Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] .OZ admin bowing out...

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] .OZ admin bowing out...

Chronological Thread 
  • From: Mario Rodriguez <admin AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] .OZ admin bowing out...
  • Date: Thu, 01 May 2014 11:55:33 -0500

Hi Simon:

Totally agree with you..., security is the main reason for (as I remark) "...root access is not an option..."
And when i mean "...audited by other T1 operator..." I ment he/she can interact with the server sending DNS requests to check responses, performance and security and I will give all the necessary feedback and config and/or log file parts needed by test requests...

I will not give access to the server neither as user or root.

On 01/05/2014 11:45 a.m., Simon wrote:
On 05/01/14 16:49, Mario Rodriguez wrote:

About gp AT concerns
The server is not dedicated to opennic activities only, so, root access
is not an option. But, I'm open to be audited by other T1 operator, If
any of you have any suggestion about how to accomplish this i will
As presumably experienced sysadmins, would you really give root access
to your boxes to someone else who you only know online?

Generally, root should be protected. Surely, in terms of safeguarding
the OpenNIC infrastructure, everything that could be done with root
access can be achieved another way without accessing the server at all.
People (or their personal password store) can be compromised just as
systems can and a compromised person with root access to your systems is
arguably more of a risk than the risk you're trying to prevent.


You are a member of the OpenNIC Discuss list. 
You may unsubscribe by emailing discuss-unsubscribe AT

Archive powered by MHonArc 2.6.19.

Top of Page