[rescue] SMP on intel wasteful?
Brian Hechinger
wonko at 4amlunch.net
Tue Jun 25 09:17:40 CDT 2002
On Tue, Jun 25, 2002 at 08:15:05AM -0400, Kurt Huhn wrote:
> >
> > > Sure, no box can be secured from an Inside threat. Give me Physical access
> > > to the box and the resources to exploit it, and there is no security.
> >
> > If you're like most IT guys, you focus your security efforts mostly on
> > the outside world. Build one helluva firewall to keep the kiddies out.
>
> I dare say most of us here aren't typical IT guys. Any sysadmin worth
> their salary is already aware of that, and is waaaay ahead of his
> internal customers.
>
> All sysadmins should secure their boxes down to the bare minimum of
> available services, and trim that down further by allowing only the IPs
> to connect that *need* to connect.
>
> Of course that's just my opinion, I could be wrong...
no, you are not wrong. you are speaking as an experienced admin. and there
is also the fact that you are allowed to have more than one firewall on your
network. guest machines plugged into the guest network, which had access to
only what guests needed access to (mainly the internet)
hell, even the regular employees had very little access. only developers to
development systems, and only jim and i to the production environment. that
is how you do it.
-brian
--
"I mean Twinkies are good but getting shot really hurts."
-- http://www.thisisatastyburger.com/ --
More information about the rescue
mailing list