Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Securing Email

from [jam] Network Security [Permanent Link]
Subject: Re: Securing Email
Date: Fri, 21 Dec 2007 15:57:00 -0500 
On Fri, Dec 21, 2007 at 02:52:36PM -0500, JD Brown wrote:

Hi list, I would like to get some suggestions regarding products out
there to secure email.  Preferably, I'd like to see an appliance that
could make the process as transparent as possible to the user.  Any
input would be greatly appreciated.



how do you mean "secure email"? do you mean you want to secure the
*transport* of the email? or the message itself?

if you want to secure the email itself, what I do with Linux is to use
"gnupg", which allows a digital signature and the message can also be
signed with a key for the intended recipient so that only someone that has
the private key *and* the passphrase can hope to decrypt it.

on the "smtp" side of things you can use SSL over the wire and it's pretty
painless to setup using postfix.

if you want to secure the smtp side, that is very "hands off" once the
configuration is done. I know this because I have done it on my Linux
machines.

on the client side, though, you can't really make digital signatures an
unmanned process unless you make a gnupg key without a passphrase, which is
a bad idea.

regards,
Jeff
-- 
http://zoidtechnologies.com/ -- websites that suck less
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Sans GCFW - What about the "OnDemand" training version ?, andrea . gatta
Next by Date:  ESMTP service, sisram2
Previous by Thread:  Re: Securing Email, Deanosaur
Next by Thread:  RE: Securing Email, JD Brown
Indexes:  [Date] [Thread] [Top] [All Lists]