Firewall Wizards mailing list archives
Re: Query on OS hardening
From: John Adams <jna () retina net>
Date: Thu, 20 Feb 2003 04:21:52 -0800 (PST)
On Thu, 20 Feb 2003, Carson Gaspar wrote:
Ah yes... and how much CPU do you have to spare for SSH session setup (on both the systemn being monitored and your monitoring server)? And how often do you want to collect the data? Doing this correctly requires something better than: result="`ssh server-to-monitor test-script`" At least, it does if you want it to scale.
Enh, don't knock this approach. We had 9700 machines on (an unnamed large Internet Search company's) Search Cluster running this sort of a solution plus some custom code to fork multiple ssh processes when things needed to get done quickly. I've also used similar solutions with Orca (for collection of host statistics) and RRDTool. You need to determine how many hosts you really want to support, and then how many machines you'll be connecting to. The SSH connection and startup expense is far outweighed by the advantages you receive -- encrypted connections, non-repudiation, and control over the connection. -john -- J. Adams http://www.retina.net/~jna The secret of knowing where you are, is knowing what time it is. -- Anonymous _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Query on OS hardening Tim Chettle (Feb 14)
- Re: Query on OS hardening m p (Feb 17)
- Re: Query on OS hardening Volker Tanger (Feb 17)
- Re: Query on OS hardening Carson Gaspar (Feb 20)
- Re: Query on OS hardening John Adams (Feb 20)
- Re: Query on OS hardening Volker Tanger (Feb 20)
- Re: Query on OS hardening Volker Tanger (Feb 17)
- Re: Query on OS hardening m p (Feb 17)