Hello World
Michael Ströder
michael at stroeder.com
Sun Jan 18 10:48:37 EST 2015
Chris Angelico wrote:
> On Mon, Jan 19, 2015 at 12:35 AM, Michael Ströder <michael at stroeder.com> wrote:
>> Chris Angelico wrote:
>>> Want security?
>>> Push the encryption and authentication down to a lower layer, and save
>>> yourself the trouble.
>>
>> Yes. And now for the next level: How to prevent unauthorized machines to
>> connect to your network…
>
> Extremely difficult, and in many cases quite unnecessary. No, you let
> them on the network, and then make sure that won't hurt you more than
> you're prepared to accept.
Somewhat true…
> For instance, someone could join my wifi
> network - all they need is the WPA2 PSK, which is well known around
> the place - and use/abuse our internet connection; but they couldn't
> access my PostgreSQL databases, because the firewall doesn't permit
> access to port 5432.
…but your firewall relies on authenticity of IP addresses. Fail!
Ciao, Michael.
More information about the Python-list
mailing list