Computer name from remote file or a configuration server?

Started by networkloser, October 24, 2023, 10:06:58 PM

Previous topic - Next topic

networkloser

I am re-learning networking after graduation in IT via various books. One of them is Douglas Comer's internetworking with tcp ip book.

Here's the question

Would you prefer to use a computer that obtained its name from a remote file or from a configuration server? Why?

I don't understand the question properly. Can you help me with it?

deanwebb

From a configuration server, as that likely is done securely. Or, rather, it could be done *more* securely than from a remote text file. That remote text file could be altered by someone else and I not be aware of it as I provision my computer. But the configuration server potentially keeps that information securely, tracks changes, and requires secure connections for provisioning new computers.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.


icecream-guy

Quote from: deanwebb on October 26, 2023, 06:33:51 PMFrom a configuration server, as that likely is done securely. Or, rather, it could be done *more* securely than from a remote text file. That remote text file could be altered by someone else and I not be aware of it as I provision my computer. But the configuration server potentially keeps that information securely, tracks changes, and requires secure connections for provisioning new computers.

..and what if that configuration server is taken over by a bad actor?
:professorcat:

My Moral Fibers have been cut.

deanwebb

Quote from: icecream-guy on October 29, 2023, 01:19:57 PM
Quote from: deanwebb on October 26, 2023, 06:33:51 PMFrom a configuration server, as that likely is done securely. Or, rather, it could be done *more* securely than from a remote text file. That remote text file could be altered by someone else and I not be aware of it as I provision my computer. But the configuration server potentially keeps that information securely, tracks changes, and requires secure connections for provisioning new computers.

..and what if that configuration server is taken over by a bad actor?

It will likely be *after* the flat file is taken over by a bad actor.  :smug:

This is why security works best in layers and not "we have a tool that does that already, no need for another".
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.