From owner-freebsd-questions@FreeBSD.ORG  Mon May 15 21:15:40 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9B8E916AC37
	for <freebsd-questions@freebsd.org>;
	Mon, 15 May 2006 21:15:40 +0000 (UTC) (envelope-from cswiger@mac.com)
Received: from pi.codefab.com (pi.codefab.com [199.103.21.227])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3DB6143D81
	for <freebsd-questions@freebsd.org>;
	Mon, 15 May 2006 21:15:35 +0000 (GMT) (envelope-from cswiger@mac.com)
Received: from localhost (localhost [127.0.0.1])
	by pi.codefab.com (Postfix) with ESMTP id 83F525E28;
	Mon, 15 May 2006 17:15:34 -0400 (EDT)
X-Virus-Scanned: amavisd-new at codefab.com
Received: from pi.codefab.com ([127.0.0.1])
	by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id uaAVHXK08+Sc; Mon, 15 May 2006 17:15:33 -0400 (EDT)
Received: from [199.103.21.238] (pan.codefab.com [199.103.21.238])
	(using TLSv1 with cipher RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pi.codefab.com (Postfix) with ESMTP id C823B5DF3;
	Mon, 15 May 2006 17:15:33 -0400 (EDT)
In-Reply-To: <20060515145152.V46728@server1.ultratrends.com>
References: <20060515145152.V46728@server1.ultratrends.com>
Mime-Version: 1.0 (Apple Message framework v750)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <4D0ECFC4-7168-4CB8-A9EB-54C9A51D9EB3@mac.com>
Content-Transfer-Encoding: 7bit
From: Charles Swiger <cswiger@mac.com>
Date: Mon, 15 May 2006 17:15:32 -0400
To: TRODAT <technical@ultratrends.com>
X-Mailer: Apple Mail (2.750)
Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org>
Subject: Re: Security Testing on Production Systems
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 May 2006 21:15:42 -0000

On May 15, 2006, at 4:54 PM, TRODAT wrote:
> This is a hot topic as of late where I work:
>
> Once a system has gone into 'production' should testing,  
> specifically security, be done on it if the system could be broken  
> by the test itself?
>
> What is your take on this issue and why?

Yes, although you should schedule possible intrusive or disruptive  
security/pentesting for an appropriate time where you can afford to  
recover from any problems which occur.

Most systems which fail under testing have sufficient issues that  
they fail under some naturally-occurring load conditions.  Backups  
are your friends.

-- 
-Chuck