S2E13: "This Server Ain't Big Enough for the Two of Us"
Posted
Modified
Comments
0
| Previous Episode | Next Episode |
|---|---|
| S2E12: "Virtual Insanity" | S2E14: "Short-Term Memory" |
| Recorded (UTC) | Aired (UTC) | Editor |
|---|---|---|
| 2017-08-02 02:34:00 | 2017-08-12 17:28:19 | "Edita" |
| Format | SHA256 | GPG | Audio File |
|---|---|---|---|
| MP3 | d73ff9ba41562adcdaf28f5510f705ed2f2f1e5200f15f083979fe5c7d8f4f62 | click | click | OGG | fe9f7e6877f16a0feaee4104f2d7562d507e8b48813cbd502718a54c524ee732 | click | click |
We talk about when it’s appropriate to use segregated services/different servers per service or to use consolidated services.
News
- DEF CON had some exploratory hacking at voting machines
- HBO reports that it had 15TB of data leaked
- Russia was discussing banning VPNs (however, the ban was not actually approved)
- A developer (or “mechanic”) for the Citadel malware has been tried and incarcerated
- BKKBudapest has inspired the ire of the Intarwebz because they pursued legal action against someone who reported a vulnerability to them
- The FCC says it has no “documentation” of a DDoS
- In some cases, it may be possible to provide a malware point of entry on GNU/Linux via Badtaste (protip: if you’re on *nix, you don’t need .msi files)
- FOSSCON 2017 is coming! Be sure to register (it’s free!)
- I’ll be giving a talk on podcasting and giving a workshop on BDisk
- Paden will be doing an installfest (and a keysigning party, but that’s not officially on the schedule it seems)
Notes
Starts at 19m53s.
I was drinking water. Paden was drinking water. Jthan was drinking Left Hand’s Oktoberfest Märzen Lager.
- When should you segregate/isolate services to their own server or combining services into one server?
- Some key questions: What services might need to share information? What services would work better together on a localhost? Where would it make sense from a security standpoint to share a local socket (e.g. “UNIX socket”) instead of a network socket?
- Jthan specifically had questions about whether it was better to use a separate DB server from the webservers or keep the DB on the same box as the webserver
- I mention that virtualization (see S2E12) is a good compromise between the two.
- DEFINITELY isolate onto separate physical boxes when 1.) virtual limits, etc. aren’t enough for what you need and the box is maxed out (assuming you’re using virtualization), and 2.) high-risk security concerns (i.e. airgapping)
Sysbadministration Award
In this segment, we highlight system administration mistakes. Think of them as the IT equivalent of the Darwin Awards. (38m30s)
GitHub, the monolith souce code hosting service “too big to fail”, tanked for an hour and had a huge effect on individuals and businesses everywhere.
Errata
- I mention my personal git repositories (and my GitHub mirrors)
Music
| Track | Title | Artist | Link | Copyright/License |
|---|---|---|---|---|
| Intro | Lightbull | Monplaisir | click | CC0 1.0 | Outro | lights off | boiled wool | click | CC-BY 4.0 |
Author
r00t^2
Categories
Season Two
Comments
There are currently no comments on this article.
Comment...