OpenVZ Forum: Support » *SOLVED* VEs with different subnets

Home » General » Support » *SOLVED* VEs with different subnets

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: VEs with different subnets [message #14744 is a reply to message #14542]

Mon, 09 July 2007 13:40

n00b_admin
Messages: 77
Registered: July 2006
Location: Romania

Member

Your VE's provide internet access to other private networks or what ?

I manage a server where i use the setup i'm talking about, because i live in Europe too Razz

I don't think that exposing a HN that is running only the ssh daemon to internet is a great security risk. Maybe i'm wrong but i'm using such setup for four months now and i didn't have any incidents regarding the HN. Besides the normal dictionary attacks on the ssh daemon which i block using public key auth ( a normal thing to do in these days ).

On this setup i provide internet services for several domains and as needed will increase the domains hosted on the HN.

Right now i provide DNS, Mail, Database, web and ftp access to 10 domains without any problem whatsoever.

For two production boxes that i run using openvz (the other one hosts 40+ domains) i'm pretty happy on how the software performs and how secure it is.

I'm running openvz on the 40+ domains box from last years spring and i didn't had any break-in's on the HN itself. That tells me that the kernel is secure enough to not allow a compromised VE access to the HN. I had compromised VE's but mostly kids vandalizing sites because they were poorly written.

On that production box i'm running the VE's with public ip's but the incidents were only related to php applications that were not sanitized properly and after the developers fixed the problems saw by me i stopped having problems with that too.

It's your choice on how paranoid you want to be with security and if you have sensitive data your handling it's normal to be that way but if you're only a web hoster i think it's to much of a hassle to do this setup your trying to do.

Report message to a moderator

[Message index]

		SOLVED VEs with different subnets By: ugo123 on Sun, 01 July 2007 23:25
		Re: VEs with different subnets By: dev on Mon, 02 July 2007 07:29
		Re: VEs with different subnets By: ugo123 on Mon, 02 July 2007 08:31
		Re: VEs with different subnets By: dev on Mon, 02 July 2007 07:38
		Re: VEs with different subnets By: ugo123 on Mon, 02 July 2007 08:36
		Re: VEs with different subnets By: dev on Mon, 02 July 2007 08:52
		Re: VEs with different subnets By: ugo123 on Mon, 02 July 2007 09:13
		Re: VEs with different subnets By: khorenko on Mon, 02 July 2007 11:32
		Re: VEs with different subnets By: ugo123 on Mon, 02 July 2007 12:01
		Re: VEs with different subnets By: ugo123 on Mon, 02 July 2007 12:19
		Re: VEs with different subnets By: khorenko on Mon, 02 July 2007 16:08
		Re: VEs with different subnets By: ugo123 on Mon, 02 July 2007 17:17
		Re: VEs with different subnets By: ugo123 on Mon, 02 July 2007 20:13
		Re: VEs with different subnets By: khorenko on Tue, 03 July 2007 07:20
		Re: VEs with different subnets By: ugo123 on Tue, 03 July 2007 09:25
		Re: VEs with different subnets By: ugo123 on Tue, 03 July 2007 09:26
		Re: VEs with different subnets By: khorenko on Tue, 03 July 2007 10:28
		Re: VEs with different subnets By: dev on Tue, 03 July 2007 10:31
		Re: VEs with different subnets By: ugo123 on Tue, 03 July 2007 12:04
		Re: VEs with different subnets By: ugo123 on Tue, 03 July 2007 10:41
		Re: VEs with different subnets By: ugo123 on Mon, 02 July 2007 21:19
		Re: VEs with different subnets By: emkravts on Tue, 03 July 2007 11:45
		Re: VEs with different subnets By: ugo123 on Tue, 03 July 2007 12:07
		Re: VEs with different subnets By: dev on Tue, 03 July 2007 12:08
		Re: VEs with different subnets By: ugo123 on Tue, 03 July 2007 12:39
		Re: VEs with different subnets By: ugo123 on Tue, 03 July 2007 12:59
		Re: VEs with different subnets By: emkravts on Tue, 03 July 2007 13:09
		Re: VEs with different subnets By: ugo123 on Tue, 03 July 2007 14:48
		Re: VEs with different subnets By: n00b_admin on Mon, 09 July 2007 12:35
		Re: VEs with different subnets By: ugo123 on Mon, 09 July 2007 12:51
		Re: VEs with different subnets By: n00b_admin on Mon, 09 July 2007 13:40
		Re: VEs with different subnets By: khorenko on Sun, 15 July 2007 16:31

Previous Topic:	RESOLVED Solaris 10 Template
Next Topic:	BUG REPORTED Migration problem with 2.6.18-028stab035

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Wed Aug 07 00:38:52 GMT 2024

Total time taken to generate the page: 0.03157 seconds