Hi, > Would using Microsoft EFS on the Radiator folder (which contains all NAS > credentials) and limiting access be a stronger solution than using an > encrypted database? Would this cause a noticeable performance hit for an SMB?
ah..you're using RADIATOR on a windows box? now I see why you worry about things being readable! ;-) okay...use EFS...but once the volume is decrypted it can be read. put strings into memory and they can be read, performance hit = no - as the config is only read at startup or restart... only entries in databases are checked dynamically. you can store your stuff securely elsewhere eg a database that is read by the RADIATOR server..but thats just obfuscation as they'll still have to be read by the server..stored in memory..and if the database isnt secured then thats more of an attack vector (also, admins on the server with DB read access could still read the password...) alan _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
