[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Tuesday 19 April 2005 17:25, Martin White wrote:
Sorry for the burst of posts from me today, trying to do a little catchup and refocusing :) A few weeks back i was asking about the whole scenario of getting my server to go and retreive my mail and then serve it up to me locally via imap.
I just want to know if i should be concerned about security at all. Currently, i have hardware nat on my router (well, software nat i guess - whatever it is it's on my router, which is also NOT my adsl gateway, it's on a different ip network to that). On the router that handles my internal network i have only opened up a port for squirrelmail, and that port is not 80, it's a port that i chose randomly so it wouldn't be quite so easy for someone to find.
But very easy for software to find when scanning IMHO: Security by obscurity is no security at all. But it stops casual lamers i suppose. I've got your ip address, if you like i can nmap you and tell you what port your squirrel is on :-)
I've not yet implemented SSL on the squirrelmail login / connection since i got as far as i could with the time i had before having to work away. Is there anything i ought to review about this setup? Should i really be concerned about the lack of SSL to the web port?
I would put ssl on squirrel, i have done it in the past. You never know where you might want to check your mail from, its too easy to sniff username and passwords on untrusted networks. I've always been parinoid and added an extra http login before the squirrel pages comes up. I'm not sure how much extra security this adds but it makes it more of a pain for anybody to break as there are now two sets of usernames and passwords to guess (if you keep them different).
Thanks for any comments as always. Martin.
-- Robin Cornelius --------------------------------------------------- robin@xxxxxxxxxxxxxxxxxxxxx http://www.cornelius.demon.co.uk http://sourceforge.net/projects/rt2400 GPG Key ID: 0x729A79A23B7EE764 http://www.biglumber.com/x/web?qs=0x729A79A23B7EE764
Attachment:
pgp00019.pgp
Description: PGP signature