Re: [dist-obj] Extranet security

• To: Kevin Dick <kevin@dick.org>
• Subject: Re: [dist-obj] Extranet security
• From: Albert Scherbinsky <alberts@rogers.wave.ca>
• Date: Thu, 12 Jul 2001 19:08:06 -0400
• CC: dist-obj@distributedcoalition.org
• Delivered-To: distcoal-dist-obj-archive@distributedcoalition.org
• Delivered-To: mailing list dist-obj@distributedcoalition.org
• list-help:
• list-post:
• list-unsubscribe:
• Mailing-List: contact dist-obj-help@distributedcoalition.org; run by ezmlm
• Organization: Software Press
• References: <11464.194.109.194.188.994968185.squirrel@webmail.xs4all.nl> <3B4E1F53.A965003A@dick.org>

Kevin Dick wrote:
> What if I attack the DNS connection from party2 clients or the DNS
> server at party1.

This is the key point.


> If this doesn't work, why involve DNS at all.  Provide a link from a
> trusted internal server on the party2 network using an IP address in the
> URL instead of a domain name (though you then have to worry about the DN
> in the server certificate if you're using SSL).

Don't use DNS, but do use domain names. Do it with host file
settings on the communicating nodes.

Albert

==========================================================================
To manage your subscription, mailto:dist-obj-help@distributedcoalition.org 
Archives, FAQ, etc.     http://www.distributedcoalition.org/mailing_lists/

• Follow-Ups:
  • Re: [dist-obj] Extranet security
    • From: Kevin Dick

• References:
  • [dist-obj] Extranet security
    • From: "Peter van Eijk"
  • Re: [dist-obj] Extranet security
    • From: Kevin Dick

• Prev by Date: Re: [dist-obj] Extranet security
• Next by Date: Re: [dist-obj] Extranet security
• Prev by thread: Re: [dist-obj] Extranet security
• Next by thread: Re: [dist-obj] Extranet security
• Index(es):
  • Date
  • Thread