Specifications
©
2002, David K. Z. Harris
17
Pg. 17
© 2002
David K. Z. Harris
Think About Security
Ø Do you have a security policy?
Ø Does it consider remote access
to serial consoles?
Ø How concerned are you about
‘internal’ threats (snooping)?
Ø What are you trying to protect?
Ø What is that worth to protect it?
² The classic budgeting questions
We will discuss some security issues in this talk, but security is a touchy
subject, and a few aspects of most cases are unique.
Due to this, we will discuss general points during the class, and the materials
will give you some questions to think about and discuss.
During the conference, we will be holding a Birds of a Feather session, and
we’d welcome any additional questions there, if you are comfortable asking
them in that forum.
The biggest worry is whether you are concerned with the console traffic being
monitored within your network. (Most companies use a “jelly bean” security
model…hard on the outside, soft on the inside…meaning that they are not too
worried about folks on the inside sniffing the wires.)
In a switched ethernet environment, it’s harder for folks to see the packets to
and from the terminal servers.
If you have a console server host, you should consider if it is worth making
that host single-purpose, and limiting the login accounts