Go Down

Topic: OT: just ordered a hard-drive for my 1U server (Read 5013 times) previous topic - next topic

travis_farmer

#15
Feb 25, 2017, 02:45 pm Last Edit: Feb 25, 2017, 02:46 pm by travis_farmer
what the heck is a private topic?



~Travis
Current Obsession: My server rack cooler, and my CNC Router
Check out my website, i have my own under-used forum on my hobby server.

msssltd

if i don't download it, are you saying i should write Linux code from scratch?
He's saying he recompiles the kernel with his own set of flags.  'Special Sauce' not 'Special Source' 

Sometimes the recompile is worth the effort but a lot of times, it's just the same old, obfuscating, prima-donna, donkey crap.  Security is one thing but inbuilt dependency on self appointed 'gurus' who can't work effectively in a team can end up being a much greater financial risk.

Quote
i don't really have that much time on my hands. besides, it is just a hobby server. i am still not entirely sure if i want to open it up fully to the public, or or not. i may just let only a select few people to be able to access it.
You don't really have a choice.  Once your server can be reached from the internet it will get probed and it will get attacked.  Exploiting web applications is often the means by which a server gets pwned. 

At the end of the day, there is only so much you can do.  Google, Amazon, Microsoft, Apple, Sony, have 1000s of the best engineers on the planet working for them, with near to an unlimited budget, and even they can not keep the hackers out entirely.

Quote
it's not like i will be running a corporate hosting service. just a personal website, with a hobby forum (if for no other reason than just because i can). other features may arrive in the future, but network port 80 is likely to be the extent of it.
The most valuable commodity for a hacker is free bandwidth and they find lots of it laying unprotected on 'unlimited' residential broad band accounts.  You need to take some care to reduce the attack surfaces, keep a regular check on the logs and set up some alerts for any unusual network activity.  Best advice is to not put any data on the server that you are not prepared to share or lose.

And, don't let any prima-donna guru put you off trying.


AWOL

#17
Feb 26, 2017, 08:50 pm Last Edit: Feb 26, 2017, 08:51 pm by AWOL
what the heck is a private topic?



~Travis
It's stuff that @dally has deleted (maybe because s/he is embarrassed by them), and got moved to the recycle bin.
I can retrieve them if you wish.
"Pete, it's a fool looks for logic in the chambers of the human heart." Ulysses Everett McGill.
Do not send technical questions via personal messaging - they will be ignored.
I speak for myself, not Arduino.

AWOL

#18
Feb 26, 2017, 08:54 pm Last Edit: Feb 26, 2017, 09:08 pm by AWOL
I want to see you removed from mod

You and me both.

You're absolutely right - I am annoying.

Quote
We all, in the Italian section
If only your (and your sock-puppet's) ravings were confined to the Italian section . . .
"Pete, it's a fool looks for logic in the chambers of the human heart." Ulysses Everett McGill.
Do not send technical questions via personal messaging - they will be ignored.
I speak for myself, not Arduino.

AWOL

#19
Feb 26, 2017, 09:18 pm Last Edit: Feb 26, 2017, 09:20 pm by AWOL
Quote
We have noted that a lot of posts have been removed because you don't like pictures of women.
So you work much with schools? Know how hard it is to get sites white-listed on school IT systems?
Do you know how hard it is to make this hobby, and STEM topics in general, wholly inclusive, when women are objectified by a significant section?
When your only defence to a picture of a young woman in a fishnet wife-beater and bikini bottom is "you see the same on Facebook"?

No, of course you don't. You keep proving it.
You're a short-sighted, sexist idiot.

Quote
Oh, you have also removed the picture of a very long white train
Nope. Don't be (more) stupid.
"Pete, it's a fool looks for logic in the chambers of the human heart." Ulysses Everett McGill.
Do not send technical questions via personal messaging - they will be ignored.
I speak for myself, not Arduino.

dally

#20
Feb 26, 2017, 09:31 pm Last Edit: Feb 27, 2017, 12:16 pm by dally
reported to the admin

AWOL

"Pete, it's a fool looks for logic in the chambers of the human heart." Ulysses Everett McGill.
Do not send technical questions via personal messaging - they will be ignored.
I speak for myself, not Arduino.

Chagrin

...and then back on topic...

Don't disregard the various "Pi"s for a server. They have plenty of power for a server, you can attach gobs of storage via USB (or SATA for some models), and most importantly they use very little electricity. Personally I made the switch last summer simply because my server was making my room too hot.

travis_farmer

...and then back on topic...

Don't disregard the various "Pi"s for a server. They have plenty of power for a server, you can attach gobs of storage via USB (or SATA for some models), and most importantly they use very little electricity. Personally I made the switch last summer simply because my server was making my room too hot.
:o you spoke the "P" word, in this forum!  :o

but seriously... ok, that derailed my train of thought... nope, it's gone...

:D

~Travis
Current Obsession: My server rack cooler, and my CNC Router
Check out my website, i have my own under-used forum on my hobby server.

msssltd

Wrong! Don't speak for me!

I had answered with tecnical details, and then I removed my posts, so you can completely ignore what I was trying to say.
Three things;
1. You have (unwittingly) inferred that you _do_not_ recompile the kernel - For my answer to be wrong you must categorically 'not do' what I said you do.
2. When someone deletes their own posts they force the audience (me) to presume the content in order to maintain context.  If you do not like that, tuff [sp]; such is the consequence of your own behaviour.
3. You seem to think you are entitled to some control over what I say and what I think.  You are not.  The moderators on the other hand are; as we all consented to be subject to moderation when we accepted the forum terms of service.

Quote
Nobody wants to stop you.
You want to stop me.  You said as much.  I guess you just can not admit responsibility for yourself.  You are going to be that person who, when they get things wrong and can not hide it, looks around and tries to blame someone, anyone, everyone else.

My answer may well have been incomplete.  To say you recompile the kernel does not discount any of the other things you allude to doing.  In the context of Travis' question, do you write your own kernel source?  My answer appears to be perfectly adequate.  To say, as you have done, I am wrong for having not said what I did not say, is both rude and demonstrates an expectation so logically twisted it provides reason for me to distrust you. [1]  

"Hardening" is (in fact) a catch all term; covering everything from simply removing unused user accounts, to locking the system in a bunker physically shielded from electro magnetic interference, with any number of measures in between.  In the context of the question being asked, is it hard to set up a server [for home or small business], I see no point in discussing the pros and cons of custom compilation.  It's like confusing someone with van der Waals while they are trying to grasp Boyle's Law.

Making it difficult for the sake of making it difficult, yes, that does irritate me.  


[1] I am struggling to reconcile your dislike of moderators, passion for smutty avatars and disregard for context, with someone who does, "serious business professionally around servers."  Rightly or wrongly the more you say the more you sound to me like some wannabe in a bedroom.

msssltd

...and then back on topic...

Don't disregard the various "Pi"s for a server.
That's the plan for my DC monitoring upgrade.  Model III Pi running probes against the production boxes with mrtg/rrdtool rolling up the reports on a web page.  

The I/O on the production boxes is a bit more than I would want to trust to a Pi ;)


travis_farmer

i have been researching Snort IPS. i used it in the past, though i am sure it has changed since then (it used to be just a IDS). anybody use it? is it still relevant?

~Travis
Current Obsession: My server rack cooler, and my CNC Router
Check out my website, i have my own under-used forum on my hobby server.

Chagrin

i have been researching Snort IPS. i used it in the past, though i am sure it has changed since then (it used to be just a IDS). anybody use it? is it still relevant?

~Travis
Snort has its uses but there's a lot of time involved in implementing it -- not just in cleaning up rulesets but also integrating it with a firewall so that it's useful. A better place to start would be to install Nessus and use it to run scans against your network.

travis_farmer

Man, i must admit, my Linux skills are rusty  :o

I borrowed a hard drive from an unused 4-channel security camera DVR and installed Linux onto it. I am sure i will have to do a custom re-install, as the out-of-the-box general install is a little limp on packages. yes, i could manually install the packages i want, but rather than having to chase dependencies, i will let the software do it. besides, it is just a test install anyway.

but it has been a long time since i have used Linux. I am slowly remembering the console commands. I have a book kicking around somewhere... a Linux Bible, of sorts.

much to re-learn, to run my little hobby server...
but to learn is to live. if you're not learning, then you're not living.

~Travis
Current Obsession: My server rack cooler, and my CNC Router
Check out my website, i have my own under-used forum on my hobby server.

Chagrin

I am sure i will have to do a custom re-install, as the out-of-the-box general install is a little limp on packages. yes, i could manually install the packages i want, but rather than having to chase dependencies, i will let the software do it.
Geez, you are rusty. On RPM-based distributions you just need to "yum search something" to find the name of the package, then "yum install something" to install it. It works out all the dependencies for you.

I'm sure there's also some kind of GUI thingy too, if you're into that sort of thing.

Go Up