How secure are wanproxy endpoints?
Tiernan O'Toole
tiernan at tiernanotoole.ie
Fri Oct 26 02:24:58 PDT 2012
Thanks Juli.
The current test system is over the Internet and third parties connecting to the endpoint is what is worrying me, not really the traffic. Ssh is probably the way I will end up securing the production System...
Thanks again!
--Tiernan
Sent from my iPhone
On 26 Oct 2012, at 08:06, "Juli Mallett" <juli at clockworksquid.com> wrote:
> It depends on the environment and what sorts of adversaries you're
> concerned with. Going over SSH or TLS gives useful and known security
> properties for situations when you're going over the public Internet
> or otherwise don't trust your network. That said, WANProxy traffic is
> exactly as sensitive as the traffic it's optimizing, so if you're
> comfortable having your session go in the clear without WANProxy, then
> having it go in the clear with WANProxy is not much different. The
> bigger concern is whether a malicious third-party can connect to your
> WANProxy instance themselves. That's where SSH is very useful, but
> you might also find ipsec or even just a firewall to be useful.
>
> I typically use WANProxy over SSH, or these days as an SSH proxy, but
> when I'm using a trusted network and WANProxy is helping me workaround
> a slow or lossy link, I don't take any security precautions at all.
>
> On Thu, Oct 25, 2012 at 11:59 PM, Tiernan O'Toole
> <tiernan at tiernanotoole.ie> wrote:
>> Morning all.
>>
>> Just started playing with wanproxy, and have opened some ports to point
>> directly at the server... But now I wonder about security. Since there is no
>> authorization between end points, what is the security model? Should they
>> always go over SSH? How do you secure yours?
>>
>> Sent from my HTC
>>
>>
>> _______________________________________________
>> wanproxy mailing list
>> wanproxy at lists.wanproxy.org
>> http://lists.wanproxy.org/listinfo.cgi/wanproxy-wanproxy.org
>>
>
More information about the wanproxy
mailing list