Ben Donohue <donoh...@icafe.com.au> writes:
> just a question... I'm looking at the possibility of consolidating some
> servers for a client.
>
> If an internal box with DNS and squid were combined, would this be a security
> risk... as in risky way above normal?
No.
> How about a DNS, squid and web server with multiple name based virtual domains
> on the same box?
No.
> Is doing the above really dangerous on a fully patched and up to date
> system?
Yes, because you have world-facing services, which is really dangerous.
However, it is kind of unavoidable; in this case your biggest risk is going to
be the web server, which if it hosts any sort of dynamic content is going to
run the risk of compromise.
The DNS and Squid servers are basically irrelevant here, and putting them on
the same systems is unlikely to increase your practical risk.
> Any advice please?
Do a proper risk assessment, and then work out if putting those on the same
system meets your acceptable risk/value trade-off or not, as a business.
Regards,
Daniel
No, seriously, even if it was more risky running them on the same machine, it
might be worth $4,000 a month to the business in rack space and power to
consolidate them, and so worth doing anyway.
--
✣ Daniel Pittman ✉ dan...@rimspace.net ☎ +61 401 155 707
♽ made with 100 percent post-consumer electrons
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
