[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <94175.1343310038@turing-police.cc.vt.edu>
Date: Thu, 26 Jul 2012 09:40:38 -0400
From: valdis.kletnieks@...edu
To: Григорий Братислава <musntlive@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Linux - Indicators of compromise
On Thu, 26 Jul 2012 09:07:33 -0400, ���������������� �������������������� said:
> Really? Shut down is entire racks? Because you will have
> backup/standby entire 42Us?
If you can't shut down the entire rack, you've screwed up your DR and
business continuity planning.
This isn't just a problem for large sites - I've seen lots of places claim "We
can't take 3 hours of downtime to patch/upgrade/test/whatever because
everything is on that one server". And my response has always been "And what
were you planning to do if you blew out a power supply or a system board and
had a 3-hour outage?".
But unfortunately, you're right - most places have screwed up their DR planning
and can't shut down. They've also screwed up their network config so it isn't trivial
to track down which port a problem attacker is on. (And yes, tracking down a
miscreant at level 2/3 *is* trivial if your network is in fact properly designed
and managed)
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists