[CentOS] Correct xen domains path
Stephen Harris
lists at spuddy.orgMon Jun 18 17:24:01 UTC 2007
- Previous message: [CentOS] Correct xen domains path
- Next message: [CentOS] OT - IP Tables - forwarding to localhost
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Jun 18, 2007 at 07:17:54PM +0200, Daniel de Kok wrote: > On Mon, 2007-06-18 at 12:56 -0400, Stephen Harris wrote: > > The security rule of thumb here is that such machine _will_ be attacked, > > and so "security in depth" is the process to apply. > > There are far more attack vectors than just through network facing > daemons. To name just one example, web browsers. Unfortunately, Firefox > is not yet protected by the targeted policy. Hopefully that will happen > one day. Web browsers typically don't run as root and don't run on servers, but work stations. They also require users to access "infected" sites. Daemons on internet facing systems generally provide access to application data (eg a web application) or system resources (eg ssh) with higher priveleges and are candidates for automated zombie attacks and, therefore, have a much bigger risk profile. -- rgds Stephen
- Previous message: [CentOS] Correct xen domains path
- Next message: [CentOS] OT - IP Tables - forwarding to localhost
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list