Network Security Wiki

Google: Difference between revisions

Page Discussion

Google (view source)

Revision as of 00:19, 17 December 2019

1,833 bytes added ,  4 years ago
→‎How can you establish secure connectivity to public cloud
Line 163:
 
== How can you establish secure connectivity to public cloud ==
*VPN tunnel?
*How do you ensure High Availability for this?
*Webmin
*VNC? Encryption? Not by default, can be run inside SSH Tunnel; port 5900, 5901
SSH? Using Key? Using Password?
VNC*RDP? Encryption? Not by default,Yes can be run insideencrypted, SSHport Tunnel3389
*TeamViewer
RDP? Encryption? Yes can be encrypted
*Dataplicity
TeamViewer
 
Dataplicity
*SSH Username-Password
SSH + DynDNS
Password authentication is used by users.
Username and password combination that you use to login to your SFTP server.
When you try to log in, the server checks whether your username and password are both correct and if so, approves your request.
 
Pros:
Convenience for users.
Easily remembered
if web login is possible, browsers can auto-fill these fields
Everyone knows how to log in using passwords.
Administrators can increase security by creating policies such as:
- lock system after 5 retries
- Requiring a certain amount of capitalized letters, numbers, and symbols in the password
- Forcing users to reset their passwords periodically
 
Cons:
Human nature for people to create passwords that are easily remembered.
Simple passwords make these accounts extremely susceptible to intrusion.
If these simple passwords are used across multiple apps, the potential for a breach increases massively.
Usernames and passwords have to be directly transmitted to the server being logged into, thus making this method more prone to hacking.
You can mistakenly log into the wrong server or website, and now that server or website has your password.
Hackers love making clones of popular websites to scam users out of their login credentials.
Companies could store your password in clear text in their database.
Their system administrators can see your password at any time, and if hackers breaks in, they can see your password as well.
Even if the password is salted and hashed, a hacker could steal all the passwords, brute force the salt and hash, and see if you used that same password for other apps and websites.
Employees may get frustrated by password policies set by IT administrators to increase security.
 
 
*SSH Key based
Keys are used as the default method of authentication for SFTP Gateway.
 
== Re-Evaluate the design ==
Retrieved from "https://aman.awiki.org/wiki/Special:MobileDiff/4009"