Date: Tue, 2 Oct 2001 22:28:52 +0200 (MET DST) From: Alexey Koptsevich <alex@astro.su.se> To: security@freebsd.org Subject: access from monitoring host Message-ID: <Pine.GSO.4.10.10110021523540.18156-100000@dioscuri.astro.su.se>
next in thread | raw e-mail | index | archive | help
Hello, There is a discussion about ways of access from centralized monitoring host at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/securing-freebsd.html Except for its network traffic, NFS is the least visible method - allowing you to monitor the filesystems on each client box virtually undetected. If your limited-access server is connected to the client boxes through a switch, the NFS method is often the better choice. If your limited-access server is connected to the client boxes through a hub, or through several layers of routing, the NFS method may be too insecure (network-wise) and using ssh may be the better choice even with the audit-trail tracks that ssh lays. I dp not understand, why access method should be different in cases when monitoring host is behind the switch or connected through the hub? Thanks, Alex PS Please cc: me your reply. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.10.10110021523540.18156-100000>