Re: Bridging firewall
On Fri, 07 Sep 2001, Matthew Kopishke wrote:
> Now the real question is about software. What should go (like telnet, ftp, nfs etc), and
> what should stay or be added (eg ssh). Also has anyone played with spinning
> down hard drives with hdparm? Seems to me if we're not using it we might as
> well spin it down and not wear it out.
Depends on how you control access to the machine. If implemented correctly
it shouldn't show up on the outside or the inside.
What I like to do is keep my access limited to one host or rather via
console directly. Then always use encyped connections. All services should
be for internal use. And you might want to consider a journaling filesystem
such as ext3, reiser, xfs. I am currently running xfs without any trouble.
Then you might want to do something about logfiles. I currently use msyslogd
to watermark my syslogs. Of course I keep the key on a different media(floppy).
Hope to have shown you some ideas.
Spindowns have never worked for me and could do more harm then profit.