From: John Floren <slawmaster@gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] a few Q's regarding cpu/auth server
Date: Thu, 6 Aug 2009 17:17:19 -0700 [thread overview]
Message-ID: <7d3530220908061717j383ca700qd647622392b8aa09@mail.gmail.com> (raw)
In-Reply-To: <7d3530220908061701t314fdc42i7bce59ad9ba7df9e@mail.gmail.com>
On Thu, Aug 6, 2009 at 5:01 PM, John Floren<slawmaster@gmail.com> wrote:
>
> Oh, if we're just protecting against people wandering by who are
> obviously there by mistake--since we're discounting anyone coming
> prepared for serious maliciousness--how about just not having a
> terminal connected to your file server? My cpu/auth/file servers don't
> have anything connected except an ethernet cable and a remote serial
> console. Oh, sure, there's a crash cart over in the corner that you
> could drag over and plug in, but you've decided that we're only
> talking about opportunists who see a prompt and decide to type some
> stuff, so it's not a problem.
>
> The whole friggin' point of a colo is that you trust the people
> running it--also, that they don't leave terminals connected to every
> single one of their hundreds of customer machines. It's a locked room
> in a corporate building... this ain't your little brother banging on
> keys (a far more realistic reason for password-protecting a cpu
> server, if you're going to be dumb enough to leave the head attached).
>
> I have a Plan 9 server sitting in a lab at my university. Over the
> last 2+ years, it has been in the same place, powered on, connected to
> a keyboard, mouse, and monitor. The only deterrent to unauthorized
> users has been that I keep the monitor off, and in those 2 years I
> have not found a single sign that anyone has so much as touched the
> keyboard, much less done "rm -r /" or whatever it is you're afraid of.
> I'm afraid you'll have to forgive me if I find the probability of
> someone improperly accessing your headless colo'd box rather low.
>
> I invite you, though, to create some form of logging protection system
> for the box. Put the box in a colo, and then in 3 years send us your
> logs. I guess we'll see how many people tried to get into your cpu
> server.
>
>
> John
A note, please don't take this as a flame. I asked exactly the same
sort of thing in 2005/2006, and what I wrote here is the synthesis of
my experiences and changing viewpoints since then, shaped to apply to
the specific situations posed. Basically, even in the environment of a
university lab, considerably more hostile than a trusted colo, your
house, or your corporate machine rooms, I haven't had a problem, which
I attribute partially to the monitor/keyboard/mouse all being old
scruffy refugees, and partially to the fact that I keep the monitor
off. Realistically, I should have the peripherals unplugged and moved
away from the server, because it's *not* a particularly safe place--it
should either be headless, or indeed use some form of locker.
Everybody asks these questions, I think, if only to themselves. The
answers usually become evident, though--in my case, I had to get
grouched at by the curmudgeonly 9fans before I "got" it.
hasta~
John
--
"Object-oriented design is the roman numerals of computing" -- Rob Pike
next prev parent reply other threads:[~2009-08-07 0:17 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-06 2:20 Corey
2009-08-06 2:42 ` Anthony Sorace
2009-08-06 6:15 ` Corey
2009-08-06 6:30 ` John Floren
2009-08-06 7:52 ` Corey
2009-08-06 8:19 ` Robert Raschke
2009-08-06 23:28 ` Corey
2009-08-07 0:01 ` John Floren
2009-08-07 0:14 ` ron minnich
2009-08-07 0:17 ` John Floren [this message]
2009-08-07 8:55 ` Steve Simon
2009-08-07 1:00 ` Corey
2009-08-06 10:33 ` Steve Simon
2009-08-07 1:34 ` blstuart
2009-08-07 2:50 ` Anthony Sorace
2009-08-07 12:37 ` Ethan Grammatikidis
2009-08-07 14:37 ` Anthony Sorace
2009-08-07 14:53 ` David Leimbach
2009-08-07 12:05 ` Ethan Grammatikidis
2009-08-07 12:29 ` Iruata Souza
2009-08-07 12:39 ` Ethan Grammatikidis
2009-08-07 13:02 ` Iruata Souza
2009-08-07 13:27 ` Ethan Grammatikidis
2009-08-07 14:44 ` Wes Kussmaul
2009-08-06 12:54 ` erik quanstrom
2009-08-06 15:16 ` David Leimbach
2009-08-06 11:47 ` erik quanstrom
2009-08-07 0:25 ` Roman Shaposhnik
2009-08-07 0:59 ` hiro
2009-08-07 3:04 ` Daniel Lyons
2009-08-07 3:36 ` John Floren
2009-08-07 9:51 ` erik quanstrom
2009-08-08 4:12 ` lucio
2009-08-07 1:29 ` blstuart
2009-08-10 10:06 ` Corey
2009-08-10 10:33 ` Steve Simon
2009-08-10 10:43 ` Corey
2009-08-10 16:01 ` ron minnich
2009-08-10 20:43 ` Corey
2009-08-11 1:18 ` erik quanstrom
2009-08-07 4:19 lucio
2009-08-07 5:04 ` Corey
2009-08-08 4:26 ` lucio
2009-08-07 4:19 lucio
2009-08-07 4:19 lucio
2009-08-07 4:55 ` Daniel Lyons
2009-08-08 4:08 ` lucio
2009-08-08 7:42 ` Daniel Lyons
2009-08-07 4:56 ` Corey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7d3530220908061717j383ca700qd647622392b8aa09@mail.gmail.com \
--to=slawmaster@gmail.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).