[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Scp calls
From: |
Kenneth Loafman |
Subject: |
Re: [Duplicity-talk] Scp calls |
Date: |
Sun, 03 Jan 2010 14:23:39 -0600 |
User-agent: |
Thunderbird 2.0.0.23 (X11/20090817) |
Port knocking should add very little overhead, one connection every
200MB if you set volsize=200. Besides, its not the guys on the outside
you need to worry about, most data theft is internal.
...Ken
AJ Weber wrote:
> I was considering using port knocking to stealth all ports on the target
> until I open the connection, but that won't work right with that M.O.
>
> Can't be too careful these days.
>
> -AJ
>
> On Jan 3, 2010, at 6:28 AM, Kenneth Loafman <address@hidden> wrote:
>
>> It's as secure as any ssh target, nothing is sent in the clear. I don't
>> think openvpn would be any more secure.
>>
>> ...Ken
>>
>> AJ Weber wrote:
>>> Hmm. That seems like a lot of overhead, and I wonder if it increases
>>> the ability of hacking the target server (because the username and
>>> password are sent repeatedly)?
>>>
>>> I wonder if I should setup an openvpn pipe and use straight FTP inside
>>> that instead?
>>>
>>> -AJ
>>>
>>> On Jan 2, 2010, at 8:10 PM, Kenneth Loafman <address@hidden> wrote:
>>>
>>>> Unless you run the --asyncronous-upload option, it's just one
>>>> connection
>>>> at a time, very serial. With --async, it's 2 at a time.
>>>>
>>>> ...Ken
>>>>
>>>> AJ Weber wrote:
>>>>> I guess I could try to trace this, but figure someone might already
>>>>> know...
>>>>>
>>>>> When using scp URL for target, how many ssh or scp sessions are
>>>>> run? Is
>>>>> it one per duplicity invocation, or closer to one per 25M archive file
>>>>> transferred (plus sig and other files)?
>>>>>
>>>>> I ask, because I might try to get fancy with firewall rules to protect
>>>>> the target server, and if it's one session, it'll be more
>>>>> straightforward to implement.
>>>>>
>>>>> Thanks!
>>>>> -AJ
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Duplicity-talk mailing list
>>>>> address@hidden
>>>>> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Duplicity-talk mailing list
>>>> address@hidden
>>>> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>>
>>>
>>> _______________________________________________
>>> Duplicity-talk mailing list
>>> address@hidden
>>> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>>
>>
>>
>> _______________________________________________
>> Duplicity-talk mailing list
>> address@hidden
>> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>
>
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>
signature.asc
Description: OpenPGP digital signature
- [Duplicity-talk] Scp calls, AJ Weber, 2010/01/02
- Re: [Duplicity-talk] Scp calls, Kenneth Loafman, 2010/01/02
- Re: [Duplicity-talk] Scp calls, AJ Weber, 2010/01/02
- Re: [Duplicity-talk] Scp calls, Kenneth Loafman, 2010/01/03
- Re: [Duplicity-talk] Scp calls, AJ Weber, 2010/01/03
- Re: [Duplicity-talk] Scp calls,
Kenneth Loafman <=
- Re: [Duplicity-talk] Scp calls, AJ Weber, 2010/01/04
- Re: [Duplicity-talk] Scp calls, Jacob Godserv, 2010/01/04
- Re: [Duplicity-talk] Scp calls, AJ Weber, 2010/01/04
- Re: [Duplicity-talk] Scp calls, Gabriel Ambuehl, 2010/01/04
- Re: [Duplicity-talk] Scp calls, AJ Weber, 2010/01/04
- Re: [Duplicity-talk] Scp calls, Gabriel Ambuehl, 2010/01/04
- Re: [Duplicity-talk] Scp calls, AJ Weber, 2010/01/04
- Re: [Duplicity-talk] Scp calls, Tim Riemenschneider, 2010/01/05
- Re: [Duplicity-talk] Scp calls, AJ Weber, 2010/01/05
- Re: [Duplicity-talk] Scp calls, Peter Valdemar Mørch (Lists), 2010/01/06