| |
| |
| |
|
Page: 1 2 3 4 5 6
Comments:
<0> as a base cost, this will also change the cost/gigabyte and which drives makes sense
<1> fredk: these are just pure disk ratios intended to figure out at a glance what drive to get when I need another disk for diskbased backup ;)
<0> wlfshmn, ah :)
<0> wlfshmn, how much data *do* you have?=
<1> fredk: I can't get my fathers company to follow backup procedures and I'm not there to LART them, so I rsync to a local disk every night and archive weekly to a disk that once full gets placed on a shelf in my fathers house and I put in a new disk
<1> fredk: their data volume is ~35GB, but it compresses well (I store about 14-15GB/week)
<0> wlfshmn, not bad :)
<1> fredk: it works well, and it gives me a way to get rid of old harddrives ;)
<0> wlfshmn, i'm using this big raid array as a offsite backup
<1> fredk: I handed him a pile of small disks last time and kept the larger one ,)
<0> wlfshmn, clever boy :)
<1> fredk: doesn't matter to them, and no sense taking a brand new drive that is lightly used under two-three months and shelfing it for the rest of eternity.. that is practically rude to the disk ;)
<0> this can't be good
<0> http://pastebin.com/852001
<1> fredk: also, odds are that we will never have to refer to any of these disks, but it doesn't hurt to have them around, and paying 300$/year for the safety of not reusing drives is cheap
<1> fredk: it's the CD
<1> fredk: you can get stuff like that when it expects there to be a disk but there isn't for example
<0> wlfshmn, no, this is my harddrive (another serveR)
<1> really?
<0> yep, it's not ready and installed yet
<0> just freshly installed yesterday
<2> oooh... Seamonkey beta 1.1 is pretty... :)
<1> fredk: doesn't sound good then. check status with smartctl?
<0> on scsi?
<1> fredk: ah, well, works on sata atleast ;)
<0> let's see
<1> fredk: SCSI-3 devices shoudl be supported
<0> yeah, it seems to be actually
<1> fredk: always usefull ;)
<0> http://pastebin.com/852006
<1> not really sure what threshhold one should expect, but it seems to support self test, soI would let it do that ;)
<0> mmm
<1> atleast if the drive isn't in a live system ;)
<3> Which group should all Services data files be owned by? (If Services
<3> should not force files to be owned by a particular group, just press
<3> Return.)
<3> :!
<1> crap, I missed the bus.. guess I get to do my shopping tomorrow instead ;)
<0> lol
<0> taxi ! :)
<1> fredk: hell no, it will take them to long to get here anwyay ;)
<4> wheee.
<4> almost dinner time. bbiab
<5> damn I forgot my digital camera :P
<6> it's not rape if I say yes. :P
<1> hmm. do we know an indian named Vineeth?
<6> not unless OldMonk is using an alias
<7> hello
<4> that a good meal
<4> bah, and ofcourse now I get to do some dishes.. But that is something to postpone to "later" :)
<7> eh hello :)
<7> I have a little security question, I would like to hear the opinion of expert user... I have an ftp server installed on my server, configured to use only SSL for the control channel.
<7> It works fine, but it implies that I leave some ports open in the firewall for p***ive connections
<7> In your opinion - is it better use SFTP and leave those ports open for incoming traffic, or is better to use unencrypted FTP with ports being opened by the firewall dynamically
<5> I guess ftp has better control, and if I recall correctly sftp isn't chrooted by default
<4> indeed. You only need 2 ports for ftp unless you wish to use otherwise.
<5> either way concessions have to be made
<4> besides; its not an issue of using ssl or not to make it secure. Security isn't gained by using a few nifty features.
<4> You can use as much ssl as you want, but when the backend is misconfigured (say world r/w accessible logfiles) then it won't matter anyway.
<5> I prefer things to be chrooted, ftp can be chrooted easily
<8> why are world r/w logs bad?
<4> ayups. Still, I prefer that stuff to be virtualized since its not too hard to break out of a chroot.
<4> tybalt: think about that for a moment.
<5> is it not hard ? :)
<8> Is the key file in the log?
<5> virtualizaton is even better ofcourse, but breaking out of chroot isn't that simple :P
<4> tybalt: Well, if you're not going to use your brains then kindly do that some place else.
<4> Sunblade: hmm. google seems to disagree.
<9> it's hard enough for me to set things up around chroot on my server. and it's -my- server.
<8> I don't see how it could be an issue, though, because it's a log. is "confidential" information put into logs?
<9> i can't imagine someone breaking out of it.
<4> Sunblade: don't forget that chroot doesn't limit access to memory.
<7> I use proftpd, and switching from ftp to sftp with the mod_tls modules doesn't change anything about chrooted environment, but I have no experience with other ftp servers
<7> Thankfully, anyhow, I am the only user of the server
<7> and the only one using ftp
<5> Lion-O: we're heading to a different discussion :)
<4> tybalt: geez, you really are stupid.. When things go wrong then which is the first place you start looking?
<7> So my #1 pripority is that the p***word and username are encrypted
<4> Paltro: then why even use ftp instead of ssh ?
<7> Then I have a simple brute force detection script setup
<8> Is there some document you can point me to? I just don't know much about linux security.
<7> Because I hate to leave shell access accounts available on my server; since I have many vhosts, I prefer to have just one shell account on the whole server
<4> tybalt: this has nothing to do with linux security but with using some plain old common sense. What is the first thing you'd look at when something goes wrong?
<8> the logs
<5> I think the theme here is, keep your system secure as possible and chroot is a way to keep it more secure but not secure by definition
<9> the logs?
<9> you mean irc :)
<4> NineVolt: rofl
<8> well, granted that
<8> but that's if something is wrong, if it's working I don't care.
<4> Sunblade: very true.. Which is basicly the whole risk factor IMO; people clinging to certain features and gizmo's while thinking that its the impregnable wall of jericho :P
<7> that is why you should have multi layered security, with each layer independent from the other, when possible
<5> my decision between sftp or ftp (with ssl), would depend on what it is used for.
<7> for example Sunblade?
<5> well as I said earlier you have more bandwidth control with proftpd for example (besides many other neat features)
<7> Yes
<5> I only tend to use sftp for example for subversion
<7> yeah, I see
<5> you can lock something totally down, but sometimes that hinders the user to work normally, which depends for what purpose it is
<7> yes
<5> where did that rabbit go /me looks
<5> Lion-O: with virtualization do you mean user mode linus ?
<5> s/us/ux/
<4> Sunblade: actually, no :) I'm referring to some offtopic issues like Solaris containers and 'Branded zones' :) Still, I'd use Xen over usermode linux to be honost; due to the resources for example.
<5> Lion-O: ah, I still need to read up on those topics
<4> for what?
<4> I'm right here, no need to google me up :)
<4> Sunblade: you still with demon btw?
<5> Lion-O: nope, at home I am using Orange Family now
<10> hmm, was there a BSG last week?
<4> Sunblade: smart move. Left the sinking ship
<4> smsie: there was one yesterday on Dutch television but I really did not enjoy that :)
<5> Lion-O: I've never used Demon I used to have a Cistron connection which is now xs4all, I didn't know Demon was sinking though
<10> ah, a short midseason break I see
<10> next one on Jan 21
<10> Sunblade: demon have been getting steadily crapper for about 5 years
<4> Sunblade: Demon has been run over by KPN and parked at x$4all as well resulting in a quick subscription change. Half the speed or twice the price.
<4> demon.nl that is
<5> oh :(
<4> Sunblade: http://www.demon.nl/xs4all/index.html
<5> omg, xs4all is taking over everything :P
<4> Sunblade: well, actually kpn.
<5> oh kpn also has xs4all right
<4> Sunblade: I really don't like the whole development to be honost. Now they're even looking at tiscali, but that is under investigation
<5> Lion-O: you have Demon right ? switching provider now ?
<4> Sunblade: I'm currently very seriously looking around, yes. I'm not going wait untill the **** hits the fan. Right now I'm seriously considering 4-10/1 mbit adsl2 at tweakdsl.
<4> so basicly 10/1 mbit :P
<5> ah, static ip ?
<4> Sunblade: absolutely. That is a very important factor. Static ip, good speed, reliable connection (bbnet) and total freedom (no locked down ports and such).
<10> nowhere decent here does static IP at a cheap price
<5> lol, like me they've blocked 25 :P
<4> Sunblade: also; ethernet modem (if I go with adsl I'll probably keep my current modem, otherwise...) etc.
<11> what kind of tools may be use to watch flooding to my ip ?
<4> prowinxp: tcpdump / ethereal / iptraf / etc.
<10> prowinxp: iptables? There's not much you can do about flooding though, just wait for it to stop
<11> ok thx
<4> Sunblade: right now I pay E36,50/month for 6/1 (that 6mbit feels like 8 ;)). x$ can only offer 4/1 mbit for E39,95 /or/ 8/1 for 59,95 (iirc). So I'm not going to stay there :P
<4> 10/1 mbit on adsl2 for E39,95 (also through bbnet) really appeals to me ;)
<10> I'd have to move to get better than I have now
<4> the fun part is also that common adsl can only go so much. iirc the real upload is 800kbit while adsl2 will raise that to a full 1024.
Return to
#linux
or
Go to some related
logs:
#php
php-based shoutcast server
#chatzone
expecting ssh2_msg_newkeys -received closed
#MissKitten
#asm
#java
kill your parents kill your parents kill your parents then kill yourself
#AllNiteCafe
techraven
|
|