[Planetlab-users] unc.edu planetlab nodes
Marc E. Fiuczynski
mef at CS.Princeton.EDU
Thu Sep 13 22:40:59 EDT 2007
Hello Bil,
bil wrote:
> My feeling is that it would be better to have these machines open on
> the internet side and to cs.unc.edu than to have them behind an IDS or
> IPS system (which is the case now).
I am glad you are considering of moving away from this. From what I
recall, various experiments (specifically "all pairs ping") actually
caused your IDS system to fail as it couldn't track all of the
concurrent connections (from all other PlanetLab nodes) that were being
made to our PlanetLab nodes. As mentioned by others, it is best to put
the machines outside of any firewall, yet configure it such that
machines inside *.unc.edu can connect to the machines.
> Also, if any out there has had similar conversations with university
> security personnel, I'd appreciate hearing what the outcome was.
We put something together in collaboration with security personnel in
the UK. Let me see if I can dig this up and send to you
Marc
More information about the Users
mailing list