Re: Question about shared storage arrays
From: Craig Krivin (c.krivin_at_worldnet.att.net)
Date: 03/30/04
- Previous message: Tiago Quadra: "Re: Secure host newbie"
- In reply to: mcgillim_at_cis.uab.edu: "Question about shared storage arrays"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <mcgillim@cis.uab.edu>, <security-basics@securityfocus.com> Date: Tue, 30 Mar 2004 15:28:25 -0500
Melissa:
My experience is that the answers to your questions depend on the management
of the storage array. If the array is correctly managed then security is
not an issue. But, depending on the network and administration
configuration (is there internet access to the array? Who has root access?)
could affect the security of your info and the integrity of the database.
--Craig
----- Original Message -----
From: <mcgillim@cis.uab.edu>
To: <security-basics@securityfocus.com>
Sent: Tuesday, March 30, 2004 10:31 AM
Subject: Question about shared storage arrays
Hello,
I am currently charged with finding a storage solution for our company's
collection of databases. One option that has been presented to me is to
share a storage array with a company that provides other solutions for us.
We would have our own set of disks in the array. My question is, has anyone
here done this, or does anyone have any sort of knowledge of the security
implications of this measure. (What are my risk factors? Can other people
usng the array get to my data and if so how easy is it? etc....) I am
currently looking for answers online, but someone with some real experience
with this would benefit my cause greatly.
Thanks in advance!
Melissa McGillis
(For those watchdogs on the list, I don't work for UAB, this is just the
email I use for my mailing lists.)
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
- Previous message: Tiago Quadra: "Re: Secure host newbie"
- In reply to: mcgillim_at_cis.uab.edu: "Question about shared storage arrays"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
