----- "Jim Lux" <[EMAIL PROTECTED]> wrote: > But how many viruses actually corrupt exe's produced by the > development tool chain?
Exe infectors are not unknown. A recent (though fairly tame) example - "W32.Tvido.B!inf is a virus that infects executable files on all drives on the compromised computer." Nobody is immune to these things, the VMAGIC proof of concept UNIX virus was a COFF executable infector. :-) > And, again, assuming they do have some evil program (either > inadvertently via virus infestation or explicitly, because > the user is a bad guy)... what's the damage? The main payloads these days seem to have gone from destructive through to covert. > Sure.. you let your cluster issue outbound network > traffic to the big wide internet? Unfortunately we have had to, it has become impossible to deny our users this these days with requirements to hit offsite databases & data stores. We have 676 registered users at the moment, and virtually all of those are staff at our member universities.. > This is probably harder to actually allow than to > prevent. Most clusters have a "totally inside the > cluster" network that's only implicitly bridged to > the outside world through the headnode. Yeah, we DNAT outbound through our management nodes. > Sure, and those researchers have to live with the consequences if they > screw up the system. But, also, recall the general model we were > discussing.. smallish cluster to support some commercial application > (say, a computationally intensive FEM code). In this scenario, the > cluster is basically sort of a "network attached appliance". Ahh, but that's not what I'm talking about, I'm talking about academic deployments of general research HPC clusters where random researchers from that Uni (or external collaborators) login and run code on it. A very different threat environment. cheers, Chris -- Christopher Samuel - (03) 9925 4751 - Systems Manager The Victorian Partnership for Advanced Computing P.O. Box 201, Carlton South, VIC 3053, Australia VPAC is a not-for-profit Registered Research Agency _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
