[dba-Tech] SSL or SSH or Other?

Hans-Christian Andersen hans.andersen at phulse.com
Tue Jul 23 12:31:14 CDT 2013


Hi Arthur,

I'm in agreement with Jim here. Openvpn would probably be the best solution here. SSH works great, but you will take a performance hit.

- Hans


On 2013-07-23, at 5:37 AM, Arthur Fuller <fuller.artful at gmail.com> wrote:

> Jim.
> 
> I was unaware of the ability to refer to remote VPN directories as a drive
> letter. That's enormously valuable. Thanks for that tip.
> 
> Also thanks for the link to OpenVPN.Net. That might be the way to go with
> my colleague's app. I'll take it for a spin and see what's working and what
> isn't. And the pricing is certainly within the boundaries.
> 
> A.
> 
> 
> On Mon, Jul 22, 2013 at 11:15 PM, Jim Lawrence <accessd at shaw.ca> wrote:
> 
>> Inline:
>> 
>> ----- Original Message -----
>> From: "Arthur Fuller" <fuller.artful at gmail.com>
>> To: "Discussion of Hardware and Software issues" <
>> dba-tech at databaseadvisors.com>
>> Sent: Monday, July 22, 2013 5:45:29 PM
>> Subject: Re: [dba-Tech] SSL or SSH or Other?
>> 
>> Thanks a lot for your input, guys. I've got some research to do, and I've
>> asked my colleague some questions about configuration to which I lacked
>> immediate answers, so I'll continue looking into this as I await his
>> answers.
>> 
>> Meanwhile, I will proffer some opinions:
>> 
>> 1. Since the back end is MySQL, a Linux database server is the best
>> possible choice. Why bother with licensing the MS Server stuff when the
>> Linux stuff is both solid and free?
>> : Not to mention, all things being equal is as much as five times as fast
>> given specific standard operations.
>> 
>> 2. Whatever his current configuration is (I'm still awaiting details about
>> his database server), subsequent recommendations will be based on that
>> answer.
>> : Note, that if you are using a VPN, you can just refer to remote drives
>> with directory using drive letter which makes it real easy to run local and
>> remote applications
>> 
>> That's about all I have to offer as I await his responses to my questions.
>> Those responses may or may not limit the choices available. Following Jim's
>> suggestion to investigate OpenVPN.Net, I have visited the site and am
>> currently ignoring the TV and reading the material.
>> 
>> :Absolutely excellent movie.
>> And speaking of TV, last night I watched Blood Diamond, of which I have a
>> copy on my bookshelf but haven't watched since its immediate release. What
>> an incredible movie! I don't recall whether Leonardo diCapreo won an Oscar
>> for this film, but if not it's travesty. In every possible way, this film
>> is magnificent -- but most of all, aside from the shots of the African
>> sunsets, is the performance by DiCapreo, and Djiomin Hounsou and Jennifer
>> Connelly -- not to mention the exposure of the blood diamond trade.
>> 
>> Please excuse the irrelevant venture into clearly-OT topics, but I found
>> this film so unforgettable that I am still reeling from its power, despite
>> my interests in the original question.
>> 
>> Arthur
>> 
>> 
>> On Mon, Jul 22, 2013 at 4:17 PM, Salakhetdinov Shamil <mcp2004 at mail.ru
>>> wrote:
>> 
>>> Hi Jim --
>>> 
>>> "Watch What You Say"! :) (see below)
>>> 
>>>> in the age of PRISM this becomes so very important
>>> It (VPN encryption) might soon become useless:
>>> 
>>> "The NSA Is Building the Country’s Biggest Spy Center (Watch What You
>> Say)"
>>> http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1 --
>> Shamil
>>> 
>>> Monday, July 22, 2013 11:28 AM -06:00 from Jim Lawrence <accessd at shaw.ca
>>> :
>>>> Hi Arthur:
>>>> 
>>>> I am hardly an network expert but for secure connection across internet
>> I
>>> would suggest a VPN type network. If done properly, staff with the
>>> appropriate usernames and passwords can connect in to business network
>>> through either standard or a specific dedicated address:port installed on
>>> the company's router.
>>>> 
>>>> There are a slew of VPN products out there with all sort of features and
>>> costs. I have one that is installed on my laptop which gives me full
>> access
>>> to my entire network when I am on the road...it supports any protocol as
>>> its is only a tunnel, even RDP.
>>>> 
>>>> It is called OpenVPN ( http://openvpn.net/ ) and as my resource are
>>> limited the price is right. The product has clients for any OS but server
>>> end must be Linux based...not a problem for yourself as it runs fine on
>> any
>>> version of Distro, that uses Debian. If the business wants their server
>> end
>>> hosted it will cost $6.00 per connection per year (I am sure there are
>>> volume discounts).
>>>> 
>>>> I would recommend you set up your own in-house server as once setup
>>> properly it can left to its own devices as it just works. The beauty of
>>> hosting is that once a connection is established the client and server
>> are
>>> directly linked, no third party intervention is needed. This is of course
>>> is great for security and in the age of PRISM this becomes so very
>>> important.
>>>> 
>>>> HTH
>>>> Jim
>>> <<< skipped >>>
>>> _______________________________________________
>>> dba-Tech mailing list
>>> dba-Tech at databaseadvisors.com
>>> http://databaseadvisors.com/mailman/listinfo/dba-tech
>>> Website: http://www.databaseadvisors.com
>> 
>> 
>> 
>> --
>> Arthur
>> Cell: 647.710.1314
>> 
>> Prediction is difficult, especially of the future.
>>  -- Niels Bohr
>> _______________________________________________
>> dba-Tech mailing list
>> dba-Tech at databaseadvisors.com
>> http://databaseadvisors.com/mailman/listinfo/dba-tech
>> Website: http://www.databaseadvisors.com
>> 
>> _______________________________________________
>> dba-Tech mailing list
>> dba-Tech at databaseadvisors.com
>> http://databaseadvisors.com/mailman/listinfo/dba-tech
>> Website: http://www.databaseadvisors.com
> 
> 
> 
> -- 
> Arthur
> Cell: 647.710.1314
> 
> Prediction is difficult, especially of the future.
>  -- Niels Bohr
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com



More information about the dba-Tech mailing list