[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Future of the s390 port

Martin Grimm <extern.martin.grimm@zivit.de> writes:

> I'm aware of popcon and as much as I'd appreciate it to see our systems
> counted there this will not happen because these are mainly production
> systems behind firewalls or in internal networks with no internet access
> and I've generally a bad feeling when thinking of software that's
> talking to outside systems when there is sensitive data on my server ;-)

We're in a similar situation, although not with s390.  In specific, our
information security office (rightfully) considers the relationship
between system and list of installed packages to be confidential data
because of the potential use of such data in determining which systems to
attack following a publicly announced vulnerability.  I can therefore only
report popcon results for a handful of personal and test systems, rather
than ~300 production servers.

Is there an easy way (read: the software already exists and I can just
install it) for all of the systems to report to an internal proxy that
then resubmits the data so that no one else can know where it's coming
from exactly other than from our servers somewhere?

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: