On 06/20/2005 01:45:48 PM, Együd Csaba wrote:
Hi Karl,
OK, I see the point. We are going to look around the VPN. So as a
conclusion: can we state, that, in addition to all the security
features
postgres provides, applying a VPN - with SSL and firewal - is enough
to
provide the necessary security?
When it comes to security people are always the biggest problem.
The above should give you the necessary technical means to
call yourself "very secure".
The server will be a Linux(??) based system. The clients will run
Windows
XP.
Are Windows based clients able to cooperate with these kind of Linux
servers?
Yes. We're getting off topic for the list here. I can't say
I know enough offhand to do more than blather, so I'll do that. :)
IIRC IPSec is built into the Linux kernel,
and in theory XP has a built-in client, but I believe the
client's interface is "unfriendly". If you find a good free IPSec
XP client please let me know. IIRC, OpenVPN has XP clients.
Your firewall may have clients. You could probably whip up
a cygwin based openssh client to tunnel your traffic, although
I don't know why you would given OpenVPN. There are many choices
(including non-VPN ones other's have mentioned, like mediating
database access via a web server.)
As a VPN by definition bypasses your firewall don't allow more
traffic than necessary through it.
Karl <kop@xxxxxxxx>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
