Re: Proxy 2.0 secure?

Brian Steele (steele_bspiceisle.com)
Mon, 29 Jun 1998 14:18:43 -0400

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Ferguson, Linwood: "Gauntlet post acquisition"
• Previous message: Brian Steele: "Re: Proxy 2.0 secure?"
• Next in thread: arkeltex.ru: "Re: Proxy 2.0 secure?"
• Reply: arkeltex.ru: "Re: Proxy 2.0 secure?"

>> Define "standard technologies" as regards to OS logon validation.
Doesn't
>> everyone has their own standards concerning security mechanisms and their
>> implementation?
>
>I'd prefer to see something OS-independant.

Is such a thing as an "OS-independent" logon validation mechanism?

>> NT provides a mechanism that allows you to logon to a domain of servers
and
>> PCs, and not just one server at a time. Why shouldn't I take advantage
of
>> this?
>
>a) just because you can't rely on security of PC you try to use for
>network access.

You are NOT relying on the "security of a PC" in the NT domain logon
mechanism. You're relying also on the implementation of that security
mechanism on your LAN.

 b) because it works only if _every_ machine in

>your network can speak M$ that is not always possible.

So the solution is to implement the network around that requirement - which
will bring the additional benefits of the reduced support costs associated
with homogenuous networking as well.

>If you _can_ rely on any PC security and _every_ machine on the net
>speaks M$.. then security issues with M$ proxy itself start to appear ;)

No security issues with MS Proxy have been identified since its launch
(admittedly, that was only last year :-)).

Regards,
Brian Steele

• Next message: Ferguson, Linwood: "Gauntlet post acquisition"
• Previous message: Brian Steele: "Re: Proxy 2.0 secure?"
• Next in thread: arkeltex.ru: "Re: Proxy 2.0 secure?"
• Reply: arkeltex.ru: "Re: Proxy 2.0 secure?"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:23 CDT