Chris,
> I don't want to seem altogether pessimistic on the subject - but I do
think
> that a very determined person can crack any system, given enough time.
Even
> Mike's systems are not invulnerable. It would just take a very
determined
> person to get through his defenses - using electronic means.
I agree, however what if you put a machine like a Winframe in your DMZ, and
force all outside connections through that machine. The Winframe uses a
propriatary protocol ICA, that is encrypted, and then encrypting the
outside machine stream. Winframe can be configured such that it auto
disconnects, has no virtual resources other than a screen, and requires the
client to logon 100% of the time. Although the password is passed accross
the wire, if it is in a VPN there is effectively three layers of
scrambling/encryption at that point.
The protocol ICA
The Winframe encryption,
The protocol encryption.
But there is always the cold war method... hold a gun to the person's head
on the outside, while they retrieve data from the machine, or steal the
tapes... <g>...
Comments on the security of Winframe?
regards:jamie
|
|
