On 8/31/06, Shekhar Dhotre <sdhotre@xxxxxxxxxxxx> wrote:
OK , Is NFS secure ? No it is not. And neither is SSH. Nothing is or will ever be inherently
secure. All of the technology that we use is imagined, designed and created by humans. Therefore it destined to have bugs, security holes and misconfiguration. Are four commercial grade deadbolts on my front door secure? Not if the window is open, or I leave the keys out in the clear for everyone to find and use. The same goes for NFS and SSH and Telnet and you name it. There have been security holes in each one of these tools, and each one can be configured in a very insecure way if you don't really know what you are doing. Instead of focusing on is this tool secure or is that tool secure, the best approach, IMHO, is to focus on the System and whether it is Survivable. A System is all of the components that make up a said environment, including but not limited to physical access, network components (switches, routers, firewalls), logical networks, servers, software (firmware, OS, middleware, etc..), workstations, users, process, etc... All of these components should be carefully examined and designed with the idea of a Survivable system in mind. I would suggest anyone interested in security and survivable systems to check out the research and analysis done by CERT at http://www.cert.org/archive/html/analysis-method.html. Also a search of "Survivable Systems" will give you plenty of information on the concepts and engineering behind those concepts. -Jeremy, RHCE -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
