Home page logo
/

basics logo Security Basics mailing list archives

Re: RAID 5 drive replacement schedule
From: Adriel Desautels <adriel () netragard com>
Date: Fri, 20 Jun 2008 16:21:58 -0400

Mike,
First off, there are multiple "security pyramids", each of them different, most of them created for marketing, sales, etc. So CYA, TESSM, and so on don't hold much water in my opinion.

With that aside, I'm open to being educated but I still disagree that creating a drive replacement schedule requires any security expertise. As such I do not see the subject as being a security topic. There are certainly aspects of security that can be impacted by the act of changing the drives, I won't argue that. So...

What does creating a drive replacement schedule have to do with security? Educate me.


Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Mike Hale wrote:
Philippe is actually correct.

CIA forms the security pyramid.

Confidentiality.
Integrity.
Availability.

That's the three components of data in a secure system.  Most
companies can only afford to focus on one of those aspects, but if you
ignore the others, you don't have a secure system.

On 6/20/08, Adriel Desautels <adriel () netragard com> wrote:
Philippe,
       I disagree with you and I think that the definition of security that
you provided is partial, but thats just my opinion. Availability is a vague
term that can, but does not always have a role in security. Determining what
the proper schedule is for a drive replacement policy is something that can
be done by IT without the security team. Deciding how to dispose of the
drives on the other hand is security.


Regards,
       Adriel T. Desautels
       Chief Technology Officer
       Netragard, LLC.
       Office : 617-934-0269
       Mobile : 617-633-3821
       http://www.linkedin.com/pub/1/118/a45

       Join the Netragard, LLC. Linked In Group:
       http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Rivest, Philippe wrote:
Adriel & Murda

It is a security issue the way you store your data. In regards to the raid
technologies, raid 5 improves the availability of the data by making sure
that a single drive failed will not impact the availability of the data.
Remember that security is 1- Confidentiality
2- Availability
3- Integrity

The main goal of a Raid 5 is to help #2. You are referring to the disposal
of
the HD which is the issue of confidentiality and that is not what Murda
was
aiming at. If it is, go for encryption, degaussing, destruction and just
plain format (if the data is not confidential).

As I explained to him offline, the MTTF and MTBF is about the same for 2
HD
bought/constructed at about the same time. How ever, those are not
absolute
numbers that state that, if one drive fails the other one is about to go
too.
It's more an estimated value against which you should have some
confidence/hope, your drive should not fail before X hours (it could go
before but the average is X).

In a raid 5, Drive A, B and C are online and working (they are the same
drive
bought at the same time). Drive A fails, you should NOT change drive B & C
unless they are failing also. If you do, the cost of your raid 5 will be
greater then what it should be (the replacing of the parts are going to
cost
a lot). Change drive A and hope drives B & C will last longer.


The only issue is that 2 drives fail at the same time, which is very
improbable. And if it does, you should be going for your back ups.


I do hope this clarified the questions and that I wasn't to unclear with
my
details!

Merci / Thanks
Philippe Rivest, CEH
Vérificateur interne en sécurité de l'information
Courriel: Privest () transforce ca
Téléphone: (514) 331-4417
www.transforce.ca


-----Message d'origine-----
De : listbounce () securityfocus com [mailto:listbounce () securityfocus com] De
la
part de Adriel Desautels
Envoyé : 20 juin 2008 11:27
À : Murda Mcloud
Cc : security-basics () securityfocus com
Objet : Re: RAID 5 drive replacement schedule

Murda,
       The real answer to your question is that it is very, very
improbable that all of the drives in the array will fail at the same time.
Most drives are good for a certain period of years, after which point you
are getting "extra time".
       That is not a security issue though. That is an IT related issue.
The
security issue comes into play when you dispose of your drives. Do you
shred them, just throw them in the dumpster, how do you dispose of them?

Regards,
       Adriel T. Desautels
       Chief Technology Officer
       Netragard, LLC.
       Office : 617-934-0269
       Mobile : 617-633-3821
       http://www.linkedin.com/pub/1/118/a45

       Join the Netragard, LLC. Linked In Group:
       http://www.linkedin.com/e/gis/48683/0B98E1705142


---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Murda Mcloud wrote:

In my mind, this a security related question as it has to do with
ensuring
availability.

Does anyone have links towards any whitepapers etc that suggest
replacement
of disks in a RAID 5 array as part of a maintenance cycle?

If all the drives in an array are the same age and one fails; does this

mean

the others are more likely to fail. I'd imagine so as they have had the

same

amount of usage.










  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault