Re: Firewall security and a RAID question
Hello, Viktor,
> 1) I plan to install a small home LAN, so all machines can access the
> internet via dial up. The obvious solution is, of course, IP
> masquarading. The server that acts as a router will also serve as a NIS
> and NFS server and possibly local mail and DNS server. Is it save with
> IP chains to have all those services running on the same machine or
> should the firewall be on a different machine, which is not very
> desired, but possible, nonetheless?
As long as you keep up-to-date on security issues with these services,
you'll be fine. I haven't used NIS, but I'd TCP wrapper everything so
that you only allow connects from your private IP addresses. That will
probably solve most, if not all, of your problems. You should be safe in
that case.
> 2) I have one 1034MB hard disk and one 1030MB harddisk. I thought that
> instead of selling them for 50 DM, I could use RAID to safetify my home
> directory. Is it possible to use RAID on disks that have different
> sizes? Losing the 4MB on the one disk won't matter, I can live with
> that :) Also which RAID (0, 1, 5?) is the one I want to use? The
> disks are SCSI disks and the controller is an old Adaptec 1542CF.
You want to use RAID 0 or RAID 1. RAID 5 needs a minimum of three
disks. Now to decide between the other two, you must know if you'd rather
have the extra space or reliability. RAID 0 is simple striping with no
parity, so if one of the disks goes bad, you lose your data. Period. On
the upside, you get faster I/O, and a bigger device (RAID 0 sees the two
disks as one).
With RAID 1, one disk is a mirror of the other. Thus, you don't get any
more space than you have on one drive, but if one drive fails, you still
have your data. Disk reads are also faster with RAID 1 (you have 2 drived
seeking for the data), but writes are slower (all data must be written
twice).
There's a good paper on RAID at Dell's web site:
http://www.dell.com/us/en/biz/topics/vectors_1999-raid.htm
-Matt Stegman
<mas9483@cis.ksu.edu>
Reply to: