Re: Making the DB secure - Mailing list pgsql-general

From Karl O. Pinc
Subject Re: Making the DB secure
Date
Msg-id 1119293439l.5631l.3l@mofo
Whole thread Raw
In response to Re: Making the DB secure  (Együd Csaba <csegyud@vnet.hu>)
Responses Re: Making the DB secure
List pgsql-general
On 06/20/2005 12:32:12 PM, Együd Csaba wrote:
> Hi,
> thank you very much. These are very good ideas, I think.
> I forgot one thing to mention. We will have very few clients (max. 20)
> and
> all clients will be required to have a fix IP address. Fix IP
> addresses can
> be listed in pg_hba.conf to filter incoming IPs very efficiently. With
> this
> note, do you think we need VPN or other enhancement?

You want to consider the failure modes.  LANs can be
ARP spoofed to redirect traffic to elsewhere than their
destination IP, or what happens if the client does not request
encryption or the server is restarted without encryption
enabled, etc.  You don't want to be allowing insecure
communication by accident and unawares.  VPNs are
designed to disable communication
on failure, and the designers have presumably thought
of all the senarios.  When you roll your own security
you need to be the one that thinks of everything.
(Of course, some VPN products are much less secure
than others.)

And maintaining things over time is always an issue.

Karl <kop@meme.com>
Free Software:  "You don't pay back, you pay forward."
                  -- Robert A. Heinlein


pgsql-general by date:

Previous
From: hubert depesz lubaczewski
Date:
Subject: Re: Making the DB secure
Next
From: Milan Krcmar
Date:
Subject: Re: External (asynchronous) notifications of database updates