> -
>> [To unsubscribe, send mail to [EMAIL PROTECTED] with
>> "unsubscribe firewalls" in the body of the message.]
>
Reuters, London, February 29, 1998:
Scientists have announced discovering a meteorite which will strike the
earth in March, 2028. Millions of UNIX coders expressed relief for being
spared the UNIX epoch "crisis" of 2038.
_______________________________________________________________________
************** DREAMWVR.COM - TOTAL INTERNET SERVICES ****************
TOTAL DESIGN - DEVELOPMENT - INTEGRATION - SECURITY - Click Here..
<http://www.dreamwvr.com/services/MAX_SEC.html>
DREAMWVR.COM - The Console of Many... 90 Topics Covered
<http://www.dreamwvr.com/dynamicduo.html> <mailto:[EMAIL PROTECTED]>
-> Linux-Mandrake Solution Provider and North American Distributor <-
<http://www.dreamwvr.com/mandrake/mandrake-main.html>
"===0 PGP Key Available
*************** "As Unique as the Company You Keep." *****************
________________________________________________________________________
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
