start page | rating of books | rating of authors | reviews | copyrights
Book HomeBuilding Internet FirewallsSearch this book
PreviousNext

10.4. Choosing a Physical Location

The bastion host needs to be in a location that is physically secure.[22] There are two reasons for this:

[22]Practical UNIX & Internet Security by Simson Garfinkel and Gene Spafford (second edition, O'Reilly & Associates, 1996) contains an excellent and extensive discussion of physical security.

  • It is impossible to adequately secure a machine against an attacker who has physical access to it; there are too many ways the attacker can compromise it.

  • The bastion host provides much of the actual functionality of your Internet connection, and if it is lost, damaged, or stolen, your site may effectively be disconnected. You will certainly lose access to at least some services.

Never underestimate the power of human stupidity. Even if you don't believe that it's worth anyone's time and trouble to get physical access to the machine in order to break into it, secure it to prevent well-meaning people within your organization from inadvertently making it insecure or nonfunctional.

Your bastion hosts should be in a locked room, with adequate air conditioning and ventilation. If you provide uninterruptible power for your Internet connection, be sure to provide it for all critical bastion hosts as well.

PreviousHomeNext
10.3. Choosing a MachineBook Index10.5. Locating Bastion Hosts on the Network
Library Navigation Links

Copyright © 2002 O'Reilly & Associates. All rights reserved.