Page MenuHomeDevCentral
Create Task
Maniphest T2209

Test TCP and UDP traffic
Open, NormalPublic
Actions

Description

Ensure that PostgreSQL and MariaDB traffic between sites is encrypted in transit, this must be verified by:

  • confirming packets are encapsulated in ESP when captured on the WAN interface.
  • confirming no database payload is visible in clear text.
  • verifying application-level TLS configuration.

tcpdump will help make sure the packets are encrypted

Event Timeline

Duranzed created this task.Thu, Feb 5, 16:13
Herald added a subscriber: dereckson. · View Herald TranscriptThu, Feb 5, 16:13
Duranzed renamed this task from Test trafic tce/upd to Test trafic tcp/upd.Fri, Feb 6, 11:06
Duranzed updated the task description. (Show Details)
dereckson triaged this task as Normal priority.Wed, Feb 11, 19:53
dereckson renamed this task from Test trafic tcp/upd to Test TCP and UDP traffic.Mon, Feb 16, 01:30
dereckson added a comment.Mon, Feb 16, 01:32

This task should be clarified.

Testing the traffic, for both protocols, could be more about being sure we can create connections.

PostgreSQL and MariaDB both use TCP connections, and if the tunnel uses IPsec, the packets are encrypted.
If not, the packets are clear text or TLS depending if the application uses or not end-to-end encryption.

Duranzed updated the task description. (Show Details)Mon, Feb 16, 09:03
Duranzed updated the task description. (Show Details)
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator