Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


Share this Page URL
Help

Chapter 1: Introduction > Solutions Fast Track - Pg. 11

Introduction·Chapter1 11 Summary In this chapter we investigated the history of data transmissions and how we went from the centralized data topology to distributed topology. We went from private connections to sending private data over public access links via the Internet. We have seen the times change from where our data was saved internally to a point where data theft is more often than not an inside job. We now have to worry about every aspect of our internal LAN networks just as much as we had to worry about our WAN connections. SSH is an answer to this question: Why don't I use rlogin, rsh, rcp, FTP, and telnet? Because! If you use them you are exposing your sensitive data to prying eyes. Through the growth of the Internet and the technologies that have been developed around them, data is more vulnerable today than at any point in the past. Laws and legislations have been passed, and more are proposed that require certain types of traffic (legal, financial, and health) to be securely encrypted whenever they cross unsecure networks. SSH, and its suite of utilities, will replace rlogin, rsh, rcp, and ftp and can create tunnels where unsecure data like e-mail and web traffic can be used to protect this unsecure data inside our infrastructure. You saw the C-I-A triad ­ Confidentiality, Integrity, and Availability ­ and how SSH can protect these aspects. We have seen that SSH is not a total answer to your security solution. Layers of defense must be in place, overlapping in some areas to provide a strong security profile. In addition, SSH is not a replacement for VPN or firewalls, as these technologies have functions that apply in other areas of security.