Not necessarily, but you have to ask yourself if you have the knowledge and experience to properly 'isolate' your VPS for now and in the future. Which I'm not seeing people do. They look at VPS as a deal and leave the decision to that. Then also if you are doing this for a client of yours. Do they understand the responsibilities for the developer and hoster? If the VPS has issues, who do they call? When the developer leaves the picture, who assumes responsibility? There's a lot to consider. The main point is that each choice does indeed have an impact and issues that need to be laid out clearly.
John Mason [EMAIL PROTECTED] -----Original Message----- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Sunday, September 23, 2007 4:42 PM To: CF-Talk Subject: RE: Shared Hosting vs VPS > > > > Others having access to *their* VPS does not add to the security > > > > concerns of *your* VPS. > > > > > > I can't agree with that. There several things to be consider here. > > > How the network is setup, etc. But to say there's no impact is > > > clearly wrong. > > > > Jochem wrote that there's no impact with regard to security, and > > he's clearly right by any meaningful measurement. Having > > administrative access to one isolated server doesn't gain you any > > access to a separate isolated server, whether the two servers are > > physical or virtual. > > Naturally you wouldn't have access to another isolated box but no > impact? None? That's amazing. Yes, you're missing something. We're talking about two isolated servers on a network assumed to be hostile. My having administrative rights on the first server has nothing to do with the security of the second server. > So I could have a VPS box inside (for example, TJ Maxx's > network) and the theory is there would be no impact or security > concerns for either party? Maybe I'm missing something your saying > here, but that doesn't seem right. That's a bad analogy. If TJ Maxx provided a hosting service, and we were both customers, their granting me administrative access on my server would have no effect on the security of your server. You are aware that hosting companies provide administrative access to dedicated servers all the time, right? In your opinion, is this a bad thing? Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:289248 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
