Re: centralization vs decentralization

From: Devdas Bhagat (devdas@worldgatein.net)
Date: 08/22/01 

From: Devdas Bhagat <devdas@worldgatein.net>
To: Roman Serbski <libser@manas.kg>, security-basics@securityfocus.com
Subject: Re: centralization vs decentralization
Date: Wed, 22 Aug 2001 11:51:39 +0530
Message-Id: <01082211563401.02506@office.interoffice>

On Wed, 22 Aug 2001, Roman Serbski spewed into the ether:
<snip>
> What do you think, from the security point of view - is it better to
> have one server with many services (mail, DNS, WWW) OR to split this
> services to different machines? - assuming that hardware requirement is
> not a problem.
I would personally prefer mail having dedicated machines, with a
caching nameserver running on it. DNS and www can share a machine,
depending on the load.
You may want to be extra careful when running bind though, if only
because of its history.

> I would like to make an analogy with sendmail/qmail: in the first case,
> - "all in one" scheme, second case is distributed system of mutually
> independent programs.
More importantly, it is about the quality of access which can be gained
by a hole in one of these programs. A hole in sendmail is root access
(assuming the suid root binary). A hole in a qmail daemon on the other
hand will at most offer limited access.

> So what about efficiency of administrating such systems? Let's say you
> have ten servers with different services, normally it will take a lot of
> time to control them (incl. patching, monitoring etc.), from the other
> side - there is one server with all services running on it, but if
> someone broke it - everything will be stopped.
> Looks like some kind of cornerstone :) - security vs. efficiency.
Actually, not so much more time than for a single machine.
You are not going to run other servers on that machine, so you don't
have to patch those when a security advisory comes out. Monitoring
increases slightly, but for a Unix system, this can and should be
automated

Devdas Bhagat

Relevant Pages

  • Sarbanes, anyone?
    ... done from a database security perspective and am trying to ... the DBA has system administrator rights and the DBA can be ... Server audit traces, but it seems that is an expensive ... monitoring requirements or if there are other options I'm ...
    (microsoft.public.sqlserver.security)
  • Re: Protecting your code with click once
    ... will patch every possible hole, i have to assume i wont. ... The rng is on the server side so should be fine but there is code shared ... between client and server. ... If your code has a security hole, ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Security Monitors
    ... Generally I don't tend to rely much on host-based security monitoring. ... I prefer the NIDS approach. ... Every server here has some host based monitoring - logcheck, ...
    (FreeBSD-Security)
  • Re: Protecting your code with click once
    ... will patch every possible hole, i have to assume i wont. ... The rng is on the server side so should be fine but there is code shared ... between client and server. ... If your code has a security hole, ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Features for a monitoring tool
    ... if one had a bug that could lead to a security problem regardless ... > of the flawed program's role (client or server). ... imagine you have 20 servers (monitoring ...
    (comp.os.linux.security)
Loading