Brian Peasland wrote:
>> The referenced document you sent contains the following quote:
>>
>> Over the Internet and in wide area network environments, both public
>> carriers and private networks route portions of their network through
>> insecure land lines, vulnerable microwave and satellite links, or a
>> number of servers— exposing valuable data to interested third parties.
>> In local area network environments within a building or campus, the
>> potential exists for insiders with access to the physical wiring to
>> view data not intended for them, and network sniffers can be installed
>> to eavesdrop on network traffic.
>>
>> How can a person in Washington intercept traffic between Atlanta and
>> Augusta?
>
>
> I think the referenced document says it all. If you are routing through
> a public network, then you have no definitive control over who can see
> your packets. A person in Washington may not be able to intercept
> traffic between Atlanta and Augusta. But how about an unauthorized
> person in Atlanta? The point is not to limit what the person in
> Washington sees, but to limit what any unauthorized person sees,
> *regardless of location*. And are you sure of the channels your packets
> are traversing through? In many cases, the network is handed over to
> some ISP at some point. What if the ISP uses satellite transmissions?
> What if the end user is on a cable modem and everyone in his node can
> see his network communications? These are the reasons that VPN was
> created...to safeguard traffic from an authorized individual to a
> company's internal network, regardless of who may be listening in. And
> let's assume that you can safely assert that only your company's
> employees have access to the network traffic as the communications occur
> only in your company's intranet. One of the biggest threats of company
> data is from the *inside*, not the outside world. A disgruntled employee
> may have unfettered access to all sorts of things, just because they are
> an employee, or a recently terminated employee. Should that person who
> has access, and in some cases the knowledge to use that access, be able
> to see the unencrypted data?
>
> Cheers,
> Brian
>
>
You have made me a happy man. I am printing this thread and handing it
to my management. Nice to know I am right at times.
Evan
Received on Wed Sep 13 2006 - 15:36:58 CDT