The idea with bulding a security zone around boxes that have been compromised is nice. But the administration of such a thing would have to rely on some equipment that was capable of "mostly" automating or at least assist in condemning an area of servers or IP addresses.
The problem for a hosting company would likely be the wide variety of connections that had to go through a set of access lists, and it would not be a workable solution for a lot of places.
If it was possible to build a small gateway which could be put between the compromised hosts, or even stuck on the entire rack that had been compromised, then we'd be talking something that may be usable.
I would think a stand alone unit could do the trick, I'm thinking of a bridge type unit with access filtering ability. - It has to be small, quick to install, and most of all have remote capabaility as to allow the supporters to enable the access to the network/server/rack when contacted by the customer.
Since speed would not be the problem - the network is sort of taken offline anyway, I'd expect a small "pizza box" linux could theoretically do the trick.
Would be interesting to know how many pizza boxes one would need for a reasonably large hosting facility ... (add a few with real pizza to the guys installing the boxes though).
Those are some good points Oliver.
The idea with bulding a security zone around boxes that have been compromised is nice. But the administration of such a thing would have to rely on some equipment that was capable of "mostly" automating or at least assist in condemning an area of servers or IP addresses.
The problem for a hosting company would likely be the wide variety of connections that had to go through a set of access lists, and it would not be a workable solution for a lot of places.
If it was possible to build a small gateway which could be put between the compromised hosts, or even stuck on the entire rack that had been compromised, then we'd be talking something that may be usable.
I would think a stand alone unit could do the trick, I'm thinking of a bridge type unit with access filtering ability. - It has to be small, quick to install, and most of all have remote capabaility as to allow the supporters to enable the access to the network/server/rack when contacted by the customer.
Since speed would not be the problem - the network is sort of taken offline anyway, I'd expect a small "pizza box" linux could theoretically do the trick.
Would be interesting to know how many pizza boxes one would need for a reasonably large hosting facility ... (add a few with real pizza to the guys installing the boxes though).