[lug] Suggested Colo's in Boulder, managed hosting?

[Bear Giles]

Evelyn Mitchell wrote:
> Even with rackmount hardware, physical access can override most security.

Of course anyone with unlimited physical access can get into the 
box.  So what - they can't get in *undetected*, and if you have 
information on the box that you're really concerned about you'll 
have a contract with penalty clauses for such access.  They, in 
turn, will probably insist that you use one of their secured 
rooms, not the general racks.

If you don't care so much about it, you just reinstall the system 
from original media and any rootkit is history.

As for being undetected, I don't care how hot you are at covering 
your tracks in the various log files, you can't do anything about 
information that disappeared down a rabbit hole when you powered 
down the system to move it, or when it shut itself off when the 
case was opened.

> Is anyone watching the video stream? If a tech was working at the rack next
> to yours, fully authorized, and tampered with your box when the colo space
> tech was in the bathroom, would anyone know?

If you have a heartbeat that shows something funny happened at 
that same time, it really doesn't matter what the tech seemed to 
be doing as long as it clearly shows that nobody else was in a 
position to tamper with the box.

Bear