- Is LXC friendly with IDS/IPS and alike?
- If I place a webserver or a database in a container - what would be the implications in terms of set-up?
- Networking? How it would interact with iptables? iptables only on host, or it is possible to set-up separate iptables in each container?
- How logging is dealt with?
- Can system user sitting in the container escalate to root?
I am looking for a solution to further harden the set of VPSs for a web site/app.
Is LXC a good fit for that? Or smth else might be a better fit?
thank you
P.S.: my CFO experience can not help me here :-(
- Is LXC friendly with IDS/IPS and alike?
- If I place a webserver or a database in a container - what would be the implications in terms of set-up?
- Networking? How it would interact with iptables? iptables only on host, or it is possible to set-up separate iptables in each container?
- How logging is dealt with?
- Can system user sitting in the container escalate to root?
I am looking for a solution to further harden the set of VPSs for a web site/app.
Is LXC a good fit for that? Or smth else might be a better fit?
thank you
P.S.: my CFO experience can not help me here :-(