no 'commodity' OS is 'secure' Re: [Beowulf] Which distro for the cluster?
csamuel at vpac.org
Wed Jan 10 19:53:56 PST 2007
On Thursday 11 January 2007 01:21, Andrew Piskorski wrote:
> It sounds suspiciously like decision making driven by what the rules and
> paperwork says you're supposed to do
I knew an organisation (not this one) that had the rule that every system had
to run a full virus scan once a day.
The security folks insisted that this rule applied to their new Linux/AIX
cluster and so they dutifully paid for a commercial Linux A/V package and set
up cron to scan the user and project data (mounted from an AIX box) once a
Only problem was once they had more than a trivial amount of data it took more
than 24 hours for the scan to run, so the first one was still running when
the second one was kicked off by cron. This slowed both of them down, so the
first one still hadn't finished by the next day, which slowed all 3 of them
down further, so the next day.. well, you get the picture.
I gave them a hand with this tricky problem and eventually they managed to
persuade their higher ups that they could get away with running ClamAV on the
NFS server (as there was no commercial AV for AIX, unsurprisingly) and the
problems went away.
Christopher Samuel - (03)9925 4751 - VPAC Deputy Systems Manager
Victorian Partnership for Advanced Computing http://www.vpac.org/
Bldg 91, 110 Victoria Street, Carlton South, VIC 3053, Australia
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the Beowulf