This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] Anchor VM security
- Previous message (by thread): [atlas] Anchor VM security
- Next message (by thread): [atlas] Letsencrypt certificates on anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Robert Kisteleki
robert at ripe.net
Thu Dec 12 13:27:05 CET 2019
On 2019-12-10 21:52, Rami Al-Dalky wrote: > Hi, > > If someone is planning to host a VM anchor, what are the security > measures that RIPE Atlas can provide? For example, protecting the VM > from being compromised by an attacker. > > Any information about this is highly appreciated because the plan is > host several anchors. > > Thanks, > Rami Hello, There's no single best answer to this question. The operations team behind anchors are keeping the machinery updated with all the latest patches, just like you'd do with any Internet-connected server. We consider it very important when we manage these machines. They also provide very limited services (e.g. DNS and HTTP(S)). On the other hand the very reason for installing an anchor is to make it reachable (be measured) and to reach other hosts (to measure) so forms of firewalling are counterproductive to the purpose. When in doubt, we recommend placing these "just outside your firewall". Regards, Robert
- Previous message (by thread): [atlas] Anchor VM security
- Next message (by thread): [atlas] Letsencrypt certificates on anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]