SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Valdis.Kletnieks@vt.edu: Re: Storage over Ethernet/IP



    
    
    ------- Forwarded Message
    
    Date:    Fri, 26 May 2000 11:35:54 -0400
    From:    Valdis.Kletnieks@vt.edu
    To:      Brian.Rubarts@born.com
    cc:      moore@CS.UTK.EDU, ietf@ietf.org
    Subject: Re: Storage over Ethernet/IP 
    
    On Fri, 26 May 2000 10:14:03 CDT, Brian.Rubarts@born.com said:
    > A network server will still authenticate user requests.  Only the host
    > needs to be authenticated with the disk/disks.
    
    Hmm.  
    
    Isn't this security model the cause of most grumbling regarding NFS security?
    
    > If the larger network that is employing this technology doesn't hire a decent
    > consultant, you might be right.  If they do, it will ALWAYS be behind a firewall :-)
    
    Double Hmm.. 
    
    Odd.. I thought we had a clue about security.  The guys at SANS just
    gave us a 'Technology Leadership Award'.  I just walked across the hallway,
    and I didn't see any firewall in our router swamp.
    
    I guess because we don't have a firewall, we don't have a clue.  Or because
    we don't have a firewall, we can't deploy this technology.  Somehow, that
    doesn't smell right.
    
    > the server and storage devices could be in a VLAN or something to deny direct hack 
    > attempts against the storage device, but the chink in the armor is how hardened is
    > your OS?
    
    If your OS is hardened enough, a firewall may not be appropriate.
    
    "New from Kellogs - Firewalls cereal - part of this *COMPLETE* and *BALANCED*
    security breakfast".
    - -- 
    				Valdis Kletnieks
    				Operating Systems Analyst
    				Virginia Tech
    
    
    ------- End of Forwarded Message
    


Home

Last updated: Tue Sep 04 01:08:15 2001
6315 messages in chronological order