DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Page 2 of 2 FirstFirst 12
Results 16 to 17 of 17

Thread: What make's security hard?

  1. #16
    Eli Allen Guest

    Re: What make's security hard?

    What if the server's IP address changes while its domain name stays the
    same? For example FTP in a cluster situation where the domain name resolves
    to different IP addresses to spread the load. You wouldn't want to make
    the IP address list public so IPSec won't work very well since its based on
    a set IP address and port number.
    --
    Eli Allen
    eallen@bcpl.net



    "Michael Howard" <mikehow@microsoft.com> wrote in message
    news:3a5ce5b6$1@news.devx.com...
    >
    > and IPSec :-) the good news about IPSec is ALL apps access remote servers
    > securely and transparently.
    >
    > "Eli Allen" <eallen@bcpl.net> wrote:
    > >There are ways of getting ftp to go over ssh though
    > >--

    > <snip>
    >




  2. #17
    Michael Howard Guest

    Re: What make's security hard?


    it completely depends on how you configure IPSec. If you have a rule that
    sayd, I will do IPSec with anyone whoe (a) knows this secret or (b) has this
    kind of cert issued by foo, then it will all work correctly. clusters will
    work, regardless of ip address.

    if you have a *filtering* rule that says, i only trust this ip address, then
    yeah, it'll break. it's supposed to!

    "Eli Allen" <eallen@bcpl.net> wrote:
    >What if the server's IP address changes while its domain name stays the
    >same? For example FTP in a cluster situation where the domain name resolves
    >to different IP addresses to spread the load. You wouldn't want to make
    >the IP address list public so IPSec won't work very well since its based

    on
    >a set IP address and port number.
    >--
    >Eli Allen
    >eallen@bcpl.net
    >
    >
    >
    >"Michael Howard" <mikehow@microsoft.com> wrote in message
    >news:3a5ce5b6$1@news.devx.com...
    >>
    >> and IPSec :-) the good news about IPSec is ALL apps access remote servers
    >> securely and transparently.
    >>
    >> "Eli Allen" <eallen@bcpl.net> wrote:
    >> >There are ways of getting ftp to go over ssh though
    >> >--

    >> <snip>
    >>

    >
    >



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center