Re: Best security topology for FreeBSD
From: Crist J. Clark (cristjc@earthlink.net)
Date: 11/27/01
- Next message: annuaire@annuairefrancais.com: "Info : L'Annuaire Francais par Departement facilite vos recherches"
- Previous message: The Anarcat: "Re: Best security topology for FreeBSD"
- In reply to: Ahsan Ali: "Re: Best security topology for FreeBSD"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Nov 2001 17:05:04 -0800 From: "Crist J. Clark" <cristjc@earthlink.net> To: Ahsan Ali <ahsan@khi.comsats.net.pk>
On Mon, Nov 27, 2000 at 12:12:06AM +0500, Ahsan Ali wrote:
> What would the ideal security model for an ISP with a lot of sites and
> services hosted be?
A traditional ISP does (and should do) almost no filtering between its
peer points and its clients. An ISP should protect its administrative
network (accounting, marketing, etc.) and external service servers
(SMTP, POP, HTTP, Radius, etc.) pretty much like any other large
business. Some of these, like a Radius server, are not really seen in
many other businesses and have different requirements (it is accepting
requests from ISP owned machines on ISP owned network, but the network
must be considered hostile since the customers have "raw" access to
it). In an ISP environment, you have to depend on hardening hosts a
lot more since many are required to operate in very insecure
environments.
And you might want to fix that clock of yours. Or you seem to be
existing in some kind of time warp.
-- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: annuaire@annuairefrancais.com: "Info : L'Annuaire Francais par Departement facilite vos recherches"
- Previous message: The Anarcat: "Re: Best security topology for FreeBSD"
- In reply to: Ahsan Ali: "Re: Best security topology for FreeBSD"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
