Re: Features for a monitoring tool
From: Charles Lee (chuckx@cold-sun.com)
Date: 02/17/03
- Next message: G.: "Re: Password age code"
- Previous message: jack: "Re: OT! "amerika rant""
- In reply to: Felinux: "Re: Features for a monitoring tool"
- Next in thread: Felinux: "Re: Features for a monitoring tool"
- Reply: Felinux: "Re: Features for a monitoring tool"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Charles Lee" <chuckx@cold-sun.com> Date: Mon, 17 Feb 2003 04:50:14 GMT
On Sun, 16 Feb 2003 22:08:28 +0000, Felinux wrote:
> Mmmm... I see. That means I'll have to rewrite lots of the stuff I
> already did. Not to mention I'll have to swap check.c and checkd.c! =)
> Seriously, I'm not that sure there is a real security gap between the
> two solutions: since both the server and the client would need to run
> 24/7, if one had a bug that could lead to a security problem regardless
> of the flawed program's role (client or server). Ok, a server is
> constantly accepting connections and is therefore inherently less secure
> than a client, but one of the two hosts HAS to act as a server.
> Therefore I don't think I can improve the client/server suite's security
> by swapping the two programs' behavior. I can only choose wich of the
> two parts will be riskier to run.
To further illustrate his point, imagine you have 20 servers (monitoring
clients) being monitored and 1 monitoring server. Like you said, the
server portion would inherently be less secure. So, if there is a
vulnerability, only the 1 monitoring server would be vulnerable. The 20
servers (monitoring clients) would (hopefully) still be safe.
-- chuckx
- Next message: G.: "Re: Password age code"
- Previous message: jack: "Re: OT! "amerika rant""
- In reply to: Felinux: "Re: Features for a monitoring tool"
- Next in thread: Felinux: "Re: Features for a monitoring tool"
- Reply: Felinux: "Re: Features for a monitoring tool"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
