rg
Subject: Re: [GENERAL] Making the DB secure
Együd Csaba wrote:
> Hi,
> thank you very much. These are very good ideas, I think.
> I forgot one thing to mention. We will have very few clients (max. 20)
> and all clients will be required to have a fix IP address. Fix IP
> a
Karl O. Pinc wrote:
On 06/20/2005 01:45:48 PM, Együd Csaba wrote:
Hi Karl,
OK, I see the point. We are going to look around the VPN. So as a
conclusion: can we state, that, in addition to all the security
features
postgres provides, applying a VPN - with SSL and firewal - is enough
to
provide
Együd Csaba wrote:
Hi Karl,
OK, I see the point. We are going to look around the VPN. So as a
conclusion: can we state, that, in addition to all the security features
postgres provides, applying a VPN - with SSL and firewal - is enough to
provide the necessary security?
No, they must be proper
Együd Csaba wrote:
Hi,
thank you very much. These are very good ideas, I think.
I forgot one thing to mention. We will have very few clients (max. 20) and
all clients will be required to have a fix IP address. Fix IP addresses can
be listed in pg_hba.conf to filter incoming IPs very efficiently
On 06/20/2005 01:45:48 PM, Együd Csaba wrote:
Hi Karl,
OK, I see the point. We are going to look around the VPN. So as a
conclusion: can we state, that, in addition to all the security
features
postgres provides, applying a VPN - with SSL and firewal - is enough
to
provide the necessary security
: Re: [GENERAL] Making the DB secure
On 06/20/2005 12:32:12 PM, Együd Csaba wrote:
> Hi,
> thank you very much. These are very good ideas, I think.
> I forgot one thing to mention. We will have very few clients (max. 20)
> and all clients will be required to have a fix IP add
: Re: [GENERAL] Making the DB secure
On 6/17/05, Együd Csaba <[EMAIL PROTECTED]> wrote:
> Hi,
couple of things:
1. make sure postgresql is in a very tight chroot environment. without shell
or anything else.
2. make sure you have list of all client ips, and use firewall to allow
them, and
On 06/20/2005 12:32:12 PM, Együd Csaba wrote:
Hi,
thank you very much. These are very good ideas, I think.
I forgot one thing to mention. We will have very few clients (max. 20)
and
all clients will be required to have a fix IP address. Fix IP
addresses can
be listed in pg_hba.conf to filter inc
On 6/17/05, Együd Csaba <[EMAIL PROTECTED]> wrote:
> Hi,
couple of things:
1. make sure postgresql is in a very tight chroot environment. without
shell or anything else.
2. make sure you have list of all client ips, and use firewall to
allow them, and only them to access postgresql port. all othe
you think we need VPN or other enhancement?
Bye,
-- Csaba
-Original Message-
From: Karl O. Pinc [mailto:[EMAIL PROTECTED]
Sent: Saturday, June 18, 2005 12:23 AM
To: Együd Csaba
Cc: pgsql-general@postgresql.org
Subject: Re: [GENERAL] Making the DB secure
On 06/17/2005 07:49:07 AM, Együd
On 06/17/2005 07:49:07 AM, Együd Csaba wrote:
Hi,
we plan to make available our database from the internet (direct
tcp/ip
based connections). We want to make it as secure as possible. There
are a
few users who could access the database, but we want to block any
other
users to access.
Disclamer
Együd Csaba wrote:
Dear Sean,
yes, maybe.
But actually I thought some suggestions. The only real problem of mine is to
configure the SSL. I am able configure the pg_hba.conf (at least I think so
now), we have a firewal on the server too.
I meant that maybe somebody can suggest something to m
Együd Csaba wrote:
Hi,
we plan to make available our database from the internet (direct tcp/ip
based connections). We want to make it as secure as possible. There are a
few users who could access the database, but we want to block any other
users to access.
Our plans are:
- using encripted (
Együd Csaba <[EMAIL PROTECTED]> writes:
> Hi,
> we plan to make available our database from the internet (direct tcp/ip
> based connections). We want to make it as secure as possible. There are a
> few users who could access the database, but we want to block any other
> users to access.
Honestl
secure.
Thank you,
-- Csaba
-Original Message-
From: Sean Davis [mailto:[EMAIL PROTECTED]
Sent: Friday, June 17, 2005 3:09 PM
To: Együd Csaba
Cc: pgsql-general@postgresql.org
Subject: Re: [GENERAL] Making the DB secure
On Jun 17, 2005, at 8:49 AM, Együd Csaba wrote:
> Hi,
> we p
On Jun 17, 2005, at 8:49 AM, Együd Csaba wrote:
Hi,
we plan to make available our database from the internet (direct tcp/ip
based connections). We want to make it as secure as possible. There
are a
few users who could access the database, but we want to block any other
users to access.
Our p
Hi,
we plan to make available our database from the internet (direct tcp/ip
based connections). We want to make it as secure as possible. There are a
few users who could access the database, but we want to block any other
users to access.
Our plans are:
- using encripted (ssl) connections - sin
17 matches
Mail list logo