...additionally,
Quote:
Originally Posted by anonb
Are there any vulnerabilities in having One server provide syslog and dns services?
|
did you perchance meant to say "risks" instead of "vulnerabilities"? Doug McIlroy back then explained Unix philosophy saying "write programs that do one thing and do it well" and this applies to service isolation as well. Usually one requires a syslog server for particular reasons and here confidentiality, integrity and availability have a different meaning (and result) compared to a public name server. Simply put using single purpose machines allows you to focus on securing and strengthening the server for its task.