Re: Encrypted network traffic

Subject:	Re: Encrypted network traffic
From:	Greg Troxel <gdt AT ir.bbn DOT com>
To:	"Henson, George Mr JMLFDC" <George.Henson AT DET.AMEDD.ARMY DOT MIL>
Date:	30 Dec 2003 11:29:12 -0500

The amanda24 branch (but not yet in any release) now has working
support for Kerberos 4 authentication of dump requests and encryption
of dump streams.

Note that in addition to encrypting the data stream, it is important
to ensure that only authorized dump servers can cause clients to send
backup data.

I have thought about setting up IPsec, and I think if one fixed the
ports used by amanda that would be fairly easy to do in the SPD.
NetBSD and racoon didn't support (at the time) dynamic SA generation
from per-socket policy, which is how I first thought of doing this.

-- 
        Greg Troxel <gdt AT ir.bbn DOT com>

<Prev in Thread]	Current Thread	[Next in Thread>
Encrypted network traffic, Henson, George Mr JMLFDC Re: Encrypted network traffic, pll+amanda RE: Encrypted network traffic, Gregor Ibic RE: Encrypted network traffic, Andrew Hall Re: Encrypted network traffic, Greg Troxel <= Re: Encrypted network traffic, Tim Souder

Previous by Date:	Re: problems with amrecover, jessica blackburn
Next by Date:	Re: Encrypted network traffic, Tim Souder
Previous by Thread:	RE: Encrypted network traffic, Andrew Hall
Next by Thread:	Re: Encrypted network traffic, Tim Souder
Indexes:	[Date] [Thread] [Top] [All Lists]