> > Not sure I understand the whole hierarchy and flatness analogy, I'm very > new to all of this, but what do I tell those who claim that this leaking of > the IP poses a security risk and that they therefore should go with FreeBSD > jails instead? >
Use a VM if you need to win over "checkboxing security" And refine the risk strategies, since the above conversation seem to be centered around the concept of a hacker that 1. Someone successfully attacks your site over the internet, using your outward facing IP A.A.A.A 2. Manages to run code on your webserver 3. May or may not divinate your internal IP B.B.B.B from that code. 4. The communicates information back to a server of their choice, perhaps using a third (external) ip C.C.C.C or not If you think #3 is the only important part, in a scenario where point 1,2 and 4 allows for full communication using the cirtcuit created using A.A.A.A and C.C.C.C and full code execution inside your environment, then you are not doing a very good job at risk assessment. -- May the most significant bit of your life be positive.
