On Nov 5, 9:25 am, sal <[EMAIL PROTECTED]> wrote:
> On Nov 4, 3:08 pm, yejun <[EMAIL PROTECTED]> wrote:
>
> > On EC2 you can make your own image, but that's not the point. I
> > believe no one in their right mind would use a public image for their
> > production system, it is just not safe by any means.
>
> You have to trust the Google admins with your data and code also. At
> least with EC2 you have direct access and create an encrypted
> filesystem / etc. That even the admins wouldn't be able to 'poke
> around' into. So I don't buy the security argument...
Having admined a commercial linux cluster, I DO buy the security
argument. Even with my experience, I wouldn't flatter myself that I
was anywhere near the expertise of Google's admins.
Just taking one aspect, you should have iptables set up to firewall
your traffic. Do you know how to drop any SSH connections from the
same ip address that makes more than three attempts in a minute? If
not, it'll take you a couple of hours to get your head around that,
and build it into your EC2 image.
Multiply that by a couple of hundred times - database admin, database
replication, mail server admin, web server admin, managing DOS attacks
with routing tables... or you can have Google do the whole lot for you
- for next to nothing. I'm buying it.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en
-~----------~----~----~----~------~----~------~--~---
