Re: Making the DB secure - Mailing list pgsql-general

From Geoffrey
Subject Re: Making the DB secure
Date
Msg-id 42B8897F.1020903@3times25.net
Whole thread Raw
In response to Re: Making the DB secure  (Együd Csaba <csegyud@vnet.hu>)
Responses Re: Making the DB secure
List pgsql-general
Együd Csaba wrote:
> Hi,
> thank you very much. These are very good ideas, I think.
> I forgot one thing to mention. We will have very few clients (max. 20) and
> all clients will be required to have a fix IP address. Fix IP addresses can
> be listed in pg_hba.conf to filter incoming IPs very efficiently. With this
> note, do you think we need VPN or other enhancement?

YOU NEED A SECURITY CONSULTANT.  If you think you can rely on static ips
as a security tool, you are clueless.  I'm sorry, but the fact that you
mentioned that this database contains medical information really
disturbs me.

A static IP insures NOTHING.  A vpn will secure the connection and
protect it.

--
Until later, Geoffrey

pgsql-general by date:

Previous
From: "Sean Davis"
Date:
Subject: Re: Debugging PL/pgSQL
Next
From: Geoffrey
Date:
Subject: Re: Making the DB secure