SecurityPortal: Ask Buffy - Secure FTP, NAT/firewalls, syslog, and certificate authorities.

"Questions this week cover NT passwords, secure FTP, NAT/firewalls, syslog, coworkers viewing inappropriate materials, and certificate authorities."

• Do you have any recommendations for setting up a secure FTP server that can do a secure file transfer?
• I manage several networks that utilize DSL routers and run NAT. Is NAT enough of a firewall to secure my networks (i.e., could I plug my routers directly into the hub)? I do use additional firewalls, but now question their utility. There are no web servers of any kind on these networks - Internet access is used only for mail and browsing the Internet.
• I have a client that is requesting that my company analyze messages that are generated by their Internet router. We would like to configure the router such that it sends its logs to a syslog server that is located behind a firewall.My question is..... Are you aware of a secure way of allowing these logs through the firewall without compromising the security of the private network? Do you have any recommendations for providing this connectivity in a secure manner? Any help would be greatly appreciated.

Complete Story

Related Stories:

• SecurityPortal: Ask Buffy - Blocking Internet Access, Apache Proxy Request(May 13, 2001)
• SecurityPortal: Ask Buffy - Logging root commands, xinetd, bcc e-mail tracking (May 04, 2001)
• SecurityPortal: Ask Buffy - After an Attack; Firewalls and Intrusion Detection; SSL; lpd.(Apr 26, 2001)
• SecurityPortal: Ask Buffy - ports; log search tools, DNS - UDP or TCP (Apr 12, 2001)
• Security Portal: Ask Buffy: Strange log entries; LDAP; Nessus; SSL; and restricting VPN access.(Apr 05, 2001)