on Mon, Apr 22, 2002, hanasaki (hanasaki@hanaden.com) wrote: > Hi Karsten, > > Since you are so far beyound my experience in this, could you point > out a few of the good, and not so good, vendors and products for both > the Raid and the Drives? > > How do you feel about IDE(and which IDE standard? 100?133?some new one > I forget the name of:( ?) vs SCSI Raid (and which flavor of SCSI)? > > I can afford to be down for a day or two to rebuild an Array. The > data is relatively static and read only. Thus I will probably use a > couple of CDRW's on cron jobs. Better suggestions are welcome. Will > I run into a problem with ~150gig of Raid5 + 4 CDRW's? I don't think my experience is all that great. I've largely used single fixed drives until recently. I've had a nightmarish several months with several 3Ware cards breaking in delightfully unique ways, coupled with completely asinine support: we were denied a product _downgrade_ to a card known to work with our hardware, even though the price delta (which we weren't asking for) was several hundred dollars. We've spent far more time in configuration, overtime, downtime, and lost revenue hours, than the cost of the hardware. This for a small web services provider hosting several hundred domains. My personal strong preference is for SCSI disks. That would translate to SCSI arrays. IDE products offer a promise of similar performance at roughly half the cost of SCSI. When they work. My experience has been that the products _don't_ work. I'll also share an observation (this was going to be reported to BugTraq, but, well, you heard it here first). 3Ware's 3DM web-based monitoring tool provides the opportuninity for any arbitrary party to monitor, and reconfigure, your RAID array over an unsecured Web interface. The documentation mentions only that this interface is available to "localhost port 1080". What's not blindingly evident is that _any_ host capable of reaching port 1080 on a system running 3dm can access it. The utility's security options are slim and uneven at best. There's a password option (disabled by default), and no apparent security, SSL, or other features. Vendors shouldn't try to implement their own webservers. Fix: disable 3dm, or filter all non-localhost access. I notified the vendor of this issue well over a month ago. They acknowledged that sites should block access to the web service, but fail to document this fact or procedures for doing so. I'm sorry. What was the question? ;-) Peace. -- Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? ARM Computer: Customer Service Hell On Earth http://lists.svlug.org/pipermail/svlug/2001-November/038616.html
Attachment:
pgpY3gtD_th09.pgp
Description: PGP signature