First thing to do would be to add a rule to allow only local traffic into the intranet then the only worry is local users (that's always the biggest worry when it's about sniffing traffic) Internally... you can sniff whatever you want with a man in the middle 'attack'. SSL would just encrypt the payload making it harder to get at. (There are of course ways around that) SSL on an internal network would do nothing but slow someone down or add an extra step to the sniffing process (an easy step).
....VPN is your friend. :-) -----Original Message----- From: Damien McKenna [mailto:[EMAIL PROTECTED] Sent: Monday, October 02, 2006 2:27 PM To: CF-Talk Subject: Break it down for n00bs: security problems of non-SSL intranet? Could someone please help break this down for me so that even the most clueless of project managers could understand? What are the security implications of having an intranet *not* secured using SSL when it is behind an existing beefy hardware firewall? I know it is standard practice to do so, but what are the legit reasons for it? The site in question runs on a cluster of ColdFusion 5 boxes running Linux (unknown distro) and Apache 1.3.x. Would it be possible to snoop data on connections to these servers and if so what tools would I use to do so? Don't worry about the legalities of answering this, I have full authority to do so. Thanks. -- Damien McKenna, husband, father, geek. [EMAIL PROTECTED] - http://www.mc-kenna.com/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:255063 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
