Consolidating Servers Under Linux
Subject:   Security issues overlooked
Date:   2001-08-31 02:08:37
From:   mbruce
Server applications have been separated onto different physical machines for 2 reasons: load and security. The security aspect has been completely overlooked in this article.

Let's say you have your company mail server and your database of customer details (including credit card numbers, if you want an obvious warning bell that even non-techies can hear) running on the same server "because you want to consolidate your hardware" and save a few bucks. Then Joe Cracker comes along and roots your all-in-one server using an exploit in Sendmail (because the admin was too busy/lazy/hungover to ensure it was running the latest "known good" patchlevel).

Bye bye credit card numbers, hello lawsuit, bye bye company.

I've only just covered the Confidentiality aspect.

What about Integrity? Modification of data, ordering with a bent credit card and erasing the transaction, etc.

And what about Availabilty? The underlying virtual server app goes down (presumably via an attack on the admin port - everyone wants ease of management, don't they?) and every virtual machine on this all-in-one server goes down.

What does the business impact assessment classify downtime criticalities to be? (You HAVE done a BIA, haven't you?) Will it take the resident ubergeek a day to rebuild it? Will that day of lost productivity cost you more than you can recover in a month or year?

While I applaud the technology, and think it may have some real uses, I really do have concerns about putting it into a production environment based on the fact this article writer has completely glossed over such a critical subject.