Date: Mon, 27 Nov 2000 00:12:06 +0500 From: "Ahsan Ali" <ahsan@khi.comsats.net.pk> To: <security@freebsd.org> Subject: Re: Best security topology for FreeBSD Message-ID: <001901c057dc$c69b9300$0100a8c0@ahsanalikh> References: <20011125013812.9839.qmail@web10106.mail.yahoo.com> <200111242124560932.023F3386@home.24cl.com> <002801c17564$1b5e2a60$060aa8c0@pcgameauthority.com> <20011126001931.D222@gohan.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
What would the ideal security model for an ISP with a lot of sites and services hosted be? Clients coming in through access servers and additional routers/router interfaces. I'd look at number two but apart from the main authentication servers, there isn't much that goes at the extreme backend, is there? -Ahsan ----- Original Message ----- From: "Crist J. Clark" <cristjc@earthlink.net> To: "Andre Hall" <ahall@pcgameauthority.com> Cc: <myraq@mgm51.com>; "G Brehm" <gbbrehm@yahoo.com>; <security@FreeBSD.ORG> Sent: Monday, November 26, 2001 1:19 PM Subject: Re: Best security topology for FreeBSD > On Sat, Nov 24, 2001 at 07:48:55PM -0800, Andre Hall wrote: > [snip] > > > There is a reason why most security industry has > > stuck with the approach, > > Because it is cheaper and easier to do as a "drop in" solution. > > > it is practical > > It is actually harder to properly configure. However, the fact many > vendors cater to the market has made the "knowledge base" on the > design fairly deep. > > > and a fool proof > > It is far, far from fool proof. Security is never fool proof. > > > way of guarding > > internal assets while provided the necessary exposures to services others > > need to access. > > I do agree that for small sites it may not make sense to devote the > resources to the stronger, layered design. Security is never > absolute. It is always balanced against cost. > -- > Crist J. Clark cjclark@alum.mit.edu > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001901c057dc$c69b9300$0100a8c0>