On Tue, Nov 20, 2018 at 02:24:55PM -0500, Nick Holland wrote: > On 11/20/18 11:43, Chris Bennett wrote: > > I am almost certainly going to be replacing with a new server for an > > organization I am a member of. > > With all of this mess with Meltdown, Spectre, insecure motherboard > > chips,etc. > > I am pretty clueless on exactly what is going to be a secure set of > > server hardware. > > Intel, well no. > > AMD? I have read about problems with non-CPU chips being compromised. > > Another architecture? I have never used anything other than Intel/AMD. > > > > The server will run httpd, mailserver, PostgreSQL and somehow a good way > > for well encrypted messaging at times. > > all on one server? > > And as someone who has run a number of mail servers for a number of > companies ... don't. Just don't. Running your own mail server is a > good way to accomplish nothing except wasting a lot of time and making > people hate you. >
The mail server is ONLY intended for members of the organization. You would have me use gmail or yahoo? The organization is suing another group for slander. > > It is very likely to run out of Austin, Texas. > > I think that having a direct connection would be best, but would a > > proper setup make collocation OK? > > You are using poorly defined buzzwords. What you mean by a "direct > connection", "proper setup", "collocation" and what I mean are likely > very different. > Well, then tell me some useful information. Correct my idiotic buzzwords. There was carefully noted in my message that I am facing new territory and need some advice. > > This isn't going to be my server, I will just be in charge. That's > > completely new for me. > > Any advice is really welcome, everywhere I read anything, hardware seems > > broken and insecure. > > Pretty much all new HW is optimized in ways that we are now learning > (and has been known for a long time) introduce security problems. > However, most of the problems boil down to having malicious software > running in the control of someone else on the same physical machine YOUR > code is running on. > > In short: No news. Really. > > If someone that wanted to do you evil lived in the same house as you, > you would not be comfortable, right? What if you put up walls > (virtualization) that have proven to to be about as robust as paper? > That make you feel any better? Probably not. Virtualization has been > proven -- over and over -- not terribly secure. Now we got > cross-virtualization platforms ways of stealing data from other > processes. Important? yes. But in the big picture, it's similar to Yet > Another buffer overflow. > To be quite frank, and I don't mean anything negative to others using virtualization, you couldn't pay me to even consider using something that idiotic for trying to make a "secure" setup. And using the "clouds" , to me, is getting just a little bit too "high". > So...split your tasks on different physical systems as much as possible. > If your webserver is serving static pages, it's probably pretty robust. > If it's running Wordpress or any other "any idiot can manage the web > page" apps or dynamic web pages for other reasons, it should be a > machine of its own and have no other important data on it. Yes, using that idiotic Wordpress crap is exactly one of many problems I am going to immediately fix. Whoever is in charge can't even make that work! > Your primary goal should be to keep the bad guys off your computer in > every sense. And again...nothing new here. > > But if security is your concern, you want real hw you control in every > sense. > Which is exactly what my silly buzzwords was trying to get a point of view on. I already assumed that having sole physical control was essential. But questions not asked are never answered. > Unfortunately, if you have performance requirements, your choices are > AMD and Intel. Older Intel and AMD chips aren't getting any support to > deal with these problems, so your choices are incredibly old chips which > are probably not in the most reliable hardware, and a whole bunch of > other old, unreliable, and slow hardware platforms. But be realistic. > Your bosses will probably mandate a VM on someone else's hw, a wordpress > website, one box for everything, and that you give him the root password > which he'll e-mail to himself to keep it "secure". Your most likely > breach points will be an easily guessed password (usually, a manager's), > a bug in a web content management system, or someone believing that > "secure e-mail" is a thing. In other words, Same Old Shit. It probably > won't be breached by a Spectre or Meltdown-like attack. But it MIGHT > be. Obsessing about them is generally missing the real day-to-day risks. > Does no one at all use OpenBSD for anything but making money or looking cool? Does no one at all do any kind of work for charity? Is there some virus going around that makes everyone so hostile? Why assume that I have some idiotic boss that wants to fuck things up? Did it ever occur to you that I might be doing this work for free? Did it ever occur to you that the organization might be doing major disaster relief from all of the recent hurricanes devastating the Southern US. That they might be helping to protect first responders doing wellness checks on homes? That they might be stopping homes and businesses from being looted? That the primary members of the organization are law enforcement, paramedics and veterans? But hey, if I can't fill up my bank account, I guess the usage of OpenBSD is discouraged.
