From: Bruce S. <bw...@ar...> - 2003-08-29 20:08:57
|
> > If you're not going to get rid of the CD drive, then it doesn't gain > > much over my idea to provide a default configuration right on the CD. > > (see thread from earlier this week) > > i like the idea of having a default config on the cd, but only if its > loaded after trying the floppy drive. After looking at the boot script, that's easiest way to code it. So, it will search floppy and USB before looking on the CD for a custom config. > > > Surely i'll buy an epiaM6000CL on this month and will start testing. > > > (epia site: www.viapsd.com, www.mini-itx.com) > > > > www.viapsd.com doesn't resolve for me. :-( > > from www.mini-itx.com there are some links to the via site... let me check... > > http://www.viamainboard.com/product/epia_m_spec.jsp?motherboardId=81 > > http://www.viaarena.com/?PageID=187 Very cool! > > My DL firewall/router would become totally dependent on a separate file > > server. If the file server went down, so would my DL firewall/router. > > thats true. on the other hand, you won't rely on a cd drive/cd disk, > neither on a floppy full of dust :) > (btw, i usually connect the main server and the dl firewall to the same UPS) I mainly like the idea of being able to take down or reboot my file servers without downing the internet connection too. That may not be an issue for you, or other people. At one time Heiko talked about moving the entire DL distro to a USB memory stick. That way DL would be entirely self contained on a PC with no moving parts (and more dependable than a CD/floppy setup). I haven't heard anything about it lately. What's the status of that idea? > > And there are the security issues. Typically a lot of people have > > access to a file server (probably a lot more people than have login > > access to the DL firewall). And the file server is running a lot more > > services than the DL box. This makes the file server easier to crack > > than DL. If the file server is compromised, then the attacker would > > then have the ability to modify the DL firewall configuration. Plus the > > NFS protocol is very insecure itself. Too scary for me! :-) > > i don't like thinking that my file server is easy to crack, but yes, > thats a point for you :) It boils down to how much you trust your local [file server] users. I'm sure that varies from place to place. I trust the users on my home network (my wife and myself) more than I trust my users at work. :-) - BS |