Thread: TS over the internet - directly attach, or require a VPN?
View Single Post
  #10  
Old 01-05-2006, 07:15 AM
kiln
 
Posts: n/a
Default Re: TS over the internet - directly attach, or require a VPN?
Your comments confuse me, and they are in the vein of other comments
here that don't make sense to me. I don't think any "connection,
firewall/vpn or not", is completley safe from penetration. Maybe there
are some websites etc that are completely and utterly invulnerable to
attack but I doubt it, as new exploits are always coming to light. Yet
the risk/benefit ratio must be acceptable, else half of the internet
would go away.

I don't understand why, as far as I can tell, you and others think TS on
the internet would only be acceptible if it was invulnerable to
penetration? What makes it different from any web server? That's why I
brought up etrade and online banks etc. There must be something behind
what you're saying but I can't figure it out. It sounds like you only
recommend using TS on internal LANS, unless it presents only anonymous
and uninteresting data?

You also said "Why would you host a TS box at another location and not
provide any services?" I don't understand that either. I think you are
referring to my statement than the ts box I'm talking about would not be
connected to an internal lan, it's be at an external web host's site.
That doesn't mean it does not provide any services? Right???

In article <cgxqf.219831$tD4.37575@tornado.ohiordc.rr.com>,
void@nowhere.lan says...
> In article <MPG.1e13c30bad53402198999a@msnews.microsoft.com>,
> kiln@brick-like.com says...
> > I'm not a network person so I don't have a lot of exposure. What's
> > interesting about this is that at the end of the day, a ts setup as
> > you've outlined would seem to be more secure than most websites that
> > deal with important matters (etrade, online banking etc), even if they
> > use https etc. No public websites use vpn/ip addresses. So it makes me
> > wonder, in my case, since there is no corporate lan at risk, is the vpn
> > needed? The server would contain data that is less sensitive than an
> > online bank.
>
> Ask yourself this - does your connection, firewall/vpn or not, have any
> undisclosed or unknown holes that might allow the public to access some
> part of the solution that you don't want them to access?
>
> If you can not answer the question with a NO and feel 100% sure that
> it's true, then you need to look at your exposure risk - what if someone
> gets into the system and has complete access?
>
> Why would you host a TS box at another location and not provide any
> services?
>
>
Reply With Quote