Security Testing on Production Systems
List, This is a hot topic as of late where I work: Once a system has gone into 'production' should testing, specifically security, be done on it if the system could be broken by the test itself? What is your take on this issue and why? Thanks for any ideas and feedback. Rob. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Security Testing on Production Systems
On May 15, 2006, at 4:54 PM, TRODAT wrote: This is a hot topic as of late where I work: Once a system has gone into 'production' should testing, specifically security, be done on it if the system could be broken by the test itself? What is your take on this issue and why? Yes, although you should schedule possible intrusive or disruptive security/pentesting for an appropriate time where you can afford to recover from any problems which occur. Most systems which fail under testing have sufficient issues that they fail under some naturally-occurring load conditions. Backups are your friends. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Security Testing on Production Systems
On 5/15/06, Charles Swiger [EMAIL PROTECTED] wrote: On May 15, 2006, at 4:54 PM, TRODAT wrote: This is a hot topic as of late where I work: Once a system has gone into 'production' should testing, specifically security, be done on it if the system could be broken by the test itself? What is your take on this issue and why? Yes, although you should schedule possible intrusive or disruptive security/pentesting for an appropriate time where you can afford to recover from any problems which occur. Most systems which fail under testing have sufficient issues that they fail under some naturally-occurring load conditions. And even if you are not running the tests, there is a good chance somebody out there is. I'm sure you would much rather crash your system under controlled conditions than wait for some kiddie to do it for you. Backups are your friends. Your best friends. (but that @#$% mechanical arm on the tape library...) -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers-- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]