|
Posted by Leythos on September 6, 2005, 3:20 am
If you were Registered and logged in, you could reply and use other advanced thread options
msharman@internode.on.net says...
> Hi, I've been asked to setup a web server for a site with security
> concerns. Basically they want to make sure that the data on any of the
> web pages can't be accessed (accidentally or maliciously) by anyone
> apart from authorised parties.
>
> One suggestion was to setup a VPN (which I'm reading to mean some IPSEC
> variant), but in my experience using protocols such as IPSEC this can
> cause a lot of hassle in terms of home ADSL and/or firewall/NAT setups
> that are tricky if not impossible to configure to allow IPSEC traffic.
>
> Also, I want to reduce the difficulty in configuring access to the system.
>
> My question is, would a simple SSL web server (e.g. Apache) with client
> side certificate authentication on top of username/password access
> provide equivalent security to a VPN setup (considering that the server
> will _only_ run the SSL web server).
If you setup SSL on the server and provide secure passwords, then the
only way that unauthorized users will get in is to crack a password to
an exploit in the OS.
> My thoughts are that provided there are no other services apart from
> port 443 running on the machine then the risk of the data being
> compromised is reduced to:
> - stealing the certificate from any of the authorised machines
> AND guessing or stealing a valid username/password
> - compromising the SSL protocol itself ( or it's implementation)
> (- and of course the usual social engineering or virus/trojan etc. but
> these wouldn't be mitigated by a VPN anyway)
>
> Which I think pretty much puts it close to the level of security
> provided by a VPN except, I guess, the authenticated headers (AH protocol).
>
> Am I missing anything important in this analysis? (Like can you trust
> the IPSEC implementation to have less likelihood of being compromised
> than the Apache SSL implementation? Or are is there any way to
> compromise SSL because the TCP/IP headers aren't authenticated or
> encrypted?)
Since I always put services behind firewalls - one that also act as
IPSec and PPTP endpoints, I would suggest that you setup a Firewall
Appliance with VPN endpoint access and let people PPTP into the firewall
and then have a rule that permits authenticated users to access the
website through the tunnel.
If you use SSL only, you can setup a user/password and change it when
you deem needed, easier than doing individual passwords.
--
spam999free@rrohio.com
remove 999 in order to email me
| 
XML site map